urlscan.io logo urlscan.io
SecurityTrails logo

arsiv.sahadan.com Open in urlscan Pro
77.223.136.105  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sahadan.com/
Effective URL: http://arsiv.sahadan.com/Default.aspx
Submission: On October 05 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 12 countries across 49 domains to perform 286 HTTP transactions. The main IP is 77.223.136.105, located in Turkey and belongs to NETDIREKT-AS, TR. The main domain is arsiv.sahadan.com. The Cisco Umbrella rank of the primary domain is 140379.
This is the only time arsiv.sahadan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 195.244.61.20 43391 (NETDIREKT-AS)
2 77.223.136.105 43391 (NETDIREKT-AS)
51 77.223.147.103 43391 (NETDIREKT-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 82.222.8.80 34984 (TELLCOM-AS)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2 69.192.160.219 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 13.224.189.44 16509 (AMAZON-02)
15 195.244.38.50 43391 (NETDIREKT-AS)
3 2a02:6ea0:c70... 60068 (CDN77 ^_^)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 15 2a00:1450:400... 15169 (GOOGLE)
2 185.102.219.173 60068 (CDN77 ^_^)
3 13.225.78.39 16509 (AMAZON-02)
1 6 188.165.145.88 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.225.78.115 16509 (AMAZON-02)
1 1 3.15.76.72 16509 (AMAZON-02)
1 108.158.153.16 16509 (AMAZON-02)
1 7 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
3 10 2a00:1450:400... 15169 (GOOGLE)
1 185.59.220.199 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.35.236.154 16625 (AKAMAI-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 37.59.195.0 16276 (OVH)
4 146.59.30.108 16276 (OVH)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 15 142.251.39.2 15169 (GOOGLE)
3 7 185.80.39.216 27381 (CASALE-MEDIA)
3 5 37.252.173.62 29990 (ASN-APPNEX)
6 2607:f8b0:400... 15169 (GOOGLE)
1 64.233.167.154 15169 (GOOGLE)
1 10 94.130.102.164 24940 (HETZNER-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.254.127.56 16509 (AMAZON-02)
2 145.239.193.130 16276 (OVH)
2 3 23.205.253.64 16625 (AKAMAI-AS)
1 1 85.239.105.10 16097 (HLKOMM 04...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a0b:4d07:102::1 44239 (PROINITY ...)
1 18.132.138.70 16509 (AMAZON-02)
2 4 142.250.186.166 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
1 13.224.189.29 16509 (AMAZON-02)
1 13.225.78.30 16509 (AMAZON-02)
5 142.250.184.194 15169 (GOOGLE)
1 172.217.16.194 15169 (GOOGLE)
1 185.86.137.131 201081 (SMARTADSE...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 142.250.185.102 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 78.46.85.162 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.134.23.117 16509 (AMAZON-02)
4 88.99.219.174 24940 (HETZNER-AS)
1 2620:116:800d... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 2620:1ec:22::14 8068 (MICROSOFT...)
1 1 52.49.122.80 16509 (AMAZON-02)
1 1 124.146.215.50 2514 (INFOSPHER...)
1 2 23.35.237.56 16625 (AKAMAI-AS)
1 1 185.89.210.244 29990 (ASN-APPNEX)
1 1 23.36.162.83 20940 (AKAMAI-ASN1)
1 13.225.78.35 16509 (AMAZON-02)
286 65
1    195.244.61.20 (Turkey)

ASN43391 (NETDIREKT-AS, TR)
sahadan.com
2    77.223.136.105 (Turkey)

ASN43391 (NETDIREKT-AS, TR)
arsiv.sahadan.com
51    77.223.147.103 (Turkey)

ASN43391 (NETDIREKT-AS, TR)
is.cdn.md
hm.cdn.md
3    2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    82.222.8.80 (Istanbul, Turkey)

ASN34984 (TELLCOM-AS, TR)
PTR: host-82-222-8-80.reverse.superonline.net
b.cdn.md
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.eksiup.com
2    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
5    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    13.224.189.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-44.fra2.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
15    195.244.38.50 (Turkey)

ASN43391 (NETDIREKT-AS, TR)
go.admost.com
run.admost.com
3    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.dimml.io
13    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
15    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
2    185.102.219.173 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-173.datapacket.com
js.duhnet.tv
3    13.225.78.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-39.fra2.r.cloudfront.net
sb.scorecardresearch.com
b.scorecardresearch.com
6    188.165.145.88 (France)

ASN16276 (OVH, FR)
str.hit.gemius.pl
gatr.hit.gemius.pl
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    13.225.78.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-115.fra2.r.cloudfront.net
certify.alexametrics.com
1    3.15.76.72 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-76-72.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    108.158.153.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-153-16.gru3.r.cloudfront.net
abada0b115741742db07108cad8215155.profile.gru3-p3.cloudfront.net
7    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
22    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    185.59.220.199 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-722.bunnyinfra.net
vz-795b4bfd-cff.b-cdn.net
2    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    23.35.236.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-154.deploy.static.akamaitechnologies.com
images.performgroup.com
2    2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    37.59.195.0 (San Javier, Spain)

ASN16276 (OVH, FR)
gatr.hit.gemius.pl
4    146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu
ls.hit.gemius.pl
7    2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
16    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
15    142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net
cm.g.doubleclick.net
7    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
5    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
6    2607:f8b0:4005:813::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net
bid.g.doubleclick.net
10    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal9000.redintelligence.net
hal900012.redintelligence.net
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:6f::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5ednsk.c.2mdn.net
1    34.254.127.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-127-56.eu-west-1.compute.amazonaws.com
baltar.dimml.io
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
3    23.205.253.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-253-64.deploy.static.akamaitechnologies.com
www.awin1.com
1    85.239.105.10 (Eilenburg, Germany)

ASN16097 (HLKOMM 04107 Leipzig, DE)
trf.greatviews.de
4    2606:4700::6813:b979 (United States)

ASN13335 (CLOUDFLARENET, US)
www.parship.de
1    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
1    18.132.138.70 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-138-70.eu-west-2.compute.amazonaws.com
track.webgains.com
4    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    13.224.189.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-29.fra2.r.cloudfront.net
analytics.webgains.io
1    13.225.78.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-30.fra2.r.cloudfront.net
cdn.track.production.webgains.team
5    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
ade.googlesyndication.com
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
googleads4.g.doubleclick.net
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
2    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.blau.de
1    2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
2    18.134.23.117 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
api.webgains.io
4    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
hal900029.redintelligence.net
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.49.122.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-122-80.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    124.146.215.50 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
1    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    23.36.162.83 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-83.deploy.static.akamaitechnologies.com
ui2.awin.com
1    13.225.78.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-35.fra2.r.cloudfront.net
a1.awin1.com
Apex Domain
Subdomains		 Transfer
52 cdn.md
is.cdn.md — Cisco Umbrella Rank: 225352
b.cdn.md — Cisco Umbrella Rank: 317228
hm.cdn.md — Cisco Umbrella Rank: 142521
1 MB
51 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 304
bid.g.doubleclick.net — Cisco Umbrella Rank: 652
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 64431
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390
ad.doubleclick.net — Cisco Umbrella Rank: 219
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 347441
320 KB
47 googlesyndication.com
31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
ade.googlesyndication.com — Cisco Umbrella Rank: 328
266 KB
18 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
224 KB
15 google.com
adservice.google.com — Cisco Umbrella Rank: 136
www.google.com — Cisco Umbrella Rank: 19
2 KB
15 admost.com
go.admost.com — Cisco Umbrella Rank: 43663
run.admost.com — Cisco Umbrella Rank: 58026
18 KB
14 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 34122
hal900012.redintelligence.net — Cisco Umbrella Rank: 259853
hal900029.redintelligence.net — Cisco Umbrella Rank: 348001
59 KB
11 gemius.pl
str.hit.gemius.pl — Cisco Umbrella Rank: 228938
gatr.hit.gemius.pl — Cisco Umbrella Rank: 29029
ls.hit.gemius.pl — Cisco Umbrella Rank: 8598
55 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 311
218 KB
10 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 485
fonts.googleapis.com — Cisco Umbrella Rank: 118
imasdk.googleapis.com — Cisco Umbrella Rank: 456
505 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908
5 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
56 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 334
secure.adnxs.com — Cisco Umbrella Rank: 707
6 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 5221
www.google.de — Cisco Umbrella Rank: 3460
2 KB
4 parship.de
www.parship.de — Cisco Umbrella Rank: 152349
15 KB
4 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15064
a1.awin1.com — Cisco Umbrella Rank: 66563
95 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 364
gcdn.2mdn.net — Cisco Umbrella Rank: 1237
r3---sn-4g5ednsk.c.2mdn.net — Cisco Umbrella Rank: 770369
1 MB
4 dimml.io
cdn.dimml.io — Cisco Umbrella Rank: 41736
baltar.dimml.io — Cisco Umbrella Rank: 64663
9 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 20711
api.webgains.io — Cisco Umbrella Rank: 46559
31 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 40026
medialead.de — Cisco Umbrella Rank: 39849
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
b.scorecardresearch.com — Cisco Umbrella Rank: 5718
5 KB
3 sahadan.com
sahadan.com — Cisco Umbrella Rank: 128175
arsiv.sahadan.com — Cisco Umbrella Rank: 140379
23 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1522
455 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
88 KB
2 duhnet.tv
js.duhnet.tv — Cisco Umbrella Rank: 125992
332 KB
2 cloudfront.net
d31qbv1cthcecs.cloudfront.net
abada0b115741742db07108cad8215155.profile.gru3-p3.cloudfront.net
2 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 786
533 B
2 eksiup.com
cdn.eksiup.com — Cisco Umbrella Rank: 120233
8 KB
1 awin.com
ui2.awin.com — Cisco Umbrella Rank: 70713
100 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1662
1022 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 983
468 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 850
1 KB
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5101
104 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1504
463 B
1 instana.io
eum.instana.io — Cisco Umbrella Rank: 10102
10 KB
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 84065
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 61160
297 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 61298
246 B
1 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 25287
951 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 852
163 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 55047
437 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 39142
2 KB
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 309802
728 B
1 greatviews.de
trf.greatviews.de — Cisco Umbrella Rank: 158702
1 KB
1 performgroup.com
images.performgroup.com — Cisco Umbrella Rank: 32376
5 KB
1 b-cdn.net
vz-795b4bfd-cff.b-cdn.net — Cisco Umbrella Rank: 219897
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
237 B
1 alexametrics.com
certify.alexametrics.com — Cisco Umbrella Rank: 5313
551 B
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1567
13 KB
286 49
Domain Requested by
29 is.cdn.md arsiv.sahadan.com
22 tpc.googlesyndication.com arsiv.sahadan.com
31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
22 hm.cdn.md arsiv.sahadan.com
16 pagead2.googlesyndication.com 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
tpc.googlesyndication.com
arsiv.sahadan.com
securepubads.g.doubleclick.net
www.googletagservices.com
15 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
14 run.admost.com go.admost.com
13 googleads.g.doubleclick.net 1 redirects 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
arsiv.sahadan.com
13 securepubads.g.doubleclick.net cdn.eksiup.com
securepubads.g.doubleclick.net
arsiv.sahadan.com
10 www.google.com 3 redirects arsiv.sahadan.com
31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
tpc.googlesyndication.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 fonts.gstatic.com fonts.googleapis.com
7 www.google-analytics.com 1 redirects arsiv.sahadan.com
www.google-analytics.com
6 csi.gstatic.com www.gstatic.com
5 ade.googlesyndication.com arsiv.sahadan.com
5 hal900012.redintelligence.net 1 redirects 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
hal900012.redintelligence.net
5 hal9000.redintelligence.net 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
hal900012.redintelligence.net
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
5 www.gstatic.com 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
www.gstatic.com
5 adservice.google.com securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
5 fonts.googleapis.com arsiv.sahadan.com
securepubads.g.doubleclick.net
31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
hal900012.redintelligence.net
4 hal900029.redintelligence.net hal9000.redintelligence.net
hal900029.redintelligence.net
4 www.parship.de hal900012.redintelligence.net
www.parship.de
4 ls.hit.gemius.pl str.hit.gemius.pl
ls.hit.gemius.pl
gatr.hit.gemius.pl
4 gatr.hit.gemius.pl 1 redirects arsiv.sahadan.com
gatr.hit.gemius.pl
4 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.awin1.com 2 redirects hal900029.redintelligence.net
3 str.hit.gemius.pl arsiv.sahadan.com
str.hit.gemius.pl
3 adservice.google.de securepubads.g.doubleclick.net
3 cdn.dimml.io arsiv.sahadan.com
cdn.dimml.io
3 ajax.googleapis.com arsiv.sahadan.com
hal900029.redintelligence.net
2 sync.teads.tv 1 redirects 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
2 8019191.fls.doubleclick.net 1 redirects arsiv.sahadan.com
2 api.webgains.io analytics.webgains.io
2 ad.doubleclick.net 2 redirects
2 5994599.fls.doubleclick.net 1 redirects arsiv.sahadan.com
2 pv.medialead.de hal900012.redintelligence.net
31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
2 www.googletagservices.com 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
2 www.google.de arsiv.sahadan.com
2 stats.g.doubleclick.net 1 redirects www.google-analytics.com
2 s0.2mdn.net imasdk.googleapis.com
31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
2 imasdk.googleapis.com arsiv.sahadan.com
imasdk.googleapis.com
2 sb.scorecardresearch.com arsiv.sahadan.com
2 js.duhnet.tv arsiv.sahadan.com
2 tags.bluekai.com 1 redirects arsiv.sahadan.com
2 cdn.eksiup.com arsiv.sahadan.com
cdn.eksiup.com
2 arsiv.sahadan.com arsiv.sahadan.com
1 a1.awin1.com hal900029.redintelligence.net
1 ui2.awin.com 1 redirects
1 secure.adnxs.com 1 redirects
1 tg.socdm.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 dclk-match.dotomi.com 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
1 cms.quantserve.com 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
1 eum.instana.io www.parship.de
1 partner.blau.de
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 as.ad4m.at 1 redirects
1 rtb-csync.smartadserver.com
1 googleads4.g.doubleclick.net arsiv.sahadan.com
1 cdn.track.production.webgains.team 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
1 analytics.webgains.io track.webgains.com
1 medialead.de 1 redirects
1 track.webgains.com arsiv.sahadan.com
1 adv.office-partner.de hal900012.redintelligence.net
1 trf.greatviews.de 1 redirects
1 baltar.dimml.io cdn.dimml.io
1 r3---sn-4g5ednsk.c.2mdn.net 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net www.gstatic.com
1 b.scorecardresearch.com arsiv.sahadan.com
1 images.performgroup.com arsiv.sahadan.com
1 vz-795b4bfd-cff.b-cdn.net arsiv.sahadan.com
1 abada0b115741742db07108cad8215155.profile.gru3-p3.cloudfront.net arsiv.sahadan.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com 1 redirects
1 certify.alexametrics.com arsiv.sahadan.com
1 go.admost.com arsiv.sahadan.com
1 d31qbv1cthcecs.cloudfront.net arsiv.sahadan.com
1 use.fontawesome.com arsiv.sahadan.com
1 b.cdn.md arsiv.sahadan.com
1 sahadan.com 1 redirects
286 83

This site contains links to these domains. Also see Links.

Domain
www.sahadan.com
www.beygir.com
www.mackolik.com
reklamup.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-16 -
2023-05-16		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
certify.alexametrics.com
Amazon		 2022-05-30 -
2023-06-28		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-07 -
2022-11-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2022-09-13 -
2023-09-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
redintelligence.net
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
pv.medialead.de
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
www.parship.de
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-09		 a year crt.sh
adv.office-partner.de
R3		 2022-09-03 -
2022-12-02		 3 months crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-09-29 -
2023-10-28		 a year crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-09 -
2022-12-10		 a year crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh

This page contains 29 frames:

Primary Page: http://arsiv.sahadan.com/Default.aspx
Frame ID: CD11FFD171CAE634CFD11BF2304C3DE0
Requests: 113 HTTP requests in this frame

Frame: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 575C4388F3976D045C3687A925A67CA9
Requests: 1 HTTP requests in this frame

Frame: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Frame ID: 6BA182154E48EA5C2F0F21957AD47EE0
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs
Frame ID: 7B1E234B99233787C57DCCC4160E4004
Requests: 16 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.536.0_tr.html
Frame ID: A78F0ED6A45B102AB15AA71E88192F73
Requests: 1 HTTP requests in this frame

Frame: http://ls.hit.gemius.pl/lsget.html
Frame ID: 65B05ED65D0042391EE0D860D0E3A5D3
Requests: 1 HTTP requests in this frame

Frame: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25BBBBCEEE1F01DABDCBCD347F7E920D
Requests: 42 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html?mode=new
Frame ID: 528E1D8305B4556CBB80C5BFB13D58D2
Requests: 1 HTTP requests in this frame

Frame: http://ls.hit.gemius.pl/lsget.html
Frame ID: 987FF38FC5A12F0217C8215BAD17F2A4
Requests: 1 HTTP requests in this frame

Frame: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DFD75A310FCAC87B8AAB7469B8E01033
Requests: 16 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html?mode=new
Frame ID: E980FBE9972F62D33196B9BAA3961188
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiYmrzGATAB&v=APEucNVwlqlOYO33demLl6kk7TGg1tvYtbUKTAP-mywfvdsJaAxt-35NSNokm-AJn_-Xy_oqZnBGrm5c1DmSJWcKPQLlXXI4Yqddby55gu3SZEMmG8KznIH-a1FJrmsaoykBdFc_1sPrDwm5XKJel-Z1bVbnLUAzDLzYT_8Ml7E35wLxl45ee_i2421j_a_X2AvZmi_xV9lAqdOpqR5ELhRNDzQOjmY9mw
Frame ID: B3F376390CCCB332186EE329887FAB77
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C6595712A3D5BD7F459AD5377043278C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 15B538E0D4F61AE735273BCAAC1A39FC
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=64667200082843704445330012103012&t=htlp
Frame ID: 9AED63C0F9EA288482AFA27E162E96B0
Requests: 1 HTTP requests in this frame

Frame: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID
Frame ID: FE02C017BBCAEAF0B46657EBB5759621
Requests: 5 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: F593F83166377408B4DF1C6966E39B73
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIPzvvK0yfoCFau17Qod0hMAPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=964528918882.5967
Frame ID: 253D556BA9E88F824D860A4ED03758F5
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=64667200082843704445330012103012&a=04ecbd6b
Frame ID: BDB4160DDE43C7C1FDA8A8E5F0914119
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 53028C6DA09F4778FC5CD391B6417053
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 751ECFA2EC4F74580910142E5C222804
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs
Frame ID: 5D7EECD0359044188A0E40D0DD3BE67D
Requests: 13 HTTP requests in this frame

Frame: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B3A3992A8B7614DBBE8D0BDD16F19485
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjKh7zGATAB&v=APEucNWnoigLGeIS7y9LppscxZgjB0ck7WwHH1slhqsoMN2U1Y_PLuYnxzc5tcN1KXdPXknz1qdehqX7jffBjBlfj0etSBYcpQcLPv02DqJ9MdA0bcLI3TlWbfPNpphMWSD_9jW6Xdph30ei53SfstBmhZd3k4ItA3t2dMDZayJLLGK1zc4pjnGW3Udk4g7tLAXZfIHRCDMP5avIF4kenJjwFjCIHWxaBQ
Frame ID: 257B004E96F3390D12180770E4808392
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F491A33FB8005D6306C9DC974672BD85
Requests: 3 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=3202020&v=11601&q=357526&r=113440&pref1=22110300096617304444646012103029&pv=1
Frame ID: 590754628599CADFE3B02D449C878A1A
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJrPifO0yfoCFQSb7QodBYYFyw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9501720839780.758
Frame ID: 5E6C2303BA5BDF29941AB7309E51AD37
Requests: 2 HTTP requests in this frame

Frame: https://hal900029.redintelligence.net/request_content.php?s=22110300096617304444646012103029&a=42723783
Frame ID: 210646CE82B9923DB7E6B67241081A58
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 81D169F309263F27482EB743C089B8B1
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sahadan.com - iddaa, canlı maç sonuçları, maç skorları, puan durumu, spor haberleri, futbol, iddaa programı, istatistikler, İddaa

Page URL History Show full URLs

  1. http://sahadan.com/ HTTP 302
    http://arsiv.sahadan.com/Default.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

286
Requests

58 %
HTTPS

42 %
IPv6

49
Domains

83
Subdomains

65
IPs

12
Countries

5085 kB
Transfer

12090 kB
Size

46
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sahadan.com/ HTTP 302
    http://arsiv.sahadan.com/Default.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • http://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan HTTP 301
  • https://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
Request Chain 94
  • http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png HTTP 302
  • http://abada0b115741742db07108cad8215155.profile.gru3-p3.cloudfront.net/test.png
Request Chain 95
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 119
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 120
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=907685668&utmhn=arsiv.sahadan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&utmhid=2146976674&utmr=-&utmp=%2FDefault.aspx&utmht=1664984040133&utmac=UA-241588-1&utmcc=__utma%3D140208355.1619174177.1664984039.1664984039.1664984039.1%3B%2B__utmz%3D140208355.1664984040.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=905523621&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=907685668&utmhn=arsiv.sahadan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&utmhid=2146976674&utmr=-&utmp=%2FDefault.aspx&utmht=1664984040133&utmac=UA-241588-1&utmcc=__utma%3D140208355.1619174177.1664984039.1664984039.1664984039.1%3B%2B__utmz%3D140208355.1664984040.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=905523621&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-241588-1&cid=1619174177.1664984039&jid=905523621&_v=5.7.2&z=907685668 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-241588-1&cid=1619174177.1664984039&jid=905523621&_v=5.7.2&z=907685668 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-241588-1&cid=1619174177.1664984039&jid=905523621&_v=5.7.2&z=907685668&slf_rd=1&random=2325488942
Request Chain 157
  • https://gatr.hit.gemius.pl/_1664984040439/rexdot.js?l=100&sendf=8&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=aCy8KdS0.iAOuQk0lYLZ3v5mMRyZkyCjh19uZWODd97.B7SMfFbdiVU.OpZH8WTEQ6vzannpqMj0tYK.BVZEBwJYwUsa/MMsuIbBDS2CyA/&ltime=101&fpdata=vu4X9Faf2AvKONBYLDtZ69b1SWSI.cinvFsCuA58ZWv.87&inner=_ver%3D330&lsadd=&fpcap= HTTP 301
  • https://gatr.hit.gemius.pl/__/_1664984040439/rexdot.js?l=100&sendf=8&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=aCy8KdS0.iAOuQk0lYLZ3v5mMRyZkyCjh19uZWODd97.B7SMfFbdiVU.OpZH8WTEQ6vzannpqMj0tYK.BVZEBwJYwUsa/MMsuIbBDS2CyA/&ltime=101&fpdata=vu4X9Faf2AvKONBYLDtZ69b1SWSI.cinvFsCuA58ZWv.87&inner=_ver%3D330&lsadd=&fpcap=
Request Chain 162
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAm9JQwQGxVwrQLWnixcpk&google_cver=1
Request Chain 163
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yz2j6IkAQLTPaHqkkWy3KwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAm9JQwQGxVwrQLWnixcpk&google_cver=1
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPnbp6IQNzo723NYPpD8AM0&google_cver=1
Request Chain 165
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0MzEwMzQ4NDQ5OTAwMDM1
Request Chain 178
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 181
  • https://hal900012.redintelligence.net/request.php?zone=5k5foko8xl42&nw=20&renderingType=javascript&namespace=165af5e300&subid=&uid=2a9fcd210f48043e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqraJ56M9Y6b9NsqS9u8Pm_CmIJumgKJpxZTqi84P8C4QASC6l-0eYJWCgIDAB8gBCakCGkXcm1W6sD6oAwGqBOUBT9CXTybKWKEE68O1oRp6zCWtybIOcRBfkcC393xY6jqYxHbUvFOCSBl0dp9GmIcV2TEqryN3Co7L0cQHtsJDAC0lrW0dvQDrkoHthXJTHo2bxW1Bljrxfrnjk_TL3lQrp8VVotsYdl9HaPriK1kdQ-XabvqXXBf_ivDzd0_vWW9oRhNLoj6cT0qgu5ahfxXpg03J1CMrnxXy_rriNRqwdSSJGxSbkxl4uBg_9Cz7vgYANQilv-W16BBSM115CK9BO9CKxhRTq2JFLIxKLySegRk9p7QAnsIR1mHmIuZrpb4cAqxMVcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTEzODYwOTUyNTM0NTYwNDaACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RodQbBQ9XG-n4WdSUlF61WFiGm5amUgisHs-BIx77m5mq09i3XbA%26sig%3DAOD64_20r7brVHH9cQHbFV8ZFfPyMFi1Ng%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-CSe2koJ1AVHPy9H90WLxO3kMQTHtPa8F770mOKzCLqYBfC1npb_gwEz8vabRjOMNU3aYiKjwCRBLFdKmcoc04o04J4kKFniSyHFwMIYHzJKpQWGF8mLFAb4bOXHIWo9P4cvUl3ADlmo7lxut8TpuTyPMU_cOdmk3ugkE5YMqazxkatsCo%26cry%3D1%26dbm_d%3DAKAmf-B4B99T0d0GsxLFmMVQt9D-43Dys8ndrVkadu1qffYklrVKbVRqR-QMtvJKKhBx1gBRdTmgTGNOOGijUAufj2rmoI856Exy-xczIFFnAJKr_BCQTgX63MSbGsPx2Jt2_LGhCOdG5GNMqtCqFZy-zVAI_c1Lm4AQ5vdjXQPeEj9nLSQy076B2BLynwm6YPumV-trwJhBAVptCwlKxyqxR8k3fxyLLEOQTTqfpIm0JaGpAX-8FBqea79nO-MnKc_4pnmSBMWXogd2zBShTGG6iS609s5hcYpT0cDLgpQDHH_lQK7RqAELIBQW7kSWgKjJF4OusB0S0A2_wMK8x9lQJMdiZ0T0WezboggpFc4_NgTgfiGQGnp_k4SdONiJ5CdvdxnnfScSOJiWvAby9jsHTzCl5bVnj-eUAAS7BDNkR_02mp_D0BTdenXOb5vTffv1I3oCPJuWMpmC_O_Zu5xOhtdm6whu_9Sgbl2RRlzMxBAEnXdg8M1c_JTWsa-g41xcHP5xUaMwhzbDI9r68kxMUcWtOlApjqFXWoMf8Q0Ic5EuIaeaRgI%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=1124871694557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900012.redintelligence.net/request.php?zone=5k5foko8xl42&nw=20&renderingType=javascript&namespace=165af5e300&subid=&uid=2a9fcd210f48043e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqraJ56M9Y6b9NsqS9u8Pm_CmIJumgKJpxZTqi84P8C4QASC6l-0eYJWCgIDAB8gBCakCGkXcm1W6sD6oAwGqBOUBT9CXTybKWKEE68O1oRp6zCWtybIOcRBfkcC393xY6jqYxHbUvFOCSBl0dp9GmIcV2TEqryN3Co7L0cQHtsJDAC0lrW0dvQDrkoHthXJTHo2bxW1Bljrxfrnjk_TL3lQrp8VVotsYdl9HaPriK1kdQ-XabvqXXBf_ivDzd0_vWW9oRhNLoj6cT0qgu5ahfxXpg03J1CMrnxXy_rriNRqwdSSJGxSbkxl4uBg_9Cz7vgYANQilv-W16BBSM115CK9BO9CKxhRTq2JFLIxKLySegRk9p7QAnsIR1mHmIuZrpb4cAqxMVcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTEzODYwOTUyNTM0NTYwNDaACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RodQbBQ9XG-n4WdSUlF61WFiGm5amUgisHs-BIx77m5mq09i3XbA%26sig%3DAOD64_20r7brVHH9cQHbFV8ZFfPyMFi1Ng%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-CSe2koJ1AVHPy9H90WLxO3kMQTHtPa8F770mOKzCLqYBfC1npb_gwEz8vabRjOMNU3aYiKjwCRBLFdKmcoc04o04J4kKFniSyHFwMIYHzJKpQWGF8mLFAb4bOXHIWo9P4cvUl3ADlmo7lxut8TpuTyPMU_cOdmk3ugkE5YMqazxkatsCo%26cry%3D1%26dbm_d%3DAKAmf-B4B99T0d0GsxLFmMVQt9D-43Dys8ndrVkadu1qffYklrVKbVRqR-QMtvJKKhBx1gBRdTmgTGNOOGijUAufj2rmoI856Exy-xczIFFnAJKr_BCQTgX63MSbGsPx2Jt2_LGhCOdG5GNMqtCqFZy-zVAI_c1Lm4AQ5vdjXQPeEj9nLSQy076B2BLynwm6YPumV-trwJhBAVptCwlKxyqxR8k3fxyLLEOQTTqfpIm0JaGpAX-8FBqea79nO-MnKc_4pnmSBMWXogd2zBShTGG6iS609s5hcYpT0cDLgpQDHH_lQK7RqAELIBQW7kSWgKjJF4OusB0S0A2_wMK8x9lQJMdiZ0T0WezboggpFc4_NgTgfiGQGnp_k4SdONiJ5CdvdxnnfScSOJiWvAby9jsHTzCl5bVnj-eUAAS7BDNkR_02mp_D0BTdenXOb5vTffv1I3oCPJuWMpmC_O_Zu5xOhtdm6whu_9Sgbl2RRlzMxBAEnXdg8M1c_JTWsa-g41xcHP5xUaMwhzbDI9r68kxMUcWtOlApjqFXWoMf8Q0Ic5EuIaeaRgI%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=1124871694557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 183
  • https://gcdn.2mdn.net/videoplayback/id/265a859ffabaa7f2/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779596423/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6D0711493CC0A51DC6FDB3EE8F8ABEAA37F9EC67.143901060304515A279F032BE16892B73E72E3E3/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/265a859ffabaa7f2/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779596423/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/56B00892FF8625C6105FAD8C250C145AA3E961A2.6BFFE82DBE965C9BF8849D4A60EA8060E4582CE6/key/cms1/cms_redirect/yes/mh/UY/mip/2a02:6ea0:c71b:0:1012:22f8:5f88:586a/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1664983219/mv/u/mvi/3/pl/48/file/file.mp4
Request Chain 195
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=64667200082843704445330012103012&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID
Request Chain 198
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=964528918882.5967 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CIPzvvK0yfoCFau17Qod0hMAPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=964528918882.5967
Request Chain 200
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64667200082843704445330012103012 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64667200082843704445330012103012
Request Chain 216
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDRyVUY-53PuAEgATAB&v=APEucNVmuW4YzpNLPG8mSB2xoGu15H4suYzpgccGOqseekThCPMDorVIZzgQlosbleOZR6MCSONIGYimsSYUlPAWPHNLRtAHLg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGK7iCPrSQgF2LzY3Nb5AC8&google_cver=1
Request Chain 218
  • https://as.ad4m.at/ad/tai?a=158504&b=3&c=3&d=2&e=775&f=&g=dbmvidnat_Mweb_allnet&h=&gdpr=&gdpr_consent=&gdpr_pd= HTTP 307
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117667V1225131106M%26subid%3DviewoneidzmwaRfYfkP6GfeCQtMtqtzzpaVSZtDfWoneid__dbmvidnat_Mweb_allnet%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CJGI1vK0yfoCFUOZ_QcdYAgAXw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117667V1225131106M%26subid%3DviewoneidzmwaRfYfkP6GfeCQtMtqtzzpaVSZtDfWoneid__dbmvidnat_Mweb_allnet%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=viewoneidzmwaRfYfkP6GfeCQtMtqtzzpaVSZtDfWoneid__dbmvidnat_Mweb_allnet&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=viewoneidzmwaRfYfkP6GfeCQtMtqtzzpaVSZtDfWoneid__dbmvidnat_Mweb_allnet&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022100517340177152463023X117667V1225131106MSviewoneidzmwaRfYfkP6GfeCQtMtqtzzpaVSZtDfWoneid__dbmvidnat_Mweb_allnet&gdpr_consent=&gdpr=0&cons=0
Request Chain 234
  • http://www.google-analytics.com/collect?v=1&_v=j98&a=2146976674&t=event&_s=2&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Detect&ea=NotFound&el=div%20visible%20with%20attribute%3A%20zero_attr-clientWidth&ev=6&_utma=140208355.1619174177.1664984039.1664984039.1664984039.1&_utmz=140208355.1664984040.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1664984041428&_u=CACCAEABAAAAACAAI~&jid=&gjid=&cid=1619174177.1664984039&tid=UA-241588-1&_gid=731457352.1664984040&z=1510442166 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j98&a=2146976674&t=event&_s=2&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Detect&ea=NotFound&el=div%20visible%20with%20attribute%3A%20zero_attr-clientWidth&ev=6&_utma=140208355.1619174177.1664984039.1664984039.1664984039.1&_utmz=140208355.1664984040.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1664984041428&_u=CACCAEABAAAAACAAI~&jid=&gjid=&cid=1619174177.1664984039&tid=UA-241588-1&_gid=731457352.1664984040&z=1510442166
Request Chain 248
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJh3t6HXWLxXgaq04WxZuNc&google_cver=1
Request Chain 258
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yz2j6IkAQLTPaHqkkWy3KwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJh3t6HXWLxXgaq04WxZuNc&google_cver=1
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECvxeIDBDWXcPRR0nIwkUcQ&google_cver=1
Request Chain 260
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0MzEwMzQ4NDQ5OTAwMDM1
Request Chain 271
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9501720839780.758 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CJrPifO0yfoCFQSb7QodBYYFyw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9501720839780.758
Request Chain 277
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEAr5-RbkQawv3oHMgyd6XYQ&google_cver=1&google_push=AZmPxg_BpXr-RNmCJ_ujvjrrAz9M6ZcmgUSac6TPWDtyH9bwLRwZNOml_2rbCueZHUBuTY9ulee55mbd2vZOby7VMTrG2J-XYvI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_BpXr-RNmCJ_ujvjrrAz9M6ZcmgUSac6TPWDtyH9bwLRwZNOml_2rbCueZHUBuTY9ulee55mbd2vZOby7VMTrG2J-XYvI
Request Chain 278
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEHF-GLZEk2DcM2S81dDUm1U&google_cver=1&google_push=AZmPxg-uozJdpSCXVXrl9dsNBIFO87tgO98bPDE1p65G7SC1s_Jo4g3UMapkMPyWyzgv_Axc7k3HQh8r6sZGW6vUScALhm0vIzU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-uozJdpSCXVXrl9dsNBIFO87tgO98bPDE1p65G7SC1s_Jo4g3UMapkMPyWyzgv_Axc7k3HQh8r6sZGW6vUScALhm0vIzU&google_hm=ZzEyYTU3ZDM1ZWU1YmM1ZjYyNDk=
Request Chain 279
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEdOx12St2egXge8k2r38FY&google_cver=1&google_push=AZmPxg_GxPZyewURzebgI1mbR7nJJmxg3k8XHgrvIG1OwO8uYNxa-t89gkyqAqZu75WjvgWnFHky76jwHqqnm3lYE2i3Qkoyag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg_GxPZyewURzebgI1mbR7nJJmxg3k8XHgrvIG1OwO8uYNxa-t89gkyqAqZu75WjvgWnFHky76jwHqqnm3lYE2i3Qkoyag&google_hm=WXoyajZzQ284WDBBQUNKSTZJVUFBQUFB
Request Chain 280
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELzk6VHJMI9UbrZxj8mpxE8&google_cver=1&google_push=AZmPxg_2m72G5e8BtqSBs22pznmtKwhk2Gy-jlZWlHQ4PkHnJL2WnP2flw4SPIL_mkDCNCExFuAawHHMIx97zt7Kt76rFuLc-XM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AZmPxg_2m72G5e8BtqSBs22pznmtKwhk2Gy-jlZWlHQ4PkHnJL2WnP2flw4SPIL_mkDCNCExFuAawHHMIx97zt7Kt76rFuLc-XM HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 281
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELT7q07hN_m_5g9QrsPjTaM&google_cver=1&google_push=AZmPxg9PFCkIZVX47Tg0hbUPhRpMiVRtD10iJ1LWPDlmiAZx0bDr_adYm84_sAKEbbNCL2PI6HtVRyscS7bSuTcHWXJtZ-IKqvFF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM0MzEwMzQ4NDQ5OTAwMDM1&google_gid=CAESELT7q07hN_m_5g9QrsPjTaM&google_cver=1&google_push=AZmPxg9PFCkIZVX47Tg0hbUPhRpMiVRtD10iJ1LWPDlmiAZx0bDr_adYm84_sAKEbbNCL2PI6HtVRyscS7bSuTcHWXJtZ-IKqvFF
Request Chain 284
  • https://www.awin1.com/cshow.php?s=3202020&v=11601&q=357526&r=113440&pref1=22110300096617304444646012103029&pv=0 HTTP 302
  • https://ui2.awin.com/ads/awin/11601/imgbanneraktion-160x600-1661866287204.jpg HTTP 301
  • https://a1.awin1.com/ads/awin/11601/imgbanneraktion-160x600-1661866287204.jpg

286 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Default.aspx
arsiv.sahadan.com/
Redirect Chain
  • http://sahadan.com/
  • http://arsiv.sahadan.com/Default.aspx
67 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.105 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s5) / ASP.NET
Resource Hash
17ef511e2faf2b0eb9cbc20d5fdce977076b9f2da8036e6b7fbdcb2103c2a57a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
public, max-age=193
Connection
keep-alive
Content-Encoding
gzip
Content-Length
15994
Content-Type
text/html; charset=utf-8
Date
Wed, 05 Oct 2022 15:33:56 GMT
Expires
Wed, 05 Oct 2022 15:18:21 GMT
Last-Modified
Wed, 05 Oct 2022 15:15:01 GMT
Server
CCAcc (1.0.1/nvm-istm-s5)
Vary
Accept-Encoding
X-AspNet-Version
2.0.50727
X-Powered-By
ASP.NET
X-US
HIT
s
88
sloc
593

Redirect headers

Connection
keep-alive
Content-Length
145
Content-Type
text/html
Date
Wed, 05 Oct 2022 15:33:58 GMT
Location
http://arsiv.sahadan.com/Default.aspx
Server
nginx/1.19.5
Master.css
is.cdn.md/i4/Css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/Master.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
b3f2e69fff634830a400c124c00dd5c97f023d6154a03aa9ec9a5eb690c9f196

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Apr 2013 14:18:50 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"eae97297630ce1:0"
ntCoent-Length
18666
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
3302
Expires
Fri, 04 Nov 2022 15:33:56 GMT
Menu.css
is.cdn.md/i4/Css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/Menu.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
b4a7ef9af3af11bb37d635bfed849032d26ef1cd51095cff7e664fcddf9e114c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Mar 2013 13:55:00 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"c92e784bb20ce1:0"
ntCoent-Length
4277
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1143
Expires
Fri, 04 Nov 2022 15:33:56 GMT
master2.css
is.cdn.md/i4/Css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/master2.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
e62af54a296f56631510f41fe04abc6fdb1b703d6e2968a50a6741c5aac93ea0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Cteonnt-Length
23574
Date
Wed, 05 Oct 2022 15:33:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Nov 2016 15:56:11 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"2d3995f32140d21:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
4340
Expires
Fri, 04 Nov 2022 15:33:56 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.4/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 03:34:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
129583
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
27266
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Wed, 04 Oct 2023 03:34:15 GMT
master.js
is.cdn.md/i4/Js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/master.js?v=2.7.61
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
c21a3f821b4d312076f3a473f9e741b53658761b5f0886873e12039eb5190cbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jul 2019 13:18:39 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
W/"2978c94e2242d51:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
s
84
Expires
Fri, 04 Nov 2022 15:33:56 GMT
advertisement.js
b.cdn.md/admost/ 		34 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
http://b.cdn.md/admost/advertisement.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.80 Istanbul, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-80.reverse.superonline.net
Software
CCAcc (1.0.1/istk-s1) / ASP.NET
Resource Hash
cb9404060fda4757f932c63af8efa23cb6088538410793e9ce068f0d1818df51
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Tue, 06 Oct 2015 08:49:58 GMT
Server
CCAcc (1.0.1/istk-s1)
ETag
"90556fb130d11:0"
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34
Expires
Fri, 04 Nov 2022 15:33:57 GMT
rupsahadan.com.arsiv.js
cdn.eksiup.com/api/special/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eksiup.com/api/special/rupsahadan.com.arsiv.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d731a0b67521f56a398187ed988cf3ba1a6f679b3ba293576c522d3d32047130

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:33:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3312
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 10 Mar 2022 14:39:33 GMT
server
cloudflare
etag
W/"622a0da5-2dbe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LfXr%2FnkO%2FmS2mVIAo3we5vGX6qtkxgitW8K%2FsK9LSDE6UNMwMTFWpMQpniLuKNuZ%2FTXHbqCO0A%2FUdV3lGIn4hLbBdEGP%2FucLDfZKokzkzpRBqA0HyN0rdbEDUt1fTAQAFgDAF6TppK8xNFf7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
755738051d459a3b-FRA
expires
Thu, 17 Mar 2022 15:12:17 GMT
galleryview.css
is.cdn.md/i4/Css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/galleryview.css?v=1.20.07
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
cecaa3c6afa068e141ee4972e5449634fb581b3447bfa6169d3c038d2450a5e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Cteonnt-Length
2847
Date
Wed, 05 Oct 2022 15:33:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2013 13:42:31 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"a96a2d15f5b9ce1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1148
Expires
Fri, 04 Nov 2022 15:33:56 GMT
jquery.galleryview-1.1.js
is.cdn.md/i4/Js/jquery-galleryview-1.1/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/jquery-galleryview-1.1/jquery.galleryview-1.1.js?v=1.20.06
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
9e0475bc6b5858f1d4d16178f48f9993fc45ecd976c9c147330ed300fc220c51

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Apr 2013 09:13:55 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
W/"a643d137de3cce1:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
s
84
Expires
Fri, 04 Nov 2022 15:33:56 GMT
jquery.timers-1.1.2.js
is.cdn.md/i4/Js/jquery-galleryview-1.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/jquery-galleryview-1.1/jquery.timers-1.1.2.js?v=1.20.06
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
e9ef8c5630768eac23544ef13c37e2158f1508b43657a11f482c6dbdf2ffad79

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Apr 2013 07:48:19 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
W/"8d371e42d23cce1:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
s
84
Expires
Fri, 04 Nov 2022 15:33:56 GMT
jquery.easing.1.3.js
is.cdn.md/i4/Js/jquery-galleryview-1.1/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/jquery-galleryview-1.1/jquery.easing.1.3.js?v=1.20.06
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Apr 2013 07:48:17 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
W/"bbc95841d23cce1:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
s
84
Expires
Fri, 04 Nov 2022 15:33:56 GMT
HomeScores2.js
is.cdn.md/i4/Js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/HomeScores2.js?v=1.20.07
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
a81cecefe8865615fe3e4c8858e69f1d92f4cff8a56095d2c57bdfb61fb07439

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2013 16:33:42 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
W/"9f80fe70d7e6ce1:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
s
84
Expires
Fri, 04 Nov 2022 15:33:56 GMT
gunun-maci-style.css
is.cdn.md/i4/Css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/gunun-maci-style.css?v=1.20.08
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
3ea5f5e57bcdba2a5925058f077a3c016ac0c03d940a9866f82bddd5bf150dd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Aug 2015 11:01:52 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"b68be9e37dbd01:0"
ntCoent-Length
4225
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1024
Expires
Fri, 04 Nov 2022 15:33:56 GMT
turkiye-hirvatistan-voleybol-dunya-sampiyonasi-29092022-b.jpg
hm.cdn.md/img/haberbuyuk/t/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/t/turkiye-hirvatistan-voleybol-dunya-sampiyonasi-29092022-b.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
dba74544c15f57cd96359f59fcc118e2e39a1b3fff3123dca2f32ce838ecb33f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Thu, 29 Sep 2022 16:46:53 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"f0822e1423d4d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64116
Expires
Fri, 04 Nov 2022 15:33:56 GMT
MertHakanYandas_Fenerbahce_golsevinci_2022-23_B.jpeg
hm.cdn.md/img/haberbuyuk/M/ 		312 KB
312 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/M/MertHakanYandas_Fenerbahce_golsevinci_2022-23_B.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
92caaaf854584eb93b0d007a93e0c4c438f8136ad4932edf58a6c83da611ad00

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:28:44 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"1055e7c5c6d8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
319412
Expires
Fri, 04 Nov 2022 15:33:56 GMT
EmreBelozoglu_Basaksehir_2022-23_yakin_B.jpeg
hm.cdn.md/img/haberbuyuk/E/ 		243 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/E/EmreBelozoglu_Basaksehir_2022-23_yakin_B.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
16ac5f05c34c7c36e84e366c4048afb61fb7886c96cf6764da9f9d9916a87bf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Wed, 05 Oct 2022 15:16:22 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"b010926dcdd8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
248416
Expires
Fri, 04 Nov 2022 15:33:56 GMT
sadio-mane-bayern-10052022-b.jpg
hm.cdn.md/img/haberbuyuk/s/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/s/sadio-mane-bayern-10052022-b.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
487c01ecc966766eb7f3619d55bed1960a857e2a88ed35bbd59bad6f45d048d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:46:14 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"b072b537c9d8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46689
Expires
Fri, 04 Nov 2022 15:33:56 GMT
FIFADunyaKupasi_kupa_B.jpeg
hm.cdn.md/img/haberbuyuk/F/ 		258 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/F/FIFADunyaKupasi_kupa_B.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
1c117db733062d719ab13893c5610a6c7119297d1b32105ac2f5f2a57b4fc926

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Sun, 17 Oct 2021 07:20:13 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"d0a6436d27c3d71:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
264680
Expires
Fri, 04 Nov 2022 15:33:56 GMT
turkiye-hirvatistan-voleybol-dunya-sampiyonasi-29092022-k.jpg
hm.cdn.md/img/haber/t/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/t/turkiye-hirvatistan-voleybol-dunya-sampiyonasi-29092022-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
7688a1c1a7ec22b7b4a4b6f7f23f66236f38a7e9a814627a5d00b6392263b6e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Thu, 29 Sep 2022 16:46:53 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"f0822e1423d4d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7295
Expires
Fri, 04 Nov 2022 15:33:56 GMT
MertHakanYandas_Fenerbahce_golsevinci_2022-23_k.jpeg
hm.cdn.md/img/haber/M/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/M/MertHakanYandas_Fenerbahce_golsevinci_2022-23_k.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
aa375c9d8594075036cfab0100df40326469b2f875de5610fe8077bbf77ee57c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:28:44 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"5092e2c5c6d8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28511
Expires
Fri, 04 Nov 2022 15:33:56 GMT
EmreBelozoglu_Basaksehir_2022-23_yakin_k.jpeg
hm.cdn.md/img/haber/E/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/E/EmreBelozoglu_Basaksehir_2022-23_yakin_k.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
23c6ff27e2823ac5bff095ef9ab427b04db7a5e7af1d7cc75e12c7c911d9983b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Wed, 05 Oct 2022 15:16:22 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"50af8f6dcdd8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18981
Expires
Fri, 04 Nov 2022 15:33:56 GMT
sadio-mane-bayern-10052022-k.jpg
hm.cdn.md/img/haber/s/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/s/sadio-mane-bayern-10052022-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
035bc7a9b73d7cfcc86c1ff802a860de23e7c0bf6fcbd4dbde722a3468f47006

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:46:14 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"b072b537c9d8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5632
Expires
Fri, 04 Nov 2022 15:33:56 GMT
FIFADunyaKupasi_kupa_k.jpeg
hm.cdn.md/img/haber/F/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/F/FIFADunyaKupasi_kupa_k.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
04a1cd06115f2def20313e09fe4af55a14ca175e762988a3847417e0d8f6ed47

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Sun, 17 Oct 2021 07:20:13 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"10e43e6d27c3d71:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20771
Expires
Fri, 04 Nov 2022 15:33:56 GMT
galatasarayu19-10052022-k.jpg
hm.cdn.md/img/haber/g/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/g/galatasarayu19-10052022-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
fca8ce5b63454588162eed0c873ffb9837b3c305bae8e5627989d3a851eda2e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Wed, 05 Oct 2022 14:47:24 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"707cc161c9d8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7546
Expires
Fri, 04 Nov 2022 15:33:56 GMT
riza-calimbay-sivasspor-basin-toplantisi-05102022-k.jpg
hm.cdn.md/img/haber/r/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/r/riza-calimbay-sivasspor-basin-toplantisi-05102022-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
1702a9f1b4dc874c1f3031c66983d3cb9b8e268c09ea0634510383ef95bc73f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Wed, 05 Oct 2022 12:50:52 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"50d9eb19b9d8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
58399
Expires
Fri, 04 Nov 2022 15:33:56 GMT
bursaspor-logo-07292020-k.jpg
hm.cdn.md/img/haber/b/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/b/bursaspor-logo-07292020-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
56c38a936e96b9666fa72f322bc23685f1cea12805219d881bb99259538fb91e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Last-Modified
Wed, 29 Jul 2020 18:05:58 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"d0b8ee9d265d61:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6723
Expires
Fri, 04 Nov 2022 15:33:57 GMT
tff-hakem-gorsel-2022-23-sezonu-k.jpg
hm.cdn.md/img/haber/t/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/t/tff-hakem-gorsel-2022-23-sezonu-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
121ae86017bb1f29119cc1eb5649be9ff1fca0766c37b2a9eeec4e981990a307

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Last-Modified
Wed, 05 Oct 2022 10:32:13 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"f04c86bba5d8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35896
Expires
Fri, 04 Nov 2022 15:33:57 GMT
jorge-jesus-basin-toplantisi-avrupa-ligi-05102022-k.jpg
hm.cdn.md/img/haber/j/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/j/jorge-jesus-basin-toplantisi-avrupa-ligi-05102022-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
4f6afecd3822b010be6a51478e8a97556f63d1199b43a139543af84ec33dad6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Last-Modified
Wed, 05 Oct 2022 10:51:54 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"f0e9717ba8d8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7089
Expires
Fri, 04 Nov 2022 15:33:57 GMT
ismail-yuksek-avrupa-ligi-basin-toplantisi-05102022-k.jpg
hm.cdn.md/img/haber/i/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/i/ismail-yuksek-avrupa-ligi-basin-toplantisi-05102022-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
03476d1678f85e3ff8b5265c78c7caa0fff3bb82e8ea71ec0e58844ed3914c6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Last-Modified
Wed, 05 Oct 2022 10:55:33 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"1061dffda8d8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7278
Expires
Fri, 04 Nov 2022 15:33:57 GMT
hakan-calhanoglu-04102022-k.jpg
hm.cdn.md/img/haber/h/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/h/hakan-calhanoglu-04102022-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
607e4da1c02751a1a410252976fd2ac1008ad4d2f6be77a93b8047d55ef7e691

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Last-Modified
Wed, 05 Oct 2022 13:41:40 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"1035fb32c0d8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6212
Expires
Fri, 04 Nov 2022 15:33:57 GMT
thy-euroleague-kupa-k.jpg
hm.cdn.md/img/haber/t/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/t/thy-euroleague-kupa-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
c829b10207ab4ac7c70a5358e75be2dc56cabb752085d5a1bfc531432edd2448

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Last-Modified
Thu, 19 May 2022 07:03:31 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"f0978e8c4e6bd81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5516
Expires
Fri, 04 Nov 2022 15:33:57 GMT
Sydney%20United-Macarthur-penalti-vurusu-k.jpg
hm.cdn.md/img/haber/S/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/S/Sydney%20United-Macarthur-penalti-vurusu-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
15787640cfad6eed68e8b369869bf42a15b1ccd95ad1d976607ef7759710435c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Last-Modified
Wed, 05 Oct 2022 10:58:10 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"70db885ba9d8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8455
Expires
Fri, 04 Nov 2022 15:33:57 GMT
SuperLig_logo_2022_k.jpeg
hm.cdn.md/img/haber/S/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/S/SuperLig_logo_2022_k.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
1694d5d52547530f2cc3feb29cb467a5a749e8ff702c26b21d237fbd8a9edc6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Last-Modified
Fri, 05 Aug 2022 09:36:46 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"b0f069e1aea8d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16074
Expires
Fri, 04 Nov 2022 15:33:57 GMT
RealMadrid_2015_EuroLeague_sampiyonluktoreni_kupa_toren_k.jpeg
hm.cdn.md/img/haber/R/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/R/RealMadrid_2015_EuroLeague_sampiyonluktoreni_kupa_toren_k.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
988e335e1e417630ca5579e4dca36d7f6582e6521cd5c934c5608ac32b12058d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Last-Modified
Tue, 17 May 2022 09:17:05 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"d0be5e0ce69d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34153
Expires
Fri, 04 Nov 2022 15:33:57 GMT
galatasaray-kasimpasa-kerem-akturkoglu-gol-sevinci-24072022-k.jpg
hm.cdn.md/img/haber/g/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/g/galatasaray-kasimpasa-kerem-akturkoglu-gol-sevinci-24072022-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) / ASP.NET
Resource Hash
e5774d459aad81e96c4ebf256bf1c62436707f09b022083d8719fdfeba1b3957

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Last-Modified
Sun, 24 Jul 2022 19:20:49 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"2017697b929fd81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6715
Expires
Fri, 04 Nov 2022 15:33:57 GMT
38238
tags.bluekai.com/site/
Redirect Chain
  • http://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
  • https://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
62 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:33:59 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
27a8
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Location
https://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
Date
Wed, 05 Oct 2022 15:33:59 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
jquery.autocomplete.css
is.cdn.md/i4/Css/jquery-autocomplete/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/jquery-autocomplete/jquery.autocomplete.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9bcc622da74d5b781d9449ceb10c2dcbcc614838d01a93923556200b67fb37e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 05 Oct 2022 14:59:29 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 05 Oct 2022 15:33:59 GMT
jquery-ui-1.8.23.custom.min.js
is.cdn.md/i4/Js/jquery-ui-1.8.23.custom/js/ 		200 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/jquery-ui-1.8.23.custom/js/jquery-ui-1.8.23.custom.min.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
b04b12cadf378663dd825a3554cc04856238b223260bc77e20aaf54923f649fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Aug 2022 14:30:19 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
W/"33e64bfb3d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
s
84
Expires
Fri, 04 Nov 2022 15:33:56 GMT
jquery-ui-1.8.20.custom.css
is.cdn.md/i4/Js/jquery-ui-1.8.20.custom/css/custom-theme/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/jquery-ui-1.8.20.custom/css/custom-theme/jquery-ui-1.8.20.custom.css
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
4b6ee1b60d99686cc425241e8b26d22d79843b31258b90c14b06d420d0ea9639

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Cteonnt-Length
33910
Date
Wed, 05 Oct 2022 15:33:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Aug 2022 14:30:19 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"9ca2baafb3d81:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
6537
Expires
Fri, 04 Nov 2022 15:33:56 GMT
all.css
use.fontawesome.com/releases/v5.15.4/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/css/all.css
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

Referer
http://arsiv.sahadan.com/
Origin
http://arsiv.sahadan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:33:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6XDAN391V0VNC8CJ
age
1387004
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
MMwp+tbsUa9Vmu0MhO66g2n7Hvk5pTqwDkBdnVigSO8WTar8y4reXXrFRHuZ9LXzUJa9SZ2PZ/A=
last-modified
Wed, 04 Aug 2021 20:43:22 GMT
server
cloudflare
etag
W/"ecd507b3125edc4d2a03aa6ae5d07da9"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUNbkkusLO9%2FyJdY0pm%2FgOuHwTAuaPb%2BK0ccp7hX%2F4QeicRiG%2FAS4fQvVBnpB22j98EAv5XWVKWEIOzBbRsxG4UwkO4BLhYVhkcN9T%2BA21111oTc0R2BJ8Uy6l2E6NDqYi2d7iWyNLtfwA5IuSQ7Bjp9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
75573804fb7e9bee-FRA
footer-ico.png
is.cdn.md/i4/Img/index/ 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/footer-ico.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
e444291a8eb00c0786a77e8b783c318b2d77db35e6715aff504a46d8e64b3335

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"48366ecc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
946
Expires
Fri, 04 Nov 2022 15:33:56 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-44.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 06 Jun 2022 06:04:40 GMT
Content-Encoding
gzip
Via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
10488560
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=26920000
Connection
keep-alive
X-Amz-Cf-Id
6m2ApLThI7MdS6wt5R6eSnEHmU47Tc9SRsY-eadfEhwP1SNku9jJug==
adblockDetectorWithGA.js
is.cdn.md/i4/Js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/adblockDetectorWithGA.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
14ee0390722dba1d6e95b766412095d436df22f30b83dfbb9cb38fde3cd72c95

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Dec 2016 10:14:45 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
W/"b31f20bdbb4bd21:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
s
84
Expires
Fri, 04 Nov 2022 15:33:56 GMT
admost.js
go.admost.com/adx/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
3dfb78d105e89ffe3359c30a219301b46640e01cb726e00693b9a1e745b678b8

Request headers

Referer
http://arsiv.sahadan.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:33:59 GMT
Last-Modified
Wed, 10 Mar 2021 15:26:32 GMT
Server
haproxy-go
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
3985
Expires
-1
dimml.js
cdn.dimml.io/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dimml.io/dimml.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
53d94d99aea6bce949af941217303245057b545dc1b96252f610a57f56a6226a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Wed, 05 Oct 2022 15:33:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-Cache
HIT
X-77-Cache
HIT
Connection
keep-alive
X-Age
36511
X-77-NZT
AZySIRDxBpv/n44AAA
X-Accel-Expires
@1665033928
Server
CDN77-Turbo
ETag
W/"12ff34910278"
X-77-NZT-Ray
oENnr59/tvI
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=86400
Expires
Thu, 6 Oct 2022 05:25:28 GMT
get.ashx
run.admost.com/adx/ 		930 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=46730&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
53ef9e8412836d3dce42ef6d118d1f55a593d35c8af0771d33e3419177e59253

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:33:59 GMT
Server
haproxy-go
Var
s:go917;c:1;e:41;hc:13;r:>473075-328645-46730-0;cs:cp:cache_z_46730_*_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
930
Expires
-1
bg.jpg
is.cdn.md/i4/Img/index/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/bg.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
f8c438d279c6bd38c07d7713ec638668b54cbb2b2e55d01e3a7ba28f144365ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"3d5360cc22ace1:0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
88304
Expires
Fri, 04 Nov 2022 15:33:56 GMT
header-bg.png
is.cdn.md/i4/Img/index/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/header-bg.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
3f71c7e1467e9bac745ba1f27ec773b77b04b551e3b48eae8447a14c43aefc0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"69ce70cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1116
Expires
Fri, 04 Nov 2022 15:33:56 GMT
logo.png
is.cdn.md/i4/Img/index/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/logo.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
96c0598f9fe9df975d595a6ba24ebff8c1bd6fe14902dd37b2ebb639daedf5bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"50f782cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
17985
Expires
Fri, 04 Nov 2022 15:33:56 GMT
menu-bg.png
is.cdn.md/i4/Img/index/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-bg.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
e4bc697496bb350dee2dd90f94e8454e52a371f64121a5565f0a54652a0716e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"718f85cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1109
Expires
Fri, 04 Nov 2022 15:33:56 GMT
menu-selected-bg2.png
is.cdn.md/i4/Img/index/ 		954 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-selected-bg2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
fddc433f7cc747ef4fe82c66486feb8783af32e11f590cf4bb46708b8ec05418

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Thu, 18 Apr 2013 14:50:07 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"afa8c34443cce1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
954
Expires
Fri, 04 Nov 2022 15:33:56 GMT
menu-border.png
is.cdn.md/i4/Img/index/ 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-border.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
a314bd0381551764a32150f16251feccf4184b14859eadec2e06cb0d35d4681e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"d77986cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
931
Expires
Fri, 04 Nov 2022 15:33:56 GMT
menu-bar-bg2.png
is.cdn.md/i4/Img/index/ 		969 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-bar-bg2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
aa2cb8a5241d24ae98bad193afc76ca3b5437f2d95c62c7c49dbdc9ad6a2fac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Thu, 18 Apr 2013 14:50:07 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"578ebd4443cce1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
969
Expires
Fri, 04 Nov 2022 15:33:56 GMT
menu-arrow2.png
is.cdn.md/i4/Img/index/ 		953 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-arrow2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
ded1d9b7817a8247c96877fb6bfef1f651d94018cc4df64f298209867a4307e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Thu, 18 Apr 2013 14:59:21 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"a6a74f453cce1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
953
Expires
Fri, 04 Nov 2022 15:33:56 GMT
26cdb049e31383392e52f2ce80740946a255faeb.js
cdn.dimml.io/static/ 		611 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dimml.io/static/26cdb049e31383392e52f2ce80740946a255faeb.js
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
34667fc83e3f4d9ff6080d44c4fc4dd87e0d3a6a8d680dbd3adb05a73d99f590

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Wed, 05 Oct 2022 15:33:59 GMT
Content-Encoding
gzip
X-DimML-Version
2.2 vH8ffFv9
Transfer-Encoding
chunked
X-Cache
HIT
X-77-Cache
HIT
Connection
keep-alive
X-Age
35
X-77-NZT
AZySIRCiydL/IwAAAA
X-Accel-Expires
@1664984064
Server
CDN77-Turbo
ETag
W/"7c9fbe5f9b40"
X-77-NZT-Ray
Gt8yVpVLT6Y
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=60
Expires
Wed, 5 Oct 2022 15:34:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/special/rupsahadan.com.arsiv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dce527399393dc3ad9b311a552545d55d6be11c3b553968ae40a67b7837d6c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27675
x-xss-protection
0
server
sffe
etag
"1354 / 545 of 1000 / last-modified: 1664967889"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 05 Oct 2022 15:33:59 GMT
get.ashx
run.admost.com/adx/ 		23 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=18834&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:33:59 GMT
Server
haproxy-go
Var
s:go917;c:1;e:35;hc:22
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
23
Expires
-1
pubads_impl_2022092901.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54a6606bed93bee86d6763cdc2f435c3501de5b129044f7896fda2080e9d5caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 13:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130415
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 08:35:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Oct 2023 13:31:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		284 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ce26ce6b24e357e956a71f5651702de3968153ecbb7a097f3cfe45bd0055d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
152
x-xss-protection
0
expires
Wed, 05 Oct 2022 15:33:59 GMT
sahinterstitial.js
cdn.eksiup.com/api/interstitial/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eksiup.com/api/interstitial/sahinterstitial.js
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/special/rupsahadan.com.arsiv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d93e17588f48e21f0f1e47e57d6019e748b2b5625796708ccf7767ddc7c9db70

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:33:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2403
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Oct 2021 09:29:22 GMT
server
cloudflare
etag
W/"61600f72-18df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHyDk2Gisoe8fhmO7FsEgiOSkLDQTjzBV1ufx3vjnzAs%2BlDxtx9FvkODuuJLkbfzbpJXocxalBwSIvhazOrv8uHTobyZs9bj8uh%2B4aNhONP1uT6VfYv0XakTnzZKoNHfJC4dLAYdPyIq3o8WWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
75573805ff129a3b-FRA
expires
Thu, 17 Mar 2022 15:12:18 GMT
gallery-right-bg.png
is.cdn.md/i4/Img/index/ 		928 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/gallery-right-bg.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
4ec12baf6cba1184f734c98640a42cd7a3208c2edf5871231eb6c3a58a021520

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:56 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"d06e6fcc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
928
Expires
Fri, 04 Nov 2022 15:33:56 GMT
get.ashx
run.admost.com/adx/ 		23 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=38097&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:33:59 GMT
Server
haproxy-go
Var
s:go917;c:1;e:49;hc:1
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
23
Expires
-1
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		57 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3724661400419584&correlator=2836760698496677&eid=31068457%2C31070086%2C44775318%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092901&ptt=17&impl=fif&iu_parts=90851098%3A96769799%2Carsiv.sahadan.com%2Ctopbanner_masthead_multisize_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C980x250%7C970x90&ifi=1&adks=2696085593&sfv=1-0-38&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1664984039438&lmt=1664982901&dlt=1664984038846&idt=552&adxs=320&adys=137&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&frm=20&vis=1&psz=960x0&msz=960x0&fws=0&ohw=0&ga_vid=1619174177.1664984039&ga_sid=1664984039&ga_hid=2146976674&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a843f537fd7eb5593d2debd4f79221a795a933768d280dfad3412d871c3421dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:33:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12893
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3724661400419584&correlator=2836760698496677&eid=31068457%2C31070086%2C44775318%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092901&ptt=17&impl=fif&iu_parts=90851098%3A96769799%2Carsiv.sahadan.com%2Csticky&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C980x90&ifi=2&adks=266672563&sfv=1-0-38&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1664984039493&lmt=1664982901&dlt=1664984038846&idt=552&adxs=315&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=1619174177.1664984039&ga_sid=1664984039&ga_hid=2146976674&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d26928222c5d515cdbab26bed671c5461b6d1bc2947a126d834c55efe740e3ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9436
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3724661400419584&correlator=4380913635001664&eid=31068457%2C31070086%2C44775318%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092901&ptt=17&impl=fif&iu_parts=90851098%3A96769799%2Csahadan.com%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=3404394211&sfv=1-0-38&ists=1&fas=8&fsapi=false&prev_scp=nativebox_site%3Dsahadan.com&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1664984039498&lmt=1664982901&dlt=1664984038846&idt=552&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1619174177.1664984039&ga_sid=1664984039&ga_hid=2146976674&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8f2e242ba8edee7a4a983c8de41eed420d7a933b9dc2563c798dc1328825e97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:33:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
695
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 575C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:33:59 GMT
expires
Thu, 05 Oct 2023 15:33:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022092901.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022092901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee2f84d61840b2cc4a48fa5794940cc1cb8d122309a0be318b3d5ad6041a21a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 02:57:42 GMT
x-content-type-options
nosniff
age
131777
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38045
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 08:35:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 04 Oct 2023 02:57:42 GMT
get.ashx
run.admost.com/adx/ 		887 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=46727&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
ea3273964fd64f1966a84354ec26014e38f1f725f5dcec8a5777f63e7531d430

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:33:59 GMT
Server
haproxy-go
Var
s:go917;c:1;e:9;hc:37;r:>473076-328644-46727-0;cs:cp:cache_z_46727_*_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
887
Expires
-1
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		114 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3724661400419584&correlator=4380913635001664&eid=31068457%2C31070086%2C44775318%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092901&ptt=17&impl=fif&iu_parts=90851098%3A96769799%2Carsiv.sahadan.com%2Ctopmpu_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&adks=73288480&sfv=1-0-38&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1664984039576&lmt=1664982901&dlt=1664984038846&idt=552&adxs=974&adys=145&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&frm=20&vis=1&psz=316x266&msz=300x-1&fws=4&ohw=970&ga_vid=1619174177.1664984039&ga_sid=1664984039&ga_hid=2146976674&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db8d490874233aa54cca7388434312358f981e180ebac3df6ad8938b64d8fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
get.ashx
run.admost.com/adx/ 		23 B
755 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=49848&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:33:59 GMT
Server
haproxy-go
Var
s:go601;c:1;e:12;hc:5
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
23
Expires
-1
box-title-bg.png
is.cdn.md/i4/Img/index/ 		943 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/box-title-bg.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
9d312140f3532b29659e3b5c2eb94ff9d7d5f09376b21993c5909442eece0067

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"70c860cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
943
Expires
Fri, 04 Nov 2022 15:33:57 GMT
box-title2.png
is.cdn.md/i4/Img/index/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/box-title2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
313d5cbad55a31674c5451e2a961ab892e951ea7c59396ea5a89c944c9b029bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"a28763cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1673
Expires
Fri, 04 Nov 2022 15:33:57 GMT
get.ashx
run.admost.com/adx/ 		23 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=34177&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:33:59 GMT
Server
haproxy-go
Var
s:go917;c:1;e:55;hc:4
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
23
Expires
-1
VideoPlayer.aspx
arsiv.sahadan.com/VideoPlayer/ Frame 6BA1 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.105 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s5) / ASP.NET
Resource Hash
8e3cb39f7f7c73a7bf8b5b278b579919ba953829cc7ba7b74091aacf896a0fa2

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
public, max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Length
6796
Content-Type
text/html; charset=utf-8
Date
Wed, 05 Oct 2022 15:33:57 GMT
Expires
Wed, 05 Oct 2022 15:34:57 GMT
Last-Modified
Wed, 05 Oct 2022 15:33:57 GMT
Server
CCAcc (1.0.1/nvm-istm-s5)
Vary
Accept-Encoding
X-AspNet-Version
2.0.50727
X-Powered-By
ASP.NET
X-US
EXPIRED
s
83
sloc
593
get.ashx
run.admost.com/adx/ 		23 B
782 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=18833&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:33:59 GMT
Server
haproxy-go
Var
s:go917;cs:cp:cache_z_18833_neq_TR_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
23
Expires
-1
get.ashx
run.admost.com/adx/ 		23 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=18830&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:33:59 GMT
Server
haproxy-go
Var
s:go917;c:1;e:49;hc:1
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
23
Expires
-1
get.ashx
run.admost.com/adx/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=46728&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
a30e7f3239b07a4811f6c77a5c62fc5b5774033f099783db947047cd0a0ef113

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:33:59 GMT
Server
haproxy-go
Var
s:go917;cd:5;r:>473074-328646-46728-0;cs:cp:cache_z_46728_neq_TR_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
1783
Expires
-1
docs.min.css
js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/ Frame 6BA1 		59 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/docs.min.css
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN /
Resource Hash
0133a3a8bad96c183d5fd19407b4cc471dcdd5eb0e81c5504c198ae5a04d6d40
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:59 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Via
HTTP/1.1 Merlin CDN
Age
6220
grace
none
X-Midtier
tr-ist-sh-s03
Transfer-Encoding
chunked
X-Cache
CMISS_02
P3P
CP= CAO PSA OUR
Content-Encoding
gzip
Connection
keep-alive
X-Age
0
healthy
none
X-XSS-Protection
1; mode=block
X-VCT
0.000
Server
MerlinCDN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, POST, HEAD
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Edge
de-fra-dp-s04
Allow
GET, HEAD, POST
Access-Control-Allow-Credentials
true
X-ECACHE
HIT
Cache-Control
max-age=86400
Access-Control-Allow-Headers
accept, origin, x-requested-with, content-type
X-Mcache
HIT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ Frame 6BA1 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 12:53:20 GMT
X-Content-Type-Options
nosniff
Age
96039
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
93435
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Wed, 04 Oct 2023 12:53:20 GMT
beacon.js
sb.scorecardresearch.com/ Frame 6BA1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sb.scorecardresearch.com/beacon.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-39.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 06:27:01 GMT
Content-Encoding
gzip
Via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Age
32819
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 28 Jun 2022 13:19:23 GMT
Server
AmazonS3
ETag
W/"eaf85c1c6758e84acfe134efd70e9373"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
X-Amz-Cf-Id
oJ083adR0bIFoULH9sDTwYdtseo-U_lqLi_N6FypXZD6KOGIprcViA==
gstream.js
str.hit.gemius.pl/ Frame 6BA1 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://str.hit.gemius.pl/gstream.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
188.165.145.88 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
454f97323a1a1f954078fb117649b63a4a3e76e38b8eb34acdf2c8b41508bbf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:59 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Sep 2022 13:21:50 GMT
Server
GHC
Accept-CH
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Content-Type
application/x-javascript
Cache-Control
max-age=43200
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
none
Keep-Alive
timeout=10
Content-Length
8050
Expires
Thu, 06 Oct 2022 03:33:59 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6BA1 		380 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bf517104f255123ba18c57e1de2f672c0271712d716ff844a26ea8162453b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Vary
Accept-Encoding
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
129563
X-XSS-Protection
0
Expires
Wed, 05 Oct 2022 15:33:59 GMT
docs.min.js
js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/ Frame 6BA1 		967 KB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN /
Resource Hash
ec56b2a59262e7489dfdeb863840fbf779478550f423b3cb9b4a9047342da21b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:59 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Via
HTTP/1.1 Merlin CDN
Age
6152
grace
none
X-Midtier
tr-ist-sh-s02
Transfer-Encoding
chunked
X-Cache
CMISS_02
P3P
CP= CAO PSA OUR
Content-Encoding
gzip
Connection
keep-alive
X-Age
0
healthy
none
X-XSS-Protection
1; mode=block
X-VCT
0.000
Server
MerlinCDN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS, POST, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge
de-fra-dp-s04
Allow
GET, HEAD, POST
Access-Control-Allow-Credentials
true
X-ECACHE
HIT
Cache-Control
max-age=86400
Access-Control-Allow-Headers
accept, origin, x-requested-with, content-type
X-Mcache
HIT
videojs-dock.js
is.cdn.md/i4/Js/ Frame 6BA1 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/videojs-dock.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
4f64f8e57fceff16ab30429262845ed261ba56e666ee48dd8c0f0616eefd0702

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Oct 2016 09:38:40 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
W/"5f2740967e20d21:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
s
84
Expires
Fri, 04 Nov 2022 15:33:57 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3724661400419584&correlator=4380913635001664&eid=31068457%2C31070086%2C44775318%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092901&ptt=17&impl=fif&iu_parts=90851098%3A96769799%2Carsiv.sahadan.com%2Cleft_sky_kule_banner_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600&ifi=5&adks=3569988438&sfv=1-0-38&fsapi=false&sc=0&cookie=ID%3De49869bbe2f83242-22505c673bce0095%3AT%3D1664984039%3AS%3DALNI_MaWW9UShbpRlt80TJSyzGkqKFIIxQ&abxe=1&dt=1664984039895&lmt=1664982901&dlt=1664984038846&idt=552&adxs=150&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&frm=20&vis=1&psz=0x0&msz=160x-1&fws=512&ohw=0&psts=APxP-9CccBy8tLhbmDyKliWjutYiQTVtpwkA0cGA52WG_0Tc&ga_vid=1619174177.1664984039&ga_sid=1664984039&ga_hid=2146976674&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37004deec8edce7dcffbc9c3e46255a46c83197d62b7a2fd6e8ac8eb0fdf4efc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10892
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3724661400419584&correlator=4380913635001664&eid=31068457%2C31070086%2C44775318%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092901&ptt=17&impl=fif&iu_parts=90851098%3A96769799%2Carsiv.sahadan.com%2Cright_sky_kule_banner_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600&ifi=6&adks=386702893&sfv=1-0-38&fsapi=false&sc=0&cookie=ID%3De49869bbe2f83242-22505c673bce0095%3AT%3D1664984039%3AS%3DALNI_MaWW9UShbpRlt80TJSyzGkqKFIIxQ&abxe=1&dt=1664984039899&lmt=1664982901&dlt=1664984038846&idt=552&adxs=1290&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&frm=20&vis=1&psz=0x0&msz=120x-1&fws=512&ohw=0&psts=APxP-9CccBy8tLhbmDyKliWjutYiQTVtpwkA0cGA52WG_0Tc&ga_vid=1619174177.1664984039&ga_sid=1664984039&ga_hid=2146976674&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76fe6a7100c6203e3c30420f68f62dc1d36e6a3c1b6566f82bfa268871225c85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11022
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&time=1664984039922&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&random_number=174703875&sess_cookie=148a5b26183a8c841f062bfd3e3&sess_cookie_flag=1&user_cookie=148a5b26183a8c841f062bfd3e3&user_cookie_flag=1&dynamic=false&domain=sahadan.com&account=Nf8Kg1awO700GA&jsv=20130128&user_lang=en-US
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-115.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 02:09:43 GMT
Via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
48257
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
x-amz-meta-alexa-last-modified
20110117123941
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
xVaBdeo5aB0XtI2ZfwqfSGZjj4M3nxaWaSd3bmEqFuZgaJqOTLPKNA==
test.png
abada0b115741742db07108cad8215155.profile.gru3-p3.cloudfront.net/
Redirect Chain
  • http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
  • http://abada0b115741742db07108cad8215155.profile.gru3-p3.cloudfront.net/test.png
58 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://abada0b115741742db07108cad8215155.profile.gru3-p3.cloudfront.net/test.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
108.158.153.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-153-16.gru3.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:00 GMT
Via
1.1 831dc495f24c9e7211fa3b887470ea62.cloudfront.net (CloudFront)
Server
CloudFront
X-Cache
RoutingProfileExp from cloudfront
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
58
X-Amz-Cf-Id
WOaPIW276VhaPMhhnzJl9dEjqYj6xjJ4d0lGmKcspNLfwGDwtMoVEQ==
Expires
Wed, 05 Oct 2022 15:34:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
http://abada0b115741742db07108cad8215155.profile.gru3-p3.cloudfront.net/test.png
Date
Wed, 05 Oct 2022 15:34:00 GMT
Server
Server
Connection
keep-alive
Content-Length
0
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Oct 2022 13:42:53 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6666
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 05 Oct 2022 15:42:53 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
footer-bg2.png
is.cdn.md/i4/Img/index/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/footer-bg2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
1dbe5850f671cf92fe1d7b55226a830fbe4daba614bf6c6ceeca9e236326930f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:57 GMT
Last-Modified
Thu, 25 Apr 2013 11:13:08 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"ebbbdcdda541ce1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1781
Expires
Fri, 04 Nov 2022 15:33:57 GMT
truncated
/ Frame 6BA1 		1 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://js.duhnet.tv/
Origin
http://arsiv.sahadan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
gemiuslib.js
str.hit.gemius.pl/ Frame 6BA1 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://str.hit.gemius.pl/gemiuslib.js
Requested by
Host: str.hit.gemius.pl
URL: http://str.hit.gemius.pl/gstream.js
Protocol
HTTP/1.1
Server
188.165.145.88 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
cf025959d5ae6414b0f1fb142746a84a93a8e7c0f1aaff024bdfcb740e3c3552

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:59 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Sep 2022 13:21:50 GMT
Server
GHC
Accept-CH
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Content-Type
application/x-javascript
Cache-Control
max-age=43200
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
none
Keep-Alive
timeout=10
Content-Length
15449
Expires
Thu, 06 Oct 2022 03:33:59 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209142312000/ Frame 7B1E 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff325c328985ef8a083bc155e6fa6b5cf2182d7d3174d43c9e8e077f4a1576b9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Oct 2022 17:07:16 GMT
age
167204
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61591
x-xss-protection
0
server
sffe
etag
"e54f9754f7fcb5b6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Oct 2023 17:07:16 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 7B1E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccca58c9fa219fa65853a7398d935b56ce1fcdaab4787294b3f444ddf7d1036
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:16:27 GMT
age
404253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5187
x-xss-protection
0
server
sffe
etag
"59737ceedde8bf1d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:16:27 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 7B1E 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddcba88db922f967fd78e15a055bfeb5088c7c58500ca2b7f08b74eb3736189b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:16:16 GMT
age
404264
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
etag
"e2dd099ef3a2ca02"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:16:16 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 7B1E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5e6919b2460cd051d50b47942408d3b3dbf0470fdaec473a7ca6b928d7ae4e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Oct 2022 05:36:22 GMT
age
122258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
etag
"01e154329648e832"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Oct 2023 05:36:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 7B1E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25ae07afb30f4156fa035a5ffc7f14945c8863ef79772f062d3d04fd97c25391
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:16:16 GMT
age
404264
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12955
x-xss-protection
0
server
sffe
etag
"45d7f146b93052d9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:16:16 GMT
css
fonts.googleapis.com/ Frame 7B1E 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 15:34:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 14:21:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 15:34:00 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7B1E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:15:20 GMT
x-content-type-options
nosniff
server
cafe
age
65920
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3057
x-xss-protection
0
expires
Wed, 05 Oct 2022 21:15:20 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7B1E 		344 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 09:36:15 GMT
x-content-type-options
nosniff
server
cafe
age
21465
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 06 Oct 2022 09:36:15 GMT
l
www.google.com/ads/measurement/ Frame 7B1E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaQu65VycG5B6AKTNa92_nZO49uCFRGmO1RoN-SBMkxUNp8rpLPD0xlGgUbIXdg-dIfturLfMwfMJ1q97w1Ct9prrgEAnw
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 7B1E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cj-ng56M9Y7mQIZmx9u8Pjc24wAWE2KHRbJPK89e5D4rtkfrBLhABILqX7R5glYKAgMAHoAGI57PPA8gBCakCGkXcm1W6sD7gAgCoAwHIAwqqBPQBT9B0t6iagMkD2rc5M8VdPgnDHrPo0jfpx2BkA3D7dsojethrokyp4IMyxqCL_lV8PfAdw6rlBOqDDpqEqGk4kEpiDVBmWHsnvbS-Omeu5Sel1ns4_sENULZDRqkz6GImnnltU5wY9X0nWkxm9VBBblA9bWesmcec8eV1V-amYRFbmKbvN8JVTWRxntKj98jzDokkEhs3J0GwjJFh7_NwR09CZ3WFR5A-rhqNQ-BRO1vQCSg2yaCCoAaHo9cZ3IcW2PtzEFSho_JXiqCeI2X59C5B9e1NQdhWyb5dCj_NnzWABgq88BNufjJJeE8AIsmNnzwWUMAEh4H7_fgD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-CYzDCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDRyArSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTEzODYwOTUyNTM0NTYwNDaACgPICwHYEwyIFAPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTYxMDY0OTE0NjY3NDMwNhjqoxw&sigh=yDvmMg8hqBQ&uach_m=[UACH]&template_id=5000
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/13371931032734969352/ Frame 7B1E 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13371931032734969352/14763004658117789537?w=600&h=314
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3272767301b4a690bd58b5a9b143ef909168e9ca09053c91c93fa0c49157f4f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 20:56:42 GMT
x-content-type-options
nosniff
age
67038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15633
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 13:24:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 04 Oct 2023 20:56:42 GMT
truncated
/ Frame 7B1E 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7B1E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7B1E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
415219a853066f4771ca7bddc3b20bb8f432c5bd62a35dc703f255784156aa04

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ Frame 6BA1 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Oct 2022 15:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1921
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 05 Oct 2022 17:01:59 GMT
truncated
/ Frame 6BA1 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54

Request headers

Referer
http://js.duhnet.tv/
Origin
http://arsiv.sahadan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
play_720p.mp4
vz-795b4bfd-cff.b-cdn.net/c053cae2-32a0-4b42-be01-379e7ad31ef6/ Frame 6BA1 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vz-795b4bfd-cff.b-cdn.net/c053cae2-32a0-4b42-be01-379e7ad31ef6/play_720p.mp4?a=1
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-722.bunnyinfra.net
Software
BunnyCDN-DE-722 /
Resource Hash

Request headers

Referer
http://arsiv.sahadan.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 05 Oct 2022 15:34:00 GMT
cdn-edgestorageid
755
cdn-storageserver
DE-167
Content-Range
bytes 0-10466584/10466585
cdn-cachedat
10/05/2022 12:41:53
cdn-pullzone
752020
Content-Length
10466585
last-modified
Wed, 05 Oct 2022 12:37:30 GMT
server
BunnyCDN-DE-722
cdn-fileserver
450
cdn-requestpullcode
206
cdn-proxyver
1.02
content-type
video/mp4
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
05a9b227-635b-4c06-bb4e-88dbaac2ff50
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
69fea2f04a4074a2bc41353af534c66d
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bridge3.536.0_tr.html
imasdk.googleapis.com/js/core/ Frame A78F 		686 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/core/bridge3.536.0_tr.html
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68bbcdadbeb721cb66952f4e3aaa5faa5de544567f63ce3979a8850b91f8a6db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
175539
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
226576
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy
cross-origin
Date
Mon, 03 Oct 2022 14:48:21 GMT
Expires
Tue, 03 Oct 2023 14:48:21 GMT
Last-Modified
Fri, 30 Sep 2022 09:59:38 GMT
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server
sffe
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
client.js
s0.2mdn.net/instream/video/ Frame 6BA1 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 15:34:00 GMT
sahadan_lqes0l6n04vl1o98gwpixrcvk.png
images.performgroup.com/di/library/eplayer3_user_guide/94/76/ Frame 6BA1 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.performgroup.com/di/library/eplayer3_user_guide/94/76/sahadan_lqes0l6n04vl1o98gwpixrcvk.png?h=28
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
23.35.236.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-154.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7d0faca785be135eeeaee5cd2ba681e5ababa983819df716a01acfe8c67f26e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:00 GMT
Last-Modified
Tue, 04 Oct 2022 12:26:24 GMT
Server
Apache
ETag
"131c-5ea3491827c00"
Content-Type
image/png
X-Server-Id
bd0114353458c9fd2868620875abfc7dfdcd244c
Cache-Control
max-age=72839
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4892
Expires
Thu, 06 Oct 2022 11:47:59 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Oct 2022 15:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1921
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 05 Oct 2022 17:01:59 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=907685668&utmhn=arsiv.sahadan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Saha...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=907685668&utmhn=arsiv.sahadan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sah...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-241588-1&cid=1619174177.1664984039&jid=905523621&_v=5.7.2&z=907685668
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-241588-1&cid=1619174177.1664984039&jid=905523621&_v=5.7.2&z=907685668
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-241588-1&cid=1619174177.1664984039&jid=905523621&_v=5.7.2&z=907685668&slf_rd=1&random=2325488942
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-241588-1&cid=1619174177.1664984039&jid=905523621&_v=5.7.2&z=907685668&slf_rd=1&random=2325488942
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-241588-1&cid=1619174177.1664984039&jid=905523621&_v=5.7.2&z=907685668&slf_rd=1&random=2325488942
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xgemius.js
gatr.hit.gemius.pl/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gatr.hit.gemius.pl/xgemius.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
37.59.195.0 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
394814da5867ac6dd0819e14379934242530d7e2320e9b859deb9b5a216ad905

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Sep 2022 13:21:50 GMT
Server
GHC
Accept-CH
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Content-Type
application/x-javascript
Cache-Control
max-age=43200
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
none
Keep-Alive
timeout=10
Content-Length
15975
Expires
Thu, 06 Oct 2022 03:34:00 GMT
beacon.js
b.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-39.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

Referer
http://arsiv.sahadan.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 05 Oct 2022 06:27:00 GMT
Content-Encoding
gzip
Via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Age
32820
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 28 Jun 2022 13:19:23 GMT
Server
AmazonS3
ETag
W/"eaf85c1c6758e84acfe134efd70e9373"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
X-Amz-Cf-Id
OnyVXxyFoHaaaNGqZ-0MTARGcR1PxrEKI94To11tkGq7Tegb8ZmE7g==
fpdata.js
str.hit.gemius.pl/ Frame 6BA1 		280 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://str.hit.gemius.pl/fpdata.js?href=arsiv.sahadan.com
Requested by
Host: str.hit.gemius.pl
URL: http://str.hit.gemius.pl/gemiuslib.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
188.165.145.88 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
e22e56e5d6ab8067865637574878f62679a5bcf77cd2324cf301158724e3a158

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:00 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
280
expires
Fri, 04 Nov 2022 15:34:00 GMT
lsget.html
ls.hit.gemius.pl/ Frame 65B0 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ls.hit.gemius.pl/lsget.html
Requested by
Host: str.hit.gemius.pl
URL: http://str.hit.gemius.pl/gemiuslib.js
Protocol
HTTP/1.1
Server
146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS
ip108.ip-146-59-30.eu
Software
GHC /
Resource Hash
bc90f63957859845f729b7c4499a4dbdd0b21f0f0737cadce1d5d36ec0000f8e

Request headers

Referer
http://arsiv.sahadan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
Accept-Ranges
none
Cache-Control
private, max-age=2592000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2711
Content-Type
text/html;charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 05 Oct 2022 15:34:00 GMT
ETag
PRIVATE7520710249
Expires
Fri, 04 Nov 2022 15:34:00 GMT
Keep-Alive
timeout=10
Last-Modified
Mon, 16 Jul 2012 10:03:40 GMT
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Server
GHC
Vary
Accept-Encoding,Origin,User-Agent
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7B1E 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://arsiv.sahadan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 20:38:02 GMT
x-content-type-options
nosniff
age
586558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 20:38:02 GMT
collect
www.google-analytics.com/j/ Frame 6BA1 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1753067497&t=event&_s=1&dl=http%3A%2F%2Farsiv.sahadan.com%2FVideoPlayer%2FVideoPlayer.aspx%3Fid%3Dac24zzvao4bb16lwh85vxi5sp%26autoplay%3Dtrue%26showads%3Dtrue%26page%3Danasayfa&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=640x360&je=0&ec=Videos&ea=play&el=717f6ed7-2964-4030-bf69-5f4356190a32&_utma=140208355.1619174177.1664984039.1664984039.1664984039.1&_utmz=140208355.1664984040.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1664984040179&_u=IQBCAEABAAAAACAAI~&jid=1788384854&gjid=746432093&cid=1619174177.1664984039&tid=UA-241588-1&_gid=731457352.1664984040&_r=1&_slc=1&z=2032438812
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 25BB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:33:59 GMT
expires
Thu, 05 Oct 2023 15:33:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ Frame 6BA1 		4 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-241588-1&cid=1619174177.1664984039&jid=1788384854&gjid=746432093&_gid=731457352.1664984040&_u=IQBCAEAAAAAAACAAI~&z=348186276
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 05 Oct 2022 15:34:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
lsget.html
ls.hit.gemius.pl/ Frame 528E 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html?mode=new
Requested by
Host: ls.hit.gemius.pl
URL: http://ls.hit.gemius.pl/lsget.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS
ip108.ip-146-59-30.eu
Software
GHC /
Resource Hash
f22cecb8a7b101abf207c81c1bcc643650330a6b4626cf1ed7e965b2dd69680a

Request headers

Referer
http://ls.hit.gemius.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2721
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:34:00 GMT
etag
PRIVATE7520710249
expires
Fri, 04 Nov 2022 15:34:00 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&cs_it=b3&cv=3.8.0.210223&ns__t=1664984040323&ns_c=UTF-8&c7=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&c8=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&c9=
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-39.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:00 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
KWOheplkJDqdoZj-T6-IctyfUTLVKhdGwalr9u1ws0PD_B8sEvUc3w==
x-cache
Miss from cloudfront
get.ashx
run.admost.com/adx/ 		23 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=21376&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:00 GMT
Server
haproxy-go
Var
s:go917;c:1;e:28;hc:91
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
23
Expires
-1
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2146976674&t=pageview&_s=1&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=140208355.1619174177.1664984039.1664984039.1664984039.1&_utmz=140208355.1664984040.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1664984040331&_u=AACCAEABAAAAACAAI~&jid=&gjid=&cid=1619174177.1664984039&tid=UA-241588-1&_gid=731457352.1664984040&_slc=1&z=2008051623
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
fpdata.js
gatr.hit.gemius.pl/ 		280 B
330 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gatr.hit.gemius.pl/fpdata.js?href=arsiv.sahadan.com
Requested by
Host: gatr.hit.gemius.pl
URL: http://gatr.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
188.165.145.88 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
14938290f2332fc75449a68069edcb6144654cb15308e7f34fddb72c60749135

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:00 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
280
expires
Fri, 04 Nov 2022 15:34:00 GMT
lsget.html
ls.hit.gemius.pl/ Frame 987F 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ls.hit.gemius.pl/lsget.html
Requested by
Host: gatr.hit.gemius.pl
URL: http://gatr.hit.gemius.pl/xgemius.js
Protocol
HTTP/1.1
Server
146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS
ip108.ip-146-59-30.eu
Software
GHC /
Resource Hash
70c9596456c1bdc191573b8bc0fd6fbf520417921506d2f2fe842a777ef4b2a0

Request headers

Referer
http://arsiv.sahadan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
Accept-Ranges
none
Cache-Control
private, max-age=2592000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2719
Content-Type
text/html;charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 05 Oct 2022 15:34:00 GMT
ETag
PRIVATE7520710249
Expires
Fri, 04 Nov 2022 15:34:00 GMT
Keep-Alive
timeout=10
Last-Modified
Mon, 16 Jul 2012 10:03:40 GMT
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Server
GHC
Vary
Accept-Encoding,Origin,User-Agent
css
fonts.googleapis.com/ Frame 25BB 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=tr
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 15:34:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 14:33:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 15:34:00 GMT
css
fonts.googleapis.com/ Frame 25BB 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 15:34:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 14:20:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 15:34:00 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 25BB 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e9b33e2310fe243055ae2d79e9a8805caf7ae61c256f41cc07f4a7ebe5f400f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14200
x-xss-protection
0
server
cafe
etag
1464250934554425876
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 14:55:30 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 25BB 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 06:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119985
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 04 Oct 2023 06:14:15 GMT
web_video.js
www.gstatic.com/admanager/outstream/ Frame 25BB 		303 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/admanager/outstream/web_video.js
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
400e7a9f32b9d47c90e67bdab6d07c576845afd6a5f9bce0bfb8580350b7118d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/drx-mobile-serving
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105729
x-xss-protection
0
pragma
no-cache
last-modified
Thu, 14 Oct 2021 12:58:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="drx-mobile-serving"
vary
Accept-Encoding
report-to
{"group":"drx-mobile-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/drx-mobile-serving"}]}
content-type
text/javascript
cache-control
no-cache, must-revalidate
accept-ranges
bytes
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 25BB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:26:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9561
x-xss-protection
0
server
cafe
etag
483224313611802536
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 15:26:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 25BB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 15:30:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 25BB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 15:27:25 GMT
l
www.google.com/ads/measurement/ Frame 25BB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2JveuW9WX24Wj4H_krcuv2W3tHChLAs63ZCqKwiZow4N3L54Y2k4Q575imeYumMd53L-f8wj1sDQnEucBkfM3oGGO7A
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
ga-audiences
www.google.com/ads/ Frame 6BA1 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-241588-1&cid=1619174177.1664984039&jid=1788384854&_u=IQBCAEAAAAAAACAAI~&z=1895613328
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame 6BA1 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-241588-1&cid=1619174177.1664984039&jid=1788384854&_u=IQBCAEAAAAAAACAAI~&z=1895613328
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=ac24zzvao4bb16lwh85vxi5sp&autoplay=true&showads=true&page=anasayfa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DFD7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:33:59 GMT
expires
Thu, 05 Oct 2023 15:33:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		352 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6df79e98ac3f39a612316d11ac887567173d8b940ca5ca1c48582e5ac57e79b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7acea79c2521213b0e379bcb9c0fe0c690e5cb7ccad1998c5920b2a5699843ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
lsget.html
ls.hit.gemius.pl/ Frame E980 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html?mode=new
Requested by
Host: ls.hit.gemius.pl
URL: http://ls.hit.gemius.pl/lsget.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS
ip108.ip-146-59-30.eu
Software
GHC /
Resource Hash
196a6359e0a3051606f13dda018daba7819f9cba767adff922e633ee2d50a7f0

Request headers

Referer
http://ls.hit.gemius.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2720
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:34:00 GMT
etag
PRIVATE7520710249
expires
Fri, 04 Nov 2022 15:34:00 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
pixel
googleads.g.doubleclick.net/xbbe/ Frame B3F3 		624 B
838 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiYmrzGATAB&v=APEucNVwlqlOYO33demLl6kk7TGg1tvYtbUKTAP-mywfvdsJaAxt-35NSNokm-AJn_-Xy_oqZnBGrm5c1DmSJWcKPQLlXXI4Yqddby55gu3SZEMmG8KznIH-a1FJrmsaoykBdFc_1sPrDwm5XKJel-Z1bVbnLUAzDLzYT_8Ml7E35wLxl45ee_i2421j_a_X2AvZmi_xV9lAqdOpqR5ELhRNDzQOjmY9mw
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:34:00 GMT
expires
Wed, 05 Oct 2022 15:34:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame DFD7 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BiBNzOl7A84IX7NVf-QyfrKsTmn0YfHLpmYb23-lbDnApHUQzECgOUFBdjDMZ1k-viUx2Zyoq6us5UMWgGAE4RFDKy8gq99uRCOYWkgx_NJHUh2bvJ9teCRo_pJM-Uc6LEccL0YEQpWj-I-VNYOuAMu03mJ9Mi1RZ1nEGKDb_AuKqWS0o&cry=1&dbm_d=AKAmf-BxaZxkJXy0lxLY4FJ0R1tTtA04K7thQMvm2fDI16TZCPigIWkLOfv_Q7-I2DRtT12b2SuGlZzYwkIpc9x1Jx6ZJ7gO9I3u_xdaqAJw7AHaGj_ny3F5jsE-uFsLnxhDXuOm-jzy94KNL32kJEknWnfVD4D07g2BFI-oJsFyN_SwPR-xSH9rzVjuObInr9gUoiTuTH5X0IDUNa3pEm2RzW9xxio8TGuzbWSQl4CHG0iwK8hNM-Avwf0VimDHSyPO7XwJNzisqtGfjKTnjXyc_QfBQSGi8HO3XG5hX6VkuaDSt-8-eqv1U3QVvLVHMUu13lMzRHrmmejYWVYJ__cw2-0fOZNwtmlDN7Qs4unb4bVIuxVr--fA_3x2S__9sSGVeDpOTLxfCu2g5NfmS8G6s_FmYn4rLHVRALMLuCivlWNNI9TZ8o8AmWXr-aLtEzHjlC579-mFpFD1KgfYVTB8BsQklOunpCwdobgAtJOU7yYSz34aPqYukAnJIkipgFA13yqkevuGJap3dpi8pBo-71JLnHHFuEnLbb_cWEmcV73Llg4-URzu3rclzwEdroSDm07O9JQ-KeuYL9mlj6FlmD3mt9SsYZ7CRVdADBIurNqDE9d0uKoC6-h1-hxVYxgn4S0tmBp60p4IAzjO1tyOBnSz3YKVzjaRFMnsk9-CRiEYlLs_dvPiO81i708pygddYssqbe2tyr1SNFmJnU8MuhmW14L1v1qPa1O8WB4KSFnQkzwNFtAhshfeSNB6YWvuBx2zB-ndjW6W4VHhIyDpiotnjQBfYSQni8qQJSGsdD4XenQPwnDvlridkxOS4qK_YIArYlStVc-A5ZPbfagLFXklNEnwW7A-F9D2vWRkwPhA3ekrMyjdEtAexJgsT9wlAQ-ffH5_Sy3A3t1V5DKZk-Qlpy1XuORUC0IMPXu6gzMDHeg9iocrH-Ukk-2GfpxQ_eUxEAJkXlpLT6rVCi8SOgMnDDAWoRBFgFoL28Dn6qC2J7UpWQGcDhToDjyWpxM51LeTAW0untEFY7TKSig8g5OJz4-VlB6La_JmOdfBgHAg9YoZXiAeTSl8q72k_cY8HlD4UP7H1xXgntNYl7WvlRsjOxotBElzvsrnqzPFRVnUrdoBV9DyqLAoQ1X3hrtu3qtN0GQ0OUm_NxUQ8WDjjlRZ9PaaniMjQ0yHXIUZVS3npGtM0pCxCDnNjvbeZxq38gJpzOhpi6hHmKu6XwgAo0is2Ew0_yb6Bkqs3oyNmKtoRDaOW5gK5QRbcjt97oVxIwrqLzXtdDHd5GUQRhmpkU3OqxzfEowRpvoIYuNnwNFBD_kqzHtz6YKajAdmriIWtOWzXfV3IvXoki2KfRgv9RgBCnGqEjyuSO92IH69KUJJjJ5ZAFPQBd25z0BRfkl4M9NTrC7RuvgLzXYrA4jAGHUM7Lww9pxW5Leoi-KC7sAukBjxbrBx4kX0SxT33YW80RfwCtJfgfNOOMz6vht3XAfZAV5e89zsmkFica6CkPZVl3zLXUDajOGs_4kuOoeUyA3NO26tfSmW0ostT7pKH98X1BlgdAonTqBjP10Na63tndGcwPGi7AOqKhm9lxhTG7SOPQBiW8_61gEzkQnB1yrgJUqjXCRu005InCfYXgtoivGYyYKkE0SwXkuyA5Z_0hHUVRUSiQIGuhal1wu8WfBY8Nuceeg_jSyVKjXsrRFKpNGTT4gVaBMFQkMiXwRupYHSNhZWaEyPDfbrqRLdlL2TW5GAmOofLEkpXyja3_AQYKOpx_39mXtfZZNJicLSCmlh8AgZTA45k7NTu6WvQyVbsmhNvhcJR4WgcIx_k3EOYOrOmDwMpTAQNfNc-v32xkho5LCOyOX9O8FsarpjKfoknluz1TFI--ynNHwnPcibBXCa9r8NecgmtLLHRvj12FWidPJ8MiUage8FFP98Dwzu6dGpwreL7pQ0fSnH37aMxkdStp8cmgtlkTJznqWp20lHZFl7NEtdJ6AUdn0Zw5WLw_uGCL8QD__0Kd2vmJILplVcLRa2F0a8k9GgCkxWAo6GV7RCGBGdD-6BzwekyA5PkOzxqO613ZrHGQeNXl1Z4EfQTF-4PLcdFOngKfleVNibckPEZTjbW2XL8k4enVMZ7eYSypTfCBrdVqYVgl0allj13OqNlhmo4-_juhRdKs2MhdHtTPF4VkV7ICxeyikCTshQ1sBahpg7jkY2SdvQqwKEPKpKB1p-m8_m3q_vjtecBNrjsdaYvF8-tItnHfXrNvKeaWg0gVDZwTbd_mGscC413HtUwrRtQ75kbtWphTp-ITOvUuI3drbabCrenPwvfMdEsuGSN0HgV2Tn1VbYmAvis_D90ShUCeLh3Apdw2PteBqdgqgPW4kZUWAmFxj4yaIWUdj9Q1h1He2vaktOEljliq_m4iyTxLePJzsUXPzg0iGcrwa9HVPJyTYjNzos1_HDR4KDRsWGwHQY5OfgCbK-DWIiPoqxGimJ765k2ZGGEkTM-nJeDSq-Jhy-nQLfYDbzdAqqIEppH8aOARYRp7OV1VG3ZATnw6RHCUwhIO_7979py6pi7uR-I2XsEuBaC0Kw7vFzlahltgfq1-ddjqcBFdaTFSRu0LXAQJJILRS_AajwzyZEMgG6P0cgy_1Ic00OcmEFWEoru9sodbrpqmgzMXW6nHah6adCttYPybzTQr4sPYHA_7rG6KHfcC7aj3-rFZtTiXmsHn88yHLHGWNQQ9QLGjmySIur_j158hX2ALHQGBRrmiAikeM31_RpEz8L1QN_7dQUzvBV1B0cxNzrQRFGYZv4oSlJjGgfxJTh-0Qftt2ne3sLyupt9j3r3wKXAYo36qJ-sSmeTVsYrXqKwh0RqxkxeFXfRACgadRhmeWhuaBJU9p-GTZa5XWX1poDdrcw9pWgilAyZJ--2x20zp06QD_bBh_3NiVQQ08n7tUHc_MTRmdvxoYZy_lVi-rsOOgyqkisjMao6Gcugh7nG8WHL81TOTmfiHyyo-BEqKzkZB8ww3fFZdVAB91VNESsg3zToGdklEr3vyYr8V7tagwfeVmOpqv0RX0apQ-5TdJY-6SPetuBgpPGoWeJox3kMq0tjmLXFiN5Zk4Aymnb1twaSUCD72-riUssjzZiWdRYrnrYlbe7xrzQb1Tb7ahAMokUxwsnNrM6dpJcyp5S-hX4Qxx-E6vRTAZrhZENQeUTr0Azns0WYz1xf45zhE8U2cgGOCgkCqk9gAJrk_sms9p221uFBfsyWVtd2-aA3MvoPgIiV6Fyd7aQYoCLfqZz62YB2CFFytcpqEagQlCfup4s3ib6ARmDwj5VU0dvu-lCD2Sg1xVQaDlW4_CIs8_Adz2O08eViBio3FCSMIqr4g5oQYRKPIOeUbfjDjbdWWkrUorFpzKMpaPccslCaX18L_ivXEwkKct3JOLRTCs3S62owDod7l4tmEmHQNGbRbvLfZ5-16DuFaXgUW4p8PTL-g&cid=CAASJ-RodQbBQ9XG-n4WdSUlF61WFiGm5amUgisHs-BIx77m5mq09i3XbA&rfl=1%2Chttp%253A%252F%252Farsiv.sahadan.com%252F%240
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6cacd3365f6ea4b210a4f3aec4343a8c8badc495e4177921aa9d4b1a87ead073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11435
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DFD7 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AqU_XikGo7ww9gQKKe-6Ux3-bvVJ5Io6adZtvawnaR0HD7ryXzz1YDuL5k5VtWQn4a2Dz6o-aveo-Zekeys0q3mL--jcwLx4glUt-eXOwrRqbYiPU
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame DFD7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 15:30:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame DFD7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 15:27:25 GMT
l
www.google.com/ads/measurement/ Frame DFD7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNdW_8y95XCJ8RYgqAoQTJpT1ufdDQLhSmBNPnPbrAPDi1EFTZ2VpF20Jid7SLZ04ZETo_FkmODBqiKy-VhRwN5w9aTw
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DFD7 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 15:34:00 GMT
rexdot.js
gatr.hit.gemius.pl/__/_1664984040439/
Redirect Chain
  • https://gatr.hit.gemius.pl/_1664984040439/rexdot.js?l=100&sendf=8&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Farsi...
  • https://gatr.hit.gemius.pl/__/_1664984040439/rexdot.js?l=100&sendf=8&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fa...
452 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gatr.hit.gemius.pl/__/_1664984040439/rexdot.js?l=100&sendf=8&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=aCy8KdS0.iAOuQk0lYLZ3v5mMRyZkyCjh19uZWODd97.B7SMfFbdiVU.OpZH8WTEQ6vzannpqMj0tYK.BVZEBwJYwUsa/MMsuIbBDS2CyA/&ltime=101&fpdata=vu4X9Faf2AvKONBYLDtZ69b1SWSI.cinvFsCuA58ZWv.87&inner=_ver%3D330&lsadd=&fpcap=
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Server
188.165.145.88 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
29618906293281d3604dea2b1e6caa556e3e84102a16bb7afa96438ed94b2695

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
452
expires
Tue, 04 Oct 2022 15:34:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1664984040439/rexdot.js?l=100&sendf=8&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=aCy8KdS0.iAOuQk0lYLZ3v5mMRyZkyCjh19uZWODd97.B7SMfFbdiVU.OpZH8WTEQ6vzannpqMj0tYK.BVZEBwJYwUsa/MMsuIbBDS2CyA/&ltime=101&fpdata=vu4X9Faf2AvKONBYLDtZ69b1SWSI.cinvFsCuA58ZWv.87&inner=_ver%3D330&lsadd=&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Tue, 04 Oct 2022 15:34:00 GMT
get.ashx
run.admost.com/adx/ 		23 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=46731&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:00 GMT
Server
haproxy-go
Var
s:go917;c:1;e:32;hc:12
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
23
Expires
-1
16260591015468665341
s0.2mdn.net/simgad/ Frame 25BB 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16260591015468665341
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0f45a49d27117af1323c98b6f17499f08f49e5e60db826db929e583f2e8e65f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:14:05 GMT
x-content-type-options
nosniff
age
461995
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6944
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 07:56:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Sep 2023 07:14:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 25BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ceff956M9Y-SILpWP9u8PxNisiAON1e7DbOzoiKGuDvAuEAEgupftHmCVgoCAwAfIAQapAhpF3JtVurA-qAMBqgTdAU_QSowSv48vVgMKoxFSN15mrhdbgIPILZtrrKygWDswkZIv71V32YwB0YlwLQ8eKZwNdqPwXsR9NoGk1MiVhH8JBKNqe30MuQr4BNzlEvE19TlKnDuKhbjx5elyMcBg_uQiP0IFv4k2P7Z14VRKKX56NrKWcy_V275xJdCTdoI-zaGZXYHIYzPwrg3lFBIw6Gp5DVwNSGT_KXvspBL3GCWvLMaBmhfqBUEi8N0fVCdxRA6gVK4KeCbb1ibrtKMekZeh0mpsRbHU0VXL3nXrfcWgOV1gze64ditzyWWCwATRvszopQPgBAOIBerLrdQrkgUGCAMQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAf5v5hiqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQgvgLGPudz7gB0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDyAsBsBORweQKyBOi2pUJ0BMA2BMDiBQE2BQB0BUBgBcBshceChwIABIUcHViLTU2MTA2NDkxNDY2NzQzMDYY6qMc&sigh=G1ZzkDkeq-o&uach_m=[UACH]&cid=CAQSPwCsnQUxGO3-AMFDuGklBVPY3zVuFIVouFBGXR3ZsB8hZbGrEnZvTcu-pfE_SYrLRYAn5EB0fU5L9jNd9gT9LSAT&template_id=509&vt=10
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame C659 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1121
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:15:19 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame B3F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAm9JQwQGxVwrQLWnixcpk&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAm9JQwQGxVwrQLWnixcpk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiYmrzGATAB&v=APEucNVwlqlOYO33demLl6kk7TGg1tvYtbUKTAP-mywfvdsJaAxt-35NSNokm-AJn_-Xy_oqZnBGrm5c1DmSJWcKPQLlXXI4Yqddby55gu3SZEMmG8KznIH-a1FJrmsaoykBdFc_1sPrDwm5XKJel-Z1bVbnLUAzDLzYT_8Ml7E35wLxl45ee_i2421j_a_X2AvZmi_xV9lAqdOpqR5ELhRNDzQOjmY9mw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAm9JQwQGxVwrQLWnixcpk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B3F3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yz2j6IkAQLTPaHqkkWy3KwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAm9JQwQGxVwrQLWnixcpk&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAm9JQwQGxVwrQLWnixcpk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiYmrzGATAB&v=APEucNVwlqlOYO33demLl6kk7TGg1tvYtbUKTAP-mywfvdsJaAxt-35NSNokm-AJn_-Xy_oqZnBGrm5c1DmSJWcKPQLlXXI4Yqddby55gu3SZEMmG8KznIH-a1FJrmsaoykBdFc_1sPrDwm5XKJel-Z1bVbnLUAzDLzYT_8Ml7E35wLxl45ee_i2421j_a_X2AvZmi_xV9lAqdOpqR5ELhRNDzQOjmY9mw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAm9JQwQGxVwrQLWnixcpk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B3F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPnbp6IQNzo723NYPpD8AM0&google_cver=1
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPnbp6IQNzo723NYPpD8AM0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiYmrzGATAB&v=APEucNVwlqlOYO33demLl6kk7TGg1tvYtbUKTAP-mywfvdsJaAxt-35NSNokm-AJn_-Xy_oqZnBGrm5c1DmSJWcKPQLlXXI4Yqddby55gu3SZEMmG8KznIH-a1FJrmsaoykBdFc_1sPrDwm5XKJel-Z1bVbnLUAzDLzYT_8Ml7E35wLxl45ee_i2421j_a_X2AvZmi_xV9lAqdOpqR5ELhRNDzQOjmY9mw
Protocol
HTTP/1.1
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:00 GMT
AN-X-Request-Uuid
0121c770-5e68-4eca-bc4a-d7151622dce0
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.134; 138.199.38.134; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPnbp6IQNzo723NYPpD8AM0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B3F3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0MzEwMzQ4NDQ5OTAwMDM1
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0MzEwMzQ4NDQ5OTAwMDM1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiYmrzGATAB&v=APEucNVwlqlOYO33demLl6kk7TGg1tvYtbUKTAP-mywfvdsJaAxt-35NSNokm-AJn_-Xy_oqZnBGrm5c1DmSJWcKPQLlXXI4Yqddby55gu3SZEMmG8KznIH-a1FJrmsaoykBdFc_1sPrDwm5XKJel-Z1bVbnLUAzDLzYT_8Ml7E35wLxl45ee_i2421j_a_X2AvZmi_xV9lAqdOpqR5ELhRNDzQOjmY9mw
Protocol
H2
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:00 GMT
AN-X-Request-Uuid
35bbcdef-e8d4-42da-ad59-01ad4e4ae6c8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0MzEwMzQ4NDQ5OTAwMDM1
Connection
keep-alive
X-Proxy-Origin
138.199.38.134; 138.199.38.134; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 25BB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af3a1fa0ef7b588488567c0c08308726216748bcbdc69e38d78cc5b9683a2eb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 25BB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:33:00 GMT
x-content-type-options
nosniff
age
590460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 19:33:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 25BB 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:34:12 GMT
x-content-type-options
nosniff
age
590388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 19:34:12 GMT
csi
csi.gstatic.com/ Frame 25BB 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=1~l8vsibrq&c=1703062874021&slotId=851531437010.5&qqid=CKSY_PG0yfoCFZWH_QcdRCwLMQ&fb=web_video-lima&sei=44729911%2C44730425%2C44730426%2C44731965%2C420706098&nsei=44714510%2C44752538%2C72811302%2C75259405%2C75259407%2C75259408%2C75259414%2C318491509%2C447279544&bi=styleframe_video
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:813::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
volume_off.png
www.gstatic.com/dfp/native/ Frame 25BB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/dfp/native/volume_off.png
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 09:46:31 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
20849
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2684
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 05 Oct 2023 09:46:31 GMT
pause.png
www.gstatic.com/dfp/native/ Frame 25BB 		763 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/dfp/native/pause.png
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:58:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
592536
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
763
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Sep 2023 18:58:24 GMT
replay.png
www.gstatic.com/dfp/native/ Frame 25BB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/dfp/native/replay.png
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0240de66a7b445f61b5a32e74c7d1dff431ac48b1b218ba454275b8f22046368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 21:23:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
151816
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2305
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 03 Oct 2023 21:23:44 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 25BB 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BnK6Ax_XMGAO84AEX63Ju2-eUX7-kr-K9hW1o4YaQvQ2Sm1BDX_CrNla-RKQILhHlfteUGIOYMrhFCXeqqzmK3w8QHhw&dbm_d=AKAmf-DlJNm2S_Z7itFO5tL4FGmN3l-n_Vz57tG6eT2lilycyN_ZCFGbHnoXq6ggtCtRkYcJ4YSc-TUgMQ_zQIuC9afqsuajEns-sKI8wBu7BwrhwByCvuLi1XLP4AMKCvrr9hJxAog4grHQiHDJVJBCWSXTlwVu-_qc8gX6VLzTKV7FOtjeVwLg0270CsafXKW1WmCtJlU19fsw7ekm4-0DxMWNzk1T7wM1AXcLw79WzzPpnd1iX_wxnXyCza7rZ9dTX-htzEFY7WQErCICMeAXjmrfoqY_I-83-A8Q4ducllcuVf4WgKDENdFdaJmaYchTJnymFuO9_XGzl4K4hhTggalKh0z5jU-Ejm6j5KzKUquV_NhKctGrw-Asoh1UCCSSS--mJBmyKh5FY8oig_7VtkFGKrGE71rq4vEq05aRgtp0fO-Bh41Cjo_zvc_rD99As6_6IowNd82jrwj6qAtuSdcCfFC0jQAoqO8CXJhHG5DGwZhbQG2hrwZS3gmGVL2efxjrlW-WGcFr5mAX7MUzpv42ghFYgfbdTX1MATYf-9Pl8-amxw5MI21DVFLtlNzfzSOsfpJ3XgJr5jO72BbuPbaEx4Z2orZjp50YSP0b20BTcxV_HLwBe4IORHXuYlNukd76vUJkG3bt-E_0A6dQE6Nw5ufmmE847wRCC9rn0rYtocD4tqO0X8p7IO9jfGlzNpHGTRItZ-eJYcy53LHKRRvjUEe07T-fVdPZMyEnktvtrTfmZqacvQMg2fhVCX6xiB_hO6nxLgvBCCxBGlJzRUcf1t2voiBpA5zBaVpPMooE_eRSdshYCOqKn4UZOq1CYmQ6-hcaMMK3GgZH8lotL7B07TdoKU2jTSW9kvc_74AOKVX1OVwAR7G9FFrP0J2jawXI1XsyxTVY8Ez_2BeaCI4TdhsGGyawU6JQgxjMZUEbi_wmsnNXnagsNoP1sZGE7oRuD7j-fx8nxDikoe49OJGFSP5tk0jQ94aSxqjxfy63Krqk5cTNkFLy-moHerfHkaafRx99O0TKMN_Dr21jRbyeX3cFpj5U5_aFVOTo9F2nxoe4BmWZxPcD_W4eg9zJgfIbPrkTulE7_jIPCjLiav1nMkYnOAFMdrn-TYZt-eUh08cVs_vmIEe9xvQfKUpnXdGAvU-RLk372VIfGA5AeiqgqUm0xNTWptMjtOZmXS80pNOsrhLaz1Do1gadJpSS3ak_7054qWYwDkdRkqCc71LOicuOLwG6GQQQC6kMhP5z5l1udKFeEVbYKT9EE9voQ4_9yBA2pRCdLSypEZYYZhp0_hPOL50FzuF4H271xgT2eX3AOB9htY8a5RvXDZZqheh3TSgXviLbvc6g3kij_DXMxGUglYIMdKntoSLQDN-xKLM_p4ezLX1mU8efnv7G9kMPZdzl0hfM67dCGxgpHhVesi_WAD25kAvzJMcaak_1rVBWR6abjgGWkeiXCYxDcdVZeEXscWhP2Kn4Up10fF0QqJcup8RbMM_MCJxOwZXUi9e02jg4mlCChi9L6dYUlRnpB0-7eYq9nJk3g5RNmhgDawtb-F3xRfzKTJ_M7Al-UKbKOdiqC6xWJ2PPF02EFji0citXoyhJkpHPqnCtYssJ1QOOHX3t4L8YsbHlB-iPTauRC6326LZ0L9FkDSsgEiEBkTmU8hUM7wBg4xZdcLR6PzV63upI-CAo0J1gU3W6FQGl_4Kq7F3mO-TIOYfxoORqIxZu7p4eZUxvNxRb1z0vLa_nabAwYbfyKltL16yCxWnhfhEq7_1ofR4UO74NGDfmPoYc5TKSsVM4C5AF2a48PD10amJOeXyoZp-8HFo6LKTMW8mk6DKFrJvVPJpK9ykrHgvj3l-waC76gpY2WeV0T9Tyh8JkODuFzLqARX_5DPM3PPwTimYmkBjR8y5XLsPbmHuf0oTO620iuBdxcYi3wZFRyX4b8P2LKdrt0qg-FgILJ0TDlIVJFeGKJF293Yqn2Xy2qJe19Ji_3iBIenP3ZNKHUnwrCgvXwYMWOYDUnMh2x2RQ57lr-39eyYsunPoJskw_RuscoqGBp8Qt1AnEtmrZRYXZWn9ux-ccGz_b_epqll9Se_oSS158S7wZrYQIvSAElEGLDzizVKLXk6DqyK6aXgNovb-4kg6I1hFy70pOAr8BvLQ3Ha8YwAgNjUGJHf77MeWKNfVpIPDiU7QdBChgQ8RvOz5MPqZEOzjVippV9mAjH8w1wE4NLJNExDDzczIcK0bqp82CmsdV-6WKoabNX6IbbYuc3H_DgPVihyIGP7hNpY-T_DieCyjLac-3RHEAhvDchEbq-MVFpXTICcP6KXn6X-s7sQPvFZHn1V9_05uy-1Pbtc2HnrTGBF_Mmn2ELbea_ryVttFdAJgNRWnbI7cFJ_jDAr8vlTedrEbFrPnypI_wuNwEY-JXqPjlnQM9brJ1TIkrflaAkmTn7o1mBPT7JveSSVw-KPDXqFZDfkiex16doyVrIAj0X3D8eFjE2ffAm4fFi7tLUJ4dz_iEUxYfu6hMiM-QXHeY2ESscTaYzPP8BuLVxkL4Reg_lwz9n6l9W6VNU19Ixuy4jk7t8939MM-Ec4jzTPu3nvdGzqg8_VMPL3TVDy7fh9OcshqH87AgBPjRRDPgUiYQVhM-0zvshRAGYioFVZA0Y5m0sACxqohbGY-4jY03ZIArMO3PjvDvFh6DYXXJekJGrxVTdkbkSoP5skNLnpIKcYlj_XTtmGqaMB9IrpwjmkPq9xcuCfX9QrGtpqaspJaaXznsIRx6Va5pOLMsemZ1U5yWip6p7tK5h2KSpUredC2pYMbj4bTHOvYJx2bSFi18FMkcPiV366oMitl_Zmn2kmO1SyrgX3Ha__WbDBRZwk1f2UMd4Pj5D77uOjmInYFjkGsqPr3fbLjuEmbon_sHSH0z7rYqAmwnuX10q404y4kqXHq-4E66giVOdn58RcCi1VUlwD57AHNVKlDwRBi2e0BdC7N-tD7UzXEtfn1-CZKgW0EpWwvV-4nsMdzTS_Bz6EZ-NgSedyTT_BEx6OziUGJmL7cShJJgrxFy6R96EOnCr8bZ7aQi3xN8kDW5Lx6-KwWVMqpazhsfuwJ8tdhHdrAMJRoN7mIlyV3ATo2mmKBUjHP8ofAfoDbxq_4r8GhFk7efdtenRT9LcCmZXIzCtMPxm0isFt_KdajyJF1OUTPMPP0q&cid=CAASKORoV8q7NhGYvEALU7Ddwy9z7VjVq6uY3pGlpO40QNF0l1P1acJksDs&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f154.1e100.net
Software
cafe /
Resource Hash
b98d31df3b8d5da00ceadbd1bdd1df086dd83cc04e451184de153aff2b162f2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15422
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
85444b226f71dc04e1928aeaa1129042d3a9ccc1.js
cdn.dimml.io/static/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dimml.io/static/85444b226f71dc04e1928aeaa1129042d3a9ccc1.js
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8853e974d661a5636217c397d87dd0c3c3c67390b67f0924136430125ea8e933

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Wed, 05 Oct 2022 15:34:00 GMT
Content-Encoding
gzip
X-DimML-Version
2.2 vH8ffFv9
Transfer-Encoding
chunked
X-Cache
HIT
X-77-Cache
HIT
Connection
keep-alive
X-Age
1059
X-77-NZT
AZySIRCTPOb/IwQAAA
X-Accel-Expires
@1664984781
Server
CDN77-Turbo
ETag
W/"be1da9f087b3"
X-77-NZT-Ray
07TaVv2S26w
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=1800
Expires
Wed, 5 Oct 2022 15:46:21 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DFD7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BiBNzOl7A84IX7NVf-QyfrKsTmn0YfHLpmYb23-lbDnApHUQzECgOUFBdjDMZ1k-viUx2Zyoq6us5UMWgGAE4RFDKy8gq99uRCOYWkgx_NJHUh2bvJ9teCRo_pJM-Uc6LEccL0YEQpWj-I-VNYOuAMu03mJ9Mi1RZ1nEGKDb_AuKqWS0o&cry=1&dbm_d=AKAmf-BxaZxkJXy0lxLY4FJ0R1tTtA04K7thQMvm2fDI16TZCPigIWkLOfv_Q7-I2DRtT12b2SuGlZzYwkIpc9x1Jx6ZJ7gO9I3u_xdaqAJw7AHaGj_ny3F5jsE-uFsLnxhDXuOm-jzy94KNL32kJEknWnfVD4D07g2BFI-oJsFyN_SwPR-xSH9rzVjuObInr9gUoiTuTH5X0IDUNa3pEm2RzW9xxio8TGuzbWSQl4CHG0iwK8hNM-Avwf0VimDHSyPO7XwJNzisqtGfjKTnjXyc_QfBQSGi8HO3XG5hX6VkuaDSt-8-eqv1U3QVvLVHMUu13lMzRHrmmejYWVYJ__cw2-0fOZNwtmlDN7Qs4unb4bVIuxVr--fA_3x2S__9sSGVeDpOTLxfCu2g5NfmS8G6s_FmYn4rLHVRALMLuCivlWNNI9TZ8o8AmWXr-aLtEzHjlC579-mFpFD1KgfYVTB8BsQklOunpCwdobgAtJOU7yYSz34aPqYukAnJIkipgFA13yqkevuGJap3dpi8pBo-71JLnHHFuEnLbb_cWEmcV73Llg4-URzu3rclzwEdroSDm07O9JQ-KeuYL9mlj6FlmD3mt9SsYZ7CRVdADBIurNqDE9d0uKoC6-h1-hxVYxgn4S0tmBp60p4IAzjO1tyOBnSz3YKVzjaRFMnsk9-CRiEYlLs_dvPiO81i708pygddYssqbe2tyr1SNFmJnU8MuhmW14L1v1qPa1O8WB4KSFnQkzwNFtAhshfeSNB6YWvuBx2zB-ndjW6W4VHhIyDpiotnjQBfYSQni8qQJSGsdD4XenQPwnDvlridkxOS4qK_YIArYlStVc-A5ZPbfagLFXklNEnwW7A-F9D2vWRkwPhA3ekrMyjdEtAexJgsT9wlAQ-ffH5_Sy3A3t1V5DKZk-Qlpy1XuORUC0IMPXu6gzMDHeg9iocrH-Ukk-2GfpxQ_eUxEAJkXlpLT6rVCi8SOgMnDDAWoRBFgFoL28Dn6qC2J7UpWQGcDhToDjyWpxM51LeTAW0untEFY7TKSig8g5OJz4-VlB6La_JmOdfBgHAg9YoZXiAeTSl8q72k_cY8HlD4UP7H1xXgntNYl7WvlRsjOxotBElzvsrnqzPFRVnUrdoBV9DyqLAoQ1X3hrtu3qtN0GQ0OUm_NxUQ8WDjjlRZ9PaaniMjQ0yHXIUZVS3npGtM0pCxCDnNjvbeZxq38gJpzOhpi6hHmKu6XwgAo0is2Ew0_yb6Bkqs3oyNmKtoRDaOW5gK5QRbcjt97oVxIwrqLzXtdDHd5GUQRhmpkU3OqxzfEowRpvoIYuNnwNFBD_kqzHtz6YKajAdmriIWtOWzXfV3IvXoki2KfRgv9RgBCnGqEjyuSO92IH69KUJJjJ5ZAFPQBd25z0BRfkl4M9NTrC7RuvgLzXYrA4jAGHUM7Lww9pxW5Leoi-KC7sAukBjxbrBx4kX0SxT33YW80RfwCtJfgfNOOMz6vht3XAfZAV5e89zsmkFica6CkPZVl3zLXUDajOGs_4kuOoeUyA3NO26tfSmW0ostT7pKH98X1BlgdAonTqBjP10Na63tndGcwPGi7AOqKhm9lxhTG7SOPQBiW8_61gEzkQnB1yrgJUqjXCRu005InCfYXgtoivGYyYKkE0SwXkuyA5Z_0hHUVRUSiQIGuhal1wu8WfBY8Nuceeg_jSyVKjXsrRFKpNGTT4gVaBMFQkMiXwRupYHSNhZWaEyPDfbrqRLdlL2TW5GAmOofLEkpXyja3_AQYKOpx_39mXtfZZNJicLSCmlh8AgZTA45k7NTu6WvQyVbsmhNvhcJR4WgcIx_k3EOYOrOmDwMpTAQNfNc-v32xkho5LCOyOX9O8FsarpjKfoknluz1TFI--ynNHwnPcibBXCa9r8NecgmtLLHRvj12FWidPJ8MiUage8FFP98Dwzu6dGpwreL7pQ0fSnH37aMxkdStp8cmgtlkTJznqWp20lHZFl7NEtdJ6AUdn0Zw5WLw_uGCL8QD__0Kd2vmJILplVcLRa2F0a8k9GgCkxWAo6GV7RCGBGdD-6BzwekyA5PkOzxqO613ZrHGQeNXl1Z4EfQTF-4PLcdFOngKfleVNibckPEZTjbW2XL8k4enVMZ7eYSypTfCBrdVqYVgl0allj13OqNlhmo4-_juhRdKs2MhdHtTPF4VkV7ICxeyikCTshQ1sBahpg7jkY2SdvQqwKEPKpKB1p-m8_m3q_vjtecBNrjsdaYvF8-tItnHfXrNvKeaWg0gVDZwTbd_mGscC413HtUwrRtQ75kbtWphTp-ITOvUuI3drbabCrenPwvfMdEsuGSN0HgV2Tn1VbYmAvis_D90ShUCeLh3Apdw2PteBqdgqgPW4kZUWAmFxj4yaIWUdj9Q1h1He2vaktOEljliq_m4iyTxLePJzsUXPzg0iGcrwa9HVPJyTYjNzos1_HDR4KDRsWGwHQY5OfgCbK-DWIiPoqxGimJ765k2ZGGEkTM-nJeDSq-Jhy-nQLfYDbzdAqqIEppH8aOARYRp7OV1VG3ZATnw6RHCUwhIO_7979py6pi7uR-I2XsEuBaC0Kw7vFzlahltgfq1-ddjqcBFdaTFSRu0LXAQJJILRS_AajwzyZEMgG6P0cgy_1Ic00OcmEFWEoru9sodbrpqmgzMXW6nHah6adCttYPybzTQr4sPYHA_7rG6KHfcC7aj3-rFZtTiXmsHn88yHLHGWNQQ9QLGjmySIur_j158hX2ALHQGBRrmiAikeM31_RpEz8L1QN_7dQUzvBV1B0cxNzrQRFGYZv4oSlJjGgfxJTh-0Qftt2ne3sLyupt9j3r3wKXAYo36qJ-sSmeTVsYrXqKwh0RqxkxeFXfRACgadRhmeWhuaBJU9p-GTZa5XWX1poDdrcw9pWgilAyZJ--2x20zp06QD_bBh_3NiVQQ08n7tUHc_MTRmdvxoYZy_lVi-rsOOgyqkisjMao6Gcugh7nG8WHL81TOTmfiHyyo-BEqKzkZB8ww3fFZdVAB91VNESsg3zToGdklEr3vyYr8V7tagwfeVmOpqv0RX0apQ-5TdJY-6SPetuBgpPGoWeJox3kMq0tjmLXFiN5Zk4Aymnb1twaSUCD72-riUssjzZiWdRYrnrYlbe7xrzQb1Tb7ahAMokUxwsnNrM6dpJcyp5S-hX4Qxx-E6vRTAZrhZENQeUTr0Azns0WYz1xf45zhE8U2cgGOCgkCqk9gAJrk_sms9p221uFBfsyWVtd2-aA3MvoPgIiV6Fyd7aQYoCLfqZz62YB2CFFytcpqEagQlCfup4s3ib6ARmDwj5VU0dvu-lCD2Sg1xVQaDlW4_CIs8_Adz2O08eViBio3FCSMIqr4g5oQYRKPIOeUbfjDjbdWWkrUorFpzKMpaPccslCaX18L_ivXEwkKct3JOLRTCs3S62owDod7l4tmEmHQNGbRbvLfZ5-16DuFaXgUW4p8PTL-g&cid=CAASJ-RodQbBQ9XG-n4WdSUlF61WFiGm5amUgisHs-BIx77m5mq09i3XbA&rfl=1%2Chttp%253A%252F%252Farsiv.sahadan.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 21:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 21:58:36 GMT
5k5foko8xl42
hal9000.redintelligence.net/zone/ Frame DFD7 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/5k5foko8xl42?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqraJ56M9Y6b9NsqS9u8Pm_CmIJumgKJpxZTqi84P8C4QASC6l-0eYJWCgIDAB8gBCakCGkXcm1W6sD6oAwGqBOUBT9CXTybKWKEE68O1oRp6zCWtybIOcRBfkcC393xY6jqYxHbUvFOCSBl0dp9GmIcV2TEqryN3Co7L0cQHtsJDAC0lrW0dvQDrkoHthXJTHo2bxW1Bljrxfrnjk_TL3lQrp8VVotsYdl9HaPriK1kdQ-XabvqXXBf_ivDzd0_vWW9oRhNLoj6cT0qgu5ahfxXpg03J1CMrnxXy_rriNRqwdSSJGxSbkxl4uBg_9Cz7vgYANQilv-W16BBSM115CK9BO9CKxhRTq2JFLIxKLySegRk9p7QAnsIR1mHmIuZrpb4cAqxMVcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTEzODYwOTUyNTM0NTYwNDaACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RodQbBQ9XG-n4WdSUlF61WFiGm5amUgisHs-BIx77m5mq09i3XbA%26sig%3DAOD64_20r7brVHH9cQHbFV8ZFfPyMFi1Ng%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-CSe2koJ1AVHPy9H90WLxO3kMQTHtPa8F770mOKzCLqYBfC1npb_gwEz8vabRjOMNU3aYiKjwCRBLFdKmcoc04o04J4kKFniSyHFwMIYHzJKpQWGF8mLFAb4bOXHIWo9P4cvUl3ADlmo7lxut8TpuTyPMU_cOdmk3ugkE5YMqazxkatsCo%26cry%3D1%26dbm_d%3DAKAmf-B4B99T0d0GsxLFmMVQt9D-43Dys8ndrVkadu1qffYklrVKbVRqR-QMtvJKKhBx1gBRdTmgTGNOOGijUAufj2rmoI856Exy-xczIFFnAJKr_BCQTgX63MSbGsPx2Jt2_LGhCOdG5GNMqtCqFZy-zVAI_c1Lm4AQ5vdjXQPeEj9nLSQy076B2BLynwm6YPumV-trwJhBAVptCwlKxyqxR8k3fxyLLEOQTTqfpIm0JaGpAX-8FBqea79nO-MnKc_4pnmSBMWXogd2zBShTGG6iS609s5hcYpT0cDLgpQDHH_lQK7RqAELIBQW7kSWgKjJF4OusB0S0A2_wMK8x9lQJMdiZ0T0WezboggpFc4_NgTgfiGQGnp_k4SdONiJ5CdvdxnnfScSOJiWvAby9jsHTzCl5bVnj-eUAAS7BDNkR_02mp_D0BTdenXOb5vTffv1I3oCPJuWMpmC_O_Zu5xOhtdm6whu_9Sgbl2RRlzMxBAEnXdg8M1c_JTWsa-g41xcHP5xUaMwhzbDI9r68kxMUcWtOlApjqFXWoMf8Q0Ic5EuIaeaRgI%26adurl%3D
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
121f06391f8b4ce267b855305ee2045a9f02125e8514c217b2824b4565980212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:00 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4068
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
get.ashx
run.admost.com/adx/ 		23 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=29753&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:00 GMT
Server
haproxy-go
Var
s:go917;c:1;e:32;hc:12
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
23
Expires
-1
si
googleads.g.doubleclick.net/pagead/drt/ Frame C659
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:34:00 GMT
expires
Wed, 05 Oct 2022 15:34:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:34:00 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 15B5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
139524
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 00:48:36 GMT
expires
Wed, 04 Oct 2023 00:48:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
pagead2.googlesyndication.com/bg/ Frame 15B5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16034
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 15:30:47 GMT
request.php
hal900012.redintelligence.net/ Frame DFD7
Redirect Chain
  • https://hal900012.redintelligence.net/request.php?zone=5k5foko8xl42&nw=20&renderingType=javascript&namespace=165af5e300&subid=&uid=2a9fcd210f48043e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900012.redintelligence.net/request.php?zone=5k5foko8xl42&nw=20&renderingType=javascript&namespace=165af5e300&subid=&uid=2a9fcd210f48043e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request.php?zone=5k5foko8xl42&nw=20&renderingType=javascript&namespace=165af5e300&subid=&uid=2a9fcd210f48043e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqraJ56M9Y6b9NsqS9u8Pm_CmIJumgKJpxZTqi84P8C4QASC6l-0eYJWCgIDAB8gBCakCGkXcm1W6sD6oAwGqBOUBT9CXTybKWKEE68O1oRp6zCWtybIOcRBfkcC393xY6jqYxHbUvFOCSBl0dp9GmIcV2TEqryN3Co7L0cQHtsJDAC0lrW0dvQDrkoHthXJTHo2bxW1Bljrxfrnjk_TL3lQrp8VVotsYdl9HaPriK1kdQ-XabvqXXBf_ivDzd0_vWW9oRhNLoj6cT0qgu5ahfxXpg03J1CMrnxXy_rriNRqwdSSJGxSbkxl4uBg_9Cz7vgYANQilv-W16BBSM115CK9BO9CKxhRTq2JFLIxKLySegRk9p7QAnsIR1mHmIuZrpb4cAqxMVcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTEzODYwOTUyNTM0NTYwNDaACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RodQbBQ9XG-n4WdSUlF61WFiGm5amUgisHs-BIx77m5mq09i3XbA%26sig%3DAOD64_20r7brVHH9cQHbFV8ZFfPyMFi1Ng%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-CSe2koJ1AVHPy9H90WLxO3kMQTHtPa8F770mOKzCLqYBfC1npb_gwEz8vabRjOMNU3aYiKjwCRBLFdKmcoc04o04J4kKFniSyHFwMIYHzJKpQWGF8mLFAb4bOXHIWo9P4cvUl3ADlmo7lxut8TpuTyPMU_cOdmk3ugkE5YMqazxkatsCo%26cry%3D1%26dbm_d%3DAKAmf-B4B99T0d0GsxLFmMVQt9D-43Dys8ndrVkadu1qffYklrVKbVRqR-QMtvJKKhBx1gBRdTmgTGNOOGijUAufj2rmoI856Exy-xczIFFnAJKr_BCQTgX63MSbGsPx2Jt2_LGhCOdG5GNMqtCqFZy-zVAI_c1Lm4AQ5vdjXQPeEj9nLSQy076B2BLynwm6YPumV-trwJhBAVptCwlKxyqxR8k3fxyLLEOQTTqfpIm0JaGpAX-8FBqea79nO-MnKc_4pnmSBMWXogd2zBShTGG6iS609s5hcYpT0cDLgpQDHH_lQK7RqAELIBQW7kSWgKjJF4OusB0S0A2_wMK8x9lQJMdiZ0T0WezboggpFc4_NgTgfiGQGnp_k4SdONiJ5CdvdxnnfScSOJiWvAby9jsHTzCl5bVnj-eUAAS7BDNkR_02mp_D0BTdenXOb5vTffv1I3oCPJuWMpmC_O_Zu5xOhtdm6whu_9Sgbl2RRlzMxBAEnXdg8M1c_JTWsa-g41xcHP5xUaMwhzbDI9r68kxMUcWtOlApjqFXWoMf8Q0Ic5EuIaeaRgI%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=1124871694557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
8eb210f051cf5fb47c491940ac07f6ec351ffc3d16546f9d4c6538023dd9b55e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:00 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
64667200082843704445330012103012
Connection
close
Content-Length
1304
Expires
Wed, 05 Oct 2022 16:34:00 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:00 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=5k5foko8xl42&nw=20&renderingType=javascript&namespace=165af5e300&subid=&uid=2a9fcd210f48043e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqraJ56M9Y6b9NsqS9u8Pm_CmIJumgKJpxZTqi84P8C4QASC6l-0eYJWCgIDAB8gBCakCGkXcm1W6sD6oAwGqBOUBT9CXTybKWKEE68O1oRp6zCWtybIOcRBfkcC393xY6jqYxHbUvFOCSBl0dp9GmIcV2TEqryN3Co7L0cQHtsJDAC0lrW0dvQDrkoHthXJTHo2bxW1Bljrxfrnjk_TL3lQrp8VVotsYdl9HaPriK1kdQ-XabvqXXBf_ivDzd0_vWW9oRhNLoj6cT0qgu5ahfxXpg03J1CMrnxXy_rriNRqwdSSJGxSbkxl4uBg_9Cz7vgYANQilv-W16BBSM115CK9BO9CKxhRTq2JFLIxKLySegRk9p7QAnsIR1mHmIuZrpb4cAqxMVcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTEzODYwOTUyNTM0NTYwNDaACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RodQbBQ9XG-n4WdSUlF61WFiGm5amUgisHs-BIx77m5mq09i3XbA%26sig%3DAOD64_20r7brVHH9cQHbFV8ZFfPyMFi1Ng%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-CSe2koJ1AVHPy9H90WLxO3kMQTHtPa8F770mOKzCLqYBfC1npb_gwEz8vabRjOMNU3aYiKjwCRBLFdKmcoc04o04J4kKFniSyHFwMIYHzJKpQWGF8mLFAb4bOXHIWo9P4cvUl3ADlmo7lxut8TpuTyPMU_cOdmk3ugkE5YMqazxkatsCo%26cry%3D1%26dbm_d%3DAKAmf-B4B99T0d0GsxLFmMVQt9D-43Dys8ndrVkadu1qffYklrVKbVRqR-QMtvJKKhBx1gBRdTmgTGNOOGijUAufj2rmoI856Exy-xczIFFnAJKr_BCQTgX63MSbGsPx2Jt2_LGhCOdG5GNMqtCqFZy-zVAI_c1Lm4AQ5vdjXQPeEj9nLSQy076B2BLynwm6YPumV-trwJhBAVptCwlKxyqxR8k3fxyLLEOQTTqfpIm0JaGpAX-8FBqea79nO-MnKc_4pnmSBMWXogd2zBShTGG6iS609s5hcYpT0cDLgpQDHH_lQK7RqAELIBQW7kSWgKjJF4OusB0S0A2_wMK8x9lQJMdiZ0T0WezboggpFc4_NgTgfiGQGnp_k4SdONiJ5CdvdxnnfScSOJiWvAby9jsHTzCl5bVnj-eUAAS7BDNkR_02mp_D0BTdenXOb5vTffv1I3oCPJuWMpmC_O_Zu5xOhtdm6whu_9Sgbl2RRlzMxBAEnXdg8M1c_JTWsa-g41xcHP5xUaMwhzbDI9r68kxMUcWtOlApjqFXWoMf8Q0Ic5EuIaeaRgI%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=1124871694557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Wed, 05 Oct 2022 16:34:00 +0200
get.ashx
run.admost.com/adx/ 		23 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=26436&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:00 GMT
Server
haproxy-go
Var
s:go917;c:1;e:37;hc:11
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
23
Expires
-1
file.mp4
r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/265a859ffabaa7f2/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779596423/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 25BB
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/265a859ffabaa7f2/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779596423/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/265a859ffabaa7f2/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779596423/sparams/acao,ctier,expire,id,ip,ipbits,ita...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/265a859ffabaa7f2/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779596423/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/56B00892FF8625C6105FAD8C250C145AA3E961A2.6BFFE82DBE965C9BF8849D4A60EA8060E4582CE6/key/cms1/cms_redirect/yes/mh/UY/mip/2a02:6ea0:c71b:0:1012:22f8:5f88:586a/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1664983219/mv/u/mvi/3/pl/48/file/file.mp4
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:6f::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
0d9e3d4b89f176becf05bc50cf86a5966d3e5a6f87f986bae3a65c1be3b04a5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 25 Oct 2021 07:52:20 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1293279/1293280
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1293280
Expires
Wed, 05 Oct 2022 15:34:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/265a859ffabaa7f2/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779596423/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/56B00892FF8625C6105FAD8C250C145AA3E961A2.6BFFE82DBE965C9BF8849D4A60EA8060E4582CE6/key/cms1/cms_redirect/yes/mh/UY/mip/2a02:6ea0:c71b:0:1012:22f8:5f88:586a/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1664983219/mv/u/mvi/3/pl/48/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
666
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 25BB 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=2~l8vsibsj&c=1703062874021&slotId=851531437010.5&qqid=CKSY_PG0yfoCFZWH_QcdRCwLMQ&fb=web_video-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=801&mt=video%2Fmp4&vs=640x360&ulv=1&vmfc=17&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fadmanager%252Foutstream%252Fweb_video.js&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:813::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 25BB 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=3~l8vsibwl&c=1703062874021&slotId=851531437010.5&qqid=CKSY_PG0yfoCFZWH_QcdRCwLMQ&fb=web_video-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=801&mt=video%2Fmp4&vs=640x360&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fdfp%252Fnative%252Fvolume_off.png&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:813::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 25BB 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=4~l8vsibwl&c=1703062874021&slotId=851531437010.5&qqid=CKSY_PG0yfoCFZWH_QcdRCwLMQ&fb=web_video-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=801&mt=video%2Fmp4&vs=640x360&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fdfp%252Fnative%252Fpause.png&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:813::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 25BB 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=5~l8vsibwl&c=1703062874021&slotId=851531437010.5&qqid=CKSY_PG0yfoCFZWH_QcdRCwLMQ&fb=web_video-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=801&mt=video%2Fmp4&vs=640x360&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fdfp%252Fnative%252Freplay.png&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:813::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get.ashx
run.admost.com/adx/ 		23 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=51258&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Protocol
HTTP/1.1
Server
195.244.38.50 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:00 GMT
Server
haproxy-go
Var
s:go917;c:1;e:52;hc:1
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Length
23
Expires
-1
opacity_black.png
is.cdn.md/i4/Img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/opacity_black.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.103 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists1) /
Resource Hash
66c473d28591572dcdf5e6f5ace03c5e2dafdf17516956d9556d8d703e447c2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:33:58 GMT
Last-Modified
Mon, 15 Aug 2022 12:45:16 GMT
Server
CCAcc (1.0.1/nvm-ists1)
ETag
"9140dadea4b0d81:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1389
Expires
Fri, 04 Nov 2022 15:33:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto
Protocol
HTTP/1.1
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://arsiv.sahadan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 20:10:49 GMT
X-Content-Type-Options
nosniff
Age
588191
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15744
X-XSS-Protection
0
Last-Modified
Wed, 11 May 2022 19:24:48 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 28 Sep 2023 20:10:49 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto
Protocol
HTTP/1.1
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://arsiv.sahadan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 15:28:46 GMT
X-Content-Type-Options
nosniff
Age
518714
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
11872
X-XSS-Protection
0
Last-Modified
Wed, 11 May 2022 19:25:01 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 29 Sep 2023 15:28:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 15B5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQl2q6KM9Y7f8G9Sl9u8Pwq-ruA4AAAAAOAHgBAI&bg=!LyylLGjNAAYQgTJdMIE7ACkAdvg8WmVx2ulx2NjaPoA9WfCEgcTa2Fq43AUD_jutl0nqLFQ-dwRBvQIAAABnUgAAAAFoAQeZAuuZDEHQJr2BujwvGn_t5R5igz7aOLvUU89q4qTkTHO7CprZ0QtOqbiWw24ZLES55v6Ner7kAKZovswru1vZTVjL7hmWwUaVXmadAqFEOYnmqx2h3BBrUDPzZ4zQyeLTe4BcOLcvUI4EyhOkS-mDUf17Gke0aMwxI9ZaOyOksY5DjbGjR6rYFsJ-n4xONeuBOMwFam3vBNRfOiLsRSXeXrvxi-VAoKcCBuO4UdF3-ah8s2OWQppIp_lqmesSrsWfX9SXJ0IL5tX2QsTFh0-BByDeUq5iLeEQgPq2PxkJ4ar-3c3p32_NPwBZkzt0gObjHwuiJKZ0P7yJTl0J7tTwEFAu0g9rc7XPOFi_hMip8hyf0Cy_Y7HIp8xEowO7hO8JBtzcwMCIM3qcA4MwRSWQyir6oxUVEyDEsARzJOJlT8tzgLg3NO8wBsLLWTZqN8l8TifPU2-tgq6p0f-cmR1KEDotjkwFJToI1hodxgsRokikqCLY18smUWTqJgQyjCFYeiaBSnms698tsLAzfrQ7ZziNBTysiqd5LGoeeSRqCw3dU5zMwx8zNIQSGDc7WlKyJcZSXww2O8G-NMNfMUN3bRW1mztB3WQ6L4zvhDUC76qLtnqrf_kha0F0UAOB06Evi5JCD7iRKhs0fsPoxqObV7wKZ6m3Qa0jRCwJXM4cwY_7Cj2cbrvzkvQ7t_RtkJOHhSl5CN3uJo-_u6GeURh6YK-B66MGRezxIg0hfLI6FjYIIuERCD0nQpAyUx76Nh7qezIecP3fgGZmhoLuH0ahcpyvMoaliJAAhbXx5O-3EXfbUwFsecCOXDs1XvBJvEDw3GQFZ4rWbqvnpKz_D1l1DR1bJqELv8Hdx7DUlVQ3Ve__mT6lZdmz3NoKd5gYtrIXNJw8iLlQJRmJ58Ry-N1A8DWxqTqAyGqAIkowWxJizldzWwTRlDCewQlgy6MrmD4G-UZ-EkgGS08mvUN83sxewXVXjKFpgzaW5GcsFAA
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
85444b226f71dc04e1928aeaa1129042d3a9ccc1.js
baltar.dimml.io/flow/dv74/ 		0
282 B 		Script
General
Check archive.org
Download Go to
Full URL
http://baltar.dimml.io/flow/dv74/85444b226f71dc04e1928aeaa1129042d3a9ccc1.js?clientId=2&dom=arsiv.sahadan.com&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&gemius_sent_once=1
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
34.254.127.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-127-56.eu-west-1.compute.amazonaws.com
Software
dimml-2.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 5 Oct 2022 15:34:00 GMT
X-DimML-Version
2.2 vH8ffFv9
Server
dimml-2.2
Vary
*
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
0
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 9AED 		559 B
932 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=64667200082843704445330012103012&t=htlp
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=5k5foko8xl42&nw=20&renderingType=javascript&namespace=165af5e300&subid=&uid=2a9fcd210f48043e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqraJ56M9Y6b9NsqS9u8Pm_CmIJumgKJpxZTqi84P8C4QASC6l-0eYJWCgIDAB8gBCakCGkXcm1W6sD6oAwGqBOUBT9CXTybKWKEE68O1oRp6zCWtybIOcRBfkcC393xY6jqYxHbUvFOCSBl0dp9GmIcV2TEqryN3Co7L0cQHtsJDAC0lrW0dvQDrkoHthXJTHo2bxW1Bljrxfrnjk_TL3lQrp8VVotsYdl9HaPriK1kdQ-XabvqXXBf_ivDzd0_vWW9oRhNLoj6cT0qgu5ahfxXpg03J1CMrnxXy_rriNRqwdSSJGxSbkxl4uBg_9Cz7vgYANQilv-W16BBSM115CK9BO9CKxhRTq2JFLIxKLySegRk9p7QAnsIR1mHmIuZrpb4cAqxMVcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTEzODYwOTUyNTM0NTYwNDaACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RodQbBQ9XG-n4WdSUlF61WFiGm5amUgisHs-BIx77m5mq09i3XbA%26sig%3DAOD64_20r7brVHH9cQHbFV8ZFfPyMFi1Ng%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-CSe2koJ1AVHPy9H90WLxO3kMQTHtPa8F770mOKzCLqYBfC1npb_gwEz8vabRjOMNU3aYiKjwCRBLFdKmcoc04o04J4kKFniSyHFwMIYHzJKpQWGF8mLFAb4bOXHIWo9P4cvUl3ADlmo7lxut8TpuTyPMU_cOdmk3ugkE5YMqazxkatsCo%26cry%3D1%26dbm_d%3DAKAmf-B4B99T0d0GsxLFmMVQt9D-43Dys8ndrVkadu1qffYklrVKbVRqR-QMtvJKKhBx1gBRdTmgTGNOOGijUAufj2rmoI856Exy-xczIFFnAJKr_BCQTgX63MSbGsPx2Jt2_LGhCOdG5GNMqtCqFZy-zVAI_c1Lm4AQ5vdjXQPeEj9nLSQy076B2BLynwm6YPumV-trwJhBAVptCwlKxyqxR8k3fxyLLEOQTTqfpIm0JaGpAX-8FBqea79nO-MnKc_4pnmSBMWXogd2zBShTGG6iS609s5hcYpT0cDLgpQDHH_lQK7RqAELIBQW7kSWgKjJF4OusB0S0A2_wMK8x9lQJMdiZ0T0WezboggpFc4_NgTgfiGQGnp_k4SdONiJ5CdvdxnnfScSOJiWvAby9jsHTzCl5bVnj-eUAAS7BDNkR_02mp_D0BTdenXOb5vTffv1I3oCPJuWMpmC_O_Zu5xOhtdm6whu_9Sgbl2RRlzMxBAEnXdg8M1c_JTWsa-g41xcHP5xUaMwhzbDI9r68kxMUcWtOlApjqFXWoMf8Q0Ic5EuIaeaRgI%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=1124871694557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
e3219f0c7466ddb2c626a3d104277441d8b1a20e239606f7fda68ed6a35e3dfa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
559
Content-Type
text/html; charset=utf-8
Date
Wed, 05 Oct 2022 15:34:00 GMT
Keep-Alive
timeout=20
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
8AC72686:D60A_91EFC182:01BB_633DA3E8_15326F5C:2A46B
index.html
www.parship.de/wplp/htlp/de/ Frame FE02
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=64667200082843704445330012103012&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID
558 B
898 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=5k5foko8xl42&nw=20&renderingType=javascript&namespace=165af5e300&subid=&uid=2a9fcd210f48043e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqraJ56M9Y6b9NsqS9u8Pm_CmIJumgKJpxZTqi84P8C4QASC6l-0eYJWCgIDAB8gBCakCGkXcm1W6sD6oAwGqBOUBT9CXTybKWKEE68O1oRp6zCWtybIOcRBfkcC393xY6jqYxHbUvFOCSBl0dp9GmIcV2TEqryN3Co7L0cQHtsJDAC0lrW0dvQDrkoHthXJTHo2bxW1Bljrxfrnjk_TL3lQrp8VVotsYdl9HaPriK1kdQ-XabvqXXBf_ivDzd0_vWW9oRhNLoj6cT0qgu5ahfxXpg03J1CMrnxXy_rriNRqwdSSJGxSbkxl4uBg_9Cz7vgYANQilv-W16BBSM115CK9BO9CKxhRTq2JFLIxKLySegRk9p7QAnsIR1mHmIuZrpb4cAqxMVcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTEzODYwOTUyNTM0NTYwNDaACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RodQbBQ9XG-n4WdSUlF61WFiGm5amUgisHs-BIx77m5mq09i3XbA%26sig%3DAOD64_20r7brVHH9cQHbFV8ZFfPyMFi1Ng%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-CSe2koJ1AVHPy9H90WLxO3kMQTHtPa8F770mOKzCLqYBfC1npb_gwEz8vabRjOMNU3aYiKjwCRBLFdKmcoc04o04J4kKFniSyHFwMIYHzJKpQWGF8mLFAb4bOXHIWo9P4cvUl3ADlmo7lxut8TpuTyPMU_cOdmk3ugkE5YMqazxkatsCo%26cry%3D1%26dbm_d%3DAKAmf-B4B99T0d0GsxLFmMVQt9D-43Dys8ndrVkadu1qffYklrVKbVRqR-QMtvJKKhBx1gBRdTmgTGNOOGijUAufj2rmoI856Exy-xczIFFnAJKr_BCQTgX63MSbGsPx2Jt2_LGhCOdG5GNMqtCqFZy-zVAI_c1Lm4AQ5vdjXQPeEj9nLSQy076B2BLynwm6YPumV-trwJhBAVptCwlKxyqxR8k3fxyLLEOQTTqfpIm0JaGpAX-8FBqea79nO-MnKc_4pnmSBMWXogd2zBShTGG6iS609s5hcYpT0cDLgpQDHH_lQK7RqAELIBQW7kSWgKjJF4OusB0S0A2_wMK8x9lQJMdiZ0T0WezboggpFc4_NgTgfiGQGnp_k4SdONiJ5CdvdxnnfScSOJiWvAby9jsHTzCl5bVnj-eUAAS7BDNkR_02mp_D0BTdenXOb5vTffv1I3oCPJuWMpmC_O_Zu5xOhtdm6whu_9Sgbl2RRlzMxBAEnXdg8M1c_JTWsa-g41xcHP5xUaMwhzbDI9r68kxMUcWtOlApjqFXWoMf8Q0Ic5EuIaeaRgI%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=1124871694557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
cdn-cache-control
max-age=30, stale-if-error=432000
cf-cache-status
REVALIDATED
cf-ray
755738101d9d5c5c-FRA
content-encoding
gzip
content-length
325
content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 15:34:01 GMT
last-modified
Mon, 28 Feb 2022 14:30:12 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-ua-compatible
IE=edge

Redirect headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Wed, 05 Oct 2022 15:34:00 GMT
location
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server
nginx
server-id
11
x-robots-tag
noindex, nofollow
/
adv.office-partner.de/ Frame F593 		1 KB
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=5k5foko8xl42&nw=20&renderingType=javascript&namespace=165af5e300&subid=&uid=2a9fcd210f48043e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqraJ56M9Y6b9NsqS9u8Pm_CmIJumgKJpxZTqi84P8C4QASC6l-0eYJWCgIDAB8gBCakCGkXcm1W6sD6oAwGqBOUBT9CXTybKWKEE68O1oRp6zCWtybIOcRBfkcC393xY6jqYxHbUvFOCSBl0dp9GmIcV2TEqryN3Co7L0cQHtsJDAC0lrW0dvQDrkoHthXJTHo2bxW1Bljrxfrnjk_TL3lQrp8VVotsYdl9HaPriK1kdQ-XabvqXXBf_ivDzd0_vWW9oRhNLoj6cT0qgu5ahfxXpg03J1CMrnxXy_rriNRqwdSSJGxSbkxl4uBg_9Cz7vgYANQilv-W16BBSM115CK9BO9CKxhRTq2JFLIxKLySegRk9p7QAnsIR1mHmIuZrpb4cAqxMVcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTEzODYwOTUyNTM0NTYwNDaACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RodQbBQ9XG-n4WdSUlF61WFiGm5amUgisHs-BIx77m5mq09i3XbA%26sig%3DAOD64_20r7brVHH9cQHbFV8ZFfPyMFi1Ng%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-CSe2koJ1AVHPy9H90WLxO3kMQTHtPa8F770mOKzCLqYBfC1npb_gwEz8vabRjOMNU3aYiKjwCRBLFdKmcoc04o04J4kKFniSyHFwMIYHzJKpQWGF8mLFAb4bOXHIWo9P4cvUl3ADlmo7lxut8TpuTyPMU_cOdmk3ugkE5YMqazxkatsCo%26cry%3D1%26dbm_d%3DAKAmf-B4B99T0d0GsxLFmMVQt9D-43Dys8ndrVkadu1qffYklrVKbVRqR-QMtvJKKhBx1gBRdTmgTGNOOGijUAufj2rmoI856Exy-xczIFFnAJKr_BCQTgX63MSbGsPx2Jt2_LGhCOdG5GNMqtCqFZy-zVAI_c1Lm4AQ5vdjXQPeEj9nLSQy076B2BLynwm6YPumV-trwJhBAVptCwlKxyqxR8k3fxyLLEOQTTqfpIm0JaGpAX-8FBqea79nO-MnKc_4pnmSBMWXogd2zBShTGG6iS609s5hcYpT0cDLgpQDHH_lQK7RqAELIBQW7kSWgKjJF4OusB0S0A2_wMK8x9lQJMdiZ0T0WezboggpFc4_NgTgfiGQGnp_k4SdONiJ5CdvdxnnfScSOJiWvAby9jsHTzCl5bVnj-eUAAS7BDNkR_02mp_D0BTdenXOb5vTffv1I3oCPJuWMpmC_O_Zu5xOhtdm6whu_9Sgbl2RRlzMxBAEnXdg8M1c_JTWsa-g41xcHP5xUaMwhzbDI9r68kxMUcWtOlApjqFXWoMf8Q0Ic5EuIaeaRgI%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=1124871694557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 05 Oct 2022 15:34:00 GMT
etag
W/"5ca0a75f-59f"
server
keycdn-engine
x-edge-location
defr
link.html
track.webgains.com/ Frame DFD7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=64667200082843704445330012103012&nw=1
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.138.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-138-70.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
5456a7711a8316413cfefaf002784ed40b25e1bb8b43d1d0e10921051cf3291d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:00 GMT
last-modified
Wed, 05 Oct 2022 15:34:00 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 05 Oct 2022 15:35:00 GMT
activityi;dc_pre=CIPzvvK0yfoCFau17Qod0hMAPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=964528918882.5967
5994599.fls.doubleclick.net/ Frame 253D
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=964528918882.5967?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CIPzvvK0yfoCFau17Qod0hMAPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=964528918882.5967?
391 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIPzvvK0yfoCFau17Qod0hMAPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=964528918882.5967?
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
d2bff305675aebc514c504b1ca9f8bd805df158e90fc073126ba139ee27d56e2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
324
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:34:00 GMT
expires
Wed, 05 Oct 2022 15:34:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:34:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIPzvvK0yfoCFau17Qod0hMAPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=964528918882.5967?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900012.redintelligence.net/ Frame BDB4 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request_content.php?s=64667200082843704445330012103012&a=04ecbd6b
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=5k5foko8xl42&nw=20&renderingType=javascript&namespace=165af5e300&subid=&uid=2a9fcd210f48043e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqraJ56M9Y6b9NsqS9u8Pm_CmIJumgKJpxZTqi84P8C4QASC6l-0eYJWCgIDAB8gBCakCGkXcm1W6sD6oAwGqBOUBT9CXTybKWKEE68O1oRp6zCWtybIOcRBfkcC393xY6jqYxHbUvFOCSBl0dp9GmIcV2TEqryN3Co7L0cQHtsJDAC0lrW0dvQDrkoHthXJTHo2bxW1Bljrxfrnjk_TL3lQrp8VVotsYdl9HaPriK1kdQ-XabvqXXBf_ivDzd0_vWW9oRhNLoj6cT0qgu5ahfxXpg03J1CMrnxXy_rriNRqwdSSJGxSbkxl4uBg_9Cz7vgYANQilv-W16BBSM115CK9BO9CKxhRTq2JFLIxKLySegRk9p7QAnsIR1mHmIuZrpb4cAqxMVcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTEzODYwOTUyNTM0NTYwNDaACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RodQbBQ9XG-n4WdSUlF61WFiGm5amUgisHs-BIx77m5mq09i3XbA%26sig%3DAOD64_20r7brVHH9cQHbFV8ZFfPyMFi1Ng%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-CSe2koJ1AVHPy9H90WLxO3kMQTHtPa8F770mOKzCLqYBfC1npb_gwEz8vabRjOMNU3aYiKjwCRBLFdKmcoc04o04J4kKFniSyHFwMIYHzJKpQWGF8mLFAb4bOXHIWo9P4cvUl3ADlmo7lxut8TpuTyPMU_cOdmk3ugkE5YMqazxkatsCo%26cry%3D1%26dbm_d%3DAKAmf-B4B99T0d0GsxLFmMVQt9D-43Dys8ndrVkadu1qffYklrVKbVRqR-QMtvJKKhBx1gBRdTmgTGNOOGijUAufj2rmoI856Exy-xczIFFnAJKr_BCQTgX63MSbGsPx2Jt2_LGhCOdG5GNMqtCqFZy-zVAI_c1Lm4AQ5vdjXQPeEj9nLSQy076B2BLynwm6YPumV-trwJhBAVptCwlKxyqxR8k3fxyLLEOQTTqfpIm0JaGpAX-8FBqea79nO-MnKc_4pnmSBMWXogd2zBShTGG6iS609s5hcYpT0cDLgpQDHH_lQK7RqAELIBQW7kSWgKjJF4OusB0S0A2_wMK8x9lQJMdiZ0T0WezboggpFc4_NgTgfiGQGnp_k4SdONiJ5CdvdxnnfScSOJiWvAby9jsHTzCl5bVnj-eUAAS7BDNkR_02mp_D0BTdenXOb5vTffv1I3oCPJuWMpmC_O_Zu5xOhtdm6whu_9Sgbl2RRlzMxBAEnXdg8M1c_JTWsa-g41xcHP5xUaMwhzbDI9r68kxMUcWtOlApjqFXWoMf8Q0Ic5EuIaeaRgI%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=1124871694557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
62d51d572fe8a36202afe3422b21b3a1f13ecf1843e1bc7fc6aafb756a8b3c1c

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2110
Content-Type
text/html; charset=utf-8
Date
Wed, 05 Oct 2022 15:34:00 GMT
Expires
Wed, 05 Oct 2022 16:34:00 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame DFD7
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64667200082843704445330012103012
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64667200082843704445330012103012
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64667200082843704445330012103012
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64667200082843704445330012103012
date
Wed, 05 Oct 2022 15:34:00 GMT
server
nginx
content-length
154
content-type
text/html
truncated
/ Frame DFD7 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b3681b1af915cc18f9650b1b79bf684d660ca257e13c4d6fbaca0d0575c0a3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame BDB4 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=64667200082843704445330012103012&a=04ecbd6b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 15:34:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 14:23:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 15:34:00 GMT
/
hal9000.redintelligence.net/scale/ Frame BDB4 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=64667200082843704445330012103012&a=04ecbd6b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
7ab20fdd9ee45b7ed420f924edaefe5b24787d224a7fff3e713a1ddba1e5ffff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:00 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16247
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame BDB4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=64667200082843704445330012103012&a=04ecbd6b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
de8daa27e049afc33fd42d0e387f98fce09710896e5f487d0298ddf9ec6d3999

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:00 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7156
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame BDB4 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=64667200082843704445330012103012&a=04ecbd6b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
bd3a43f2643f0295e41de02e3bde14b0a94f2ee5a6e95dfd7d0048bb9bafb6a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:00 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16531
Vary
Accept-Encoding
Content-Type
image/png
pause.png
www.gstatic.com/dfp/native/ Frame 25BB 		763 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/dfp/native/pause.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:58:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
592536
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
763
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Sep 2023 18:58:24 GMT
viewability
hal900012.redintelligence.net/ Frame BDB4 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/viewability?s=64667200082843704445330012103012&a=adabae63&vb=m
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=64667200082843704445330012103012&a=04ecbd6b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/request_content.php?s=64667200082843704445330012103012&a=04ecbd6b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:00 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame BDB4 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 10:00:12 GMT
x-content-type-options
nosniff
age
106428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 10:00:12 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame BDB4 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 04:18:57 GMT
x-content-type-options
nosniff
age
386103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Oct 2023 04:18:57 GMT
pvClk.min.js
analytics.webgains.io/ Frame DFD7 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=64667200082843704445330012103012&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-29.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:27:46 GMT
content-encoding
gzip
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2022 15:27:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
375
etag
W/"faa933973c404f8cfedacd4b67a60b85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
IPDGyjtQcswcsz_fq2IuYSetVdJzMA8fcWuHuiGOlol_VjvIzhZF1w==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame DFD7 		85 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1664984340&Signature=AtRyyE7D1jXgSM9k7JTX8vQpqjFZq8qAPLIc5JuR0OJrqWQe9uAOetjHzrwvPxxEmpsgiC8HDG-clW9eAQYSmCXRoU-BqDM5IhVbQu8poDmrfF~09-R4TyLpuXRkqsF0D3nlbS2yvBbd9fRbQEK4Prj4XpTn8WYqbeh2vO1467PEQJ3Id5JacuI~x8kMHXijHpGQYHFcnxS9kHu1LZhRdw5YSvIQUVwJ-f2VGrwxSaahE3kUwuBopsaov~lV735DHr98cXNd6j2mArk6krfKt0sNNDjTEvkTSGC3E3bdV5olmef5P6zg6hMKJIRNJBge-9GE-Z-FsCJ-V8xNnTKhZg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-30.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 05 Oct 2022 10:11:16 GMT
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
19372
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
yYC4hjXN_IUZc19rBP8a2czPGzBF82OfhzjhHLrq7UKMs01wS-udVQ==
dc_pre=CIPzvvK0yfoCFau17Qod0hMAPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=964528918882.5967
adservice.google.com/ddm/fls/z/ Frame 253D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIPzvvK0yfoCFau17Qod0hMAPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=964528918882.5967
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIPzvvK0yfoCFau17Qod0hMAPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=964528918882.5967?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI8vGu8rTJ-gIVbKRRCh13_whTEAAYACDGtb5MQhMIpJj88bTJ-gIVlYf9Bx1ELAsx;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 25BB 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8vGu8rTJ-gIVbKRRCh13_whTEAAYACDGtb5MQhMIpJj88bTJ-gIVlYf9Bx1ELAsx;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D0%26bt%3D0%26pst%3D0%26dur%3D10368%26vmtime%3D213%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364634222%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664984041078;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 25BB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIA2556M9Y-SILpWP9u8PxNisiAON1e7DbOzoiKGuDvAuEAEgupftHmCVgoCAwAfIAQapAhpF3JtVurA-qAMByAObBKoE4AFP0EqMEr-PL1YDCqMRUjdeZq4XW4CDyC2ba6ysoFg7MJGSL-9Vd9mMAdGJcC0PHimcDXaj8F7EfTaBpNTIlYR_CQSjant9DLkK-ATc5RLxNfU5Spw7ioW48eXpcjHAYP7kIj9CBb-JNj-2deFUSil-ejaylnMv1du-cSXQk3aCPs2hmV2ByGMz8K4N5RQSMOhqeQ1cDUhk_yl77KQS9xglryzGgZoX6kdDE2IexJVJioUDA7C7o5xCfixLd2a-PJs0q_tyzvZNwXiTfM9b8659QlTBuHPGlG7qnRALeffVW8AE0b7M6KUD4AQDkAYBoAY3gAf5v5hiqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2sQloeMWwyZwcWoAKA5gLAcgLAbATkcHkCtATANgTA4gUBNgUAdAVAfgWAYAXAQ&sigh=2VKgdP0U9Fg&label=part2viewed&ad_mt=213
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 25BB 		0
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgXzhzZBsHpE01z0EQK0pksJz0JF5hrQIDvXfdabsuKHIc03ss6e1Bp0LMRpRhxQwDjkdcgPAc1ICgZPwQeYN4H16KcCZ6Z0XARNHOqEEiIcmKjJrup_kwfJRCRKAZm6dun95QM1-GoNm-s3yC&sai=AMfl-YRf2tp0g4ZS2Y8OdZaTFBW-EzyZKIBaOyrjJE94KX-nzT7uw5N3EKHeuJOfJIrN66YdOe3oRyUi6NZcuKbuIHJmhrA3GWWuD0zp2Xsdc7LuTn9JNOM0-4kiLwohKYaXe5U&sig=Cg0ArKJSzFlkAUJX_lVpEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
rtb-csync.smartadserver.com/redir/ Frame 25BB
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDRyVUY-53PuAEgATAB&v=APEucNVmuW4YzpNLPG8mSB2xoGu15H4suYzpgccGOqseekThCPMDorVIZzgQlosbleOZR6MCSONIGYimsSYUlPAWPHNLRtAHLg
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGK7iCPrSQgF2LzY3Nb5AC8&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGK7iCPrSQgF2LzY3Nb5AC8&google_cver=1
Protocol
HTTP/1.1
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:00 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGK7iCPrSQgF2LzY3Nb5AC8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 25BB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtcLbOeWb5ueucEqB_zFrr1Zly0Nl3n_OtVS-lIldgERFOpgOW_k1YMZKrryUgSIl5bqtWV3Q44u40IEGKmG8n4P09hvSGkcOVMcZ4WE8l7gfaIk9muOvm1pk9xR3y0Ch45zPldqchiwFHsR44kHUk0tIJow&dbm_d=AKAmf-Ag3ydsM5kDKpATLyQfnMBzcZEHZYoNvEmywU3l92q5hZNFV1Uayn21RvO1wUmX1ZbToYWkS6JTBTliRPLoImeeurcGak9NuYZIebZELRWgmnvppYYnJYdqymW6u6h_l23Nb-r-XVtsGAAzCL5NWG208W2m-7SrHZ8M2gM58e7cfr_XDKvq9TC7k3WE7OxmjDUw7MQ-2ez-rntdBAkxb7SYjWPvo2_9JqfhaNUpPWTBnxGIcDGc9rhZ_cHpd2qh7njn7aH6FE2aSPxzKgnvn9r6z-PYj9sSYd1_9kbqjQi91K5PldoT_EOZ8VE674P8nYvmDRiPcMOyaWAq9CLqtYRLta7LhT9pgbuuMbjmElJBVc2NAw9FGhiXFIp7MdDIj-ukCgplz6g-EwOhzsvwzPmRBEU9ziWSZ7obiIQBKvXp8KLR9cRK4ipOrX3ATcF4kLcp4wSmtsrUUrfjVjYVSFaHeoRuIXrlICIWBsLFsBL6ts5rtHlSztW64RRBTPB5LlfXAapO7MfTfXO4zw_Ec3ZiPm3Qapj5tRLeC8at2NRTZJ7iTiyqzUhIc2fOcjCkIWFJQTQ0s3vDN_lT0rn_x1FrOyWqFGmTRAjui2tz4xeHjvZtlp28KpDChrKItXWP0oPU_YRdxZ3bUEwQcYaVkGKEo-qqNl1Fc9oR4bDQrsN9GFxDipdBx15a_c6QvARGb-BKwDtR9XZZROWIKNhp4MNj0SJ6ixrFl8GeuOYB3O6WV5VvdKx3JFWDQw5P53Pd4St9SY3NSK0xVVC-1HpXn9z1BzIpzUy1Q2BfZ2FoTG9_zK9TQY41dLKNQvUUglQ56iaS6pBf3EVSuW8vYnIeK-7GzXpPS9r9F_LeNH4A7idcwNnwPAk4lLJy-iuCMA_IKeR3nV2LoogsN9LOJtkxx8-keZhnKrEulwIqdVafy5yakluRDErrdIb43uCpuj7_xkIB053FcyBv59M4pd5g7fwT_qLdyuWwT9r1NDFCL7FjrZ4qs-unLeVdvnysEigWM7MBznP4btHsBsnRlVJiQaax3Eq6po6wBsXOMaPMPo38yebkd8J7XfX4pCZzcAVd6YpSkoIe7ful7cjtjzbC0nYYLXi67XRVBhqGNxJhRm74HA9U8bjK08eTo_fQMTHMHqrrrv_7gKFEwgUgc77u3rMJObkJu7_SN7KOWyAsnc03f96ePwObyljC3D7BUpJZvRfyNnGkHoxiTSk-YWAkpozu7FqMJHHbh8rO7XuHe2_CJfahIJpH2UGeLVIs650X9XjaDvHc-Ovg2Yl3y2oS_YueGwcH8q5xuMk74VjtSRoMWP4xbdRExZt0M3AXyUrG-acO4l8J4StAPTzjjgDqOYREjx5Nel6aLbFJS01SBuXdkx2qOZnWy6MMGAhK4Xui-GV5x5YP-k6ZRvABHxk4D06uK25U5RBZowCMf0it7VnhoXYaH_kB3Vy0ZeKxjdYf84dArnlF5DIkmfx6edTQ3t0j5UmU2_lwUCm395TT5ZRVaW3Zn7dSZCC58hf-IVpbjmzcy0KPxCMpq-oIT2Q8ijknU-8CXQlp7TYYgx2q9nLIqPqRnTb9gitqOQPZgKxl10qd96VOw4iY4NasXN4LpgGoYIzt8j9mMOzwKo_KT15Kbhwq-azpfitGqMuXIh_roVRAZ_baFHrn8OePikVth5ZnpGl6iLbV0288fO6ulv9wB6b6Hoos1-4QHmXskkdK-34IbtzIMaBfKy5SiFN_mu_CSSK1gUP5_lAbXvkRA-5-DFl7EKEN_EuOvqX6rGWpp9OIF0sdb-B3BoqdqwsRJbMLkGoibyFGYu5iJ7FDLBy4WSOa5fauHXL9YBirnl15id30KdkNPXBGkqgk3YjX-UtmY7GL6YAh6L9ak2pvGmy1DC4C8vLwR_oepF64qaQal3HDMh2AXDOZEqSxj8BAvR0CCdL1N5hPF8ovHdvrWCSfWvlTRD0FWg1cK-9GLClrQoFm4DROODNBwqCM_-qarwLwzMQ73vqJId0vUS_jDVwUfE73rz8dkgp0g7wXjuLAFR3HQiiyp9PLQdak2Buc1dMTMp9AUtY1nMEpgjVjaHQUdD0TRDIN5qu3-9Q3_AZc9IXooZFR_DmUYZiHT4UgO6N_72nyJ8O2WX--kI9_6QsMk23D_2jGcX5BIHSuahZ5tlLJV4cqNBVaBIGJI_Kmtw1ZTCN8ZhqdtxIuaLDwwptyDMf7PLVhAyXlhlXsVwzx6z1e2ixUhUg5dhEPzka5lyBez-5jqj_6WgOCWwz9_JyEIspPkqrJ6R7pTaJYEQPplGYMWDHcHKwpUU2ben_I-y9cgNXFWH8dA8Jn3Hq-xYoOwyYGfSHVpMd15pE0S33LLfSsMJKfizZuwkZ8JA8DL_EX4DHjFb9CH644AMH-jBPbxMV3mm3tYnV9vr5DWU1jcobaguQO5XsCqS2SCoCgZDGpbhkd67GVn9_OD52lBVrCVqpATwDlDqMO7opJqXvhHN46jZc6IDcBelcRtNjzShEvPPJ7Z5boKgl2fgkE5ivdpd_KYVdB8r8NR9G-vT-YdSQi2Z27ydQ679GRJP8_-YagYPjonVfCOhboLRl_eIMtIY-IioKs534576RcOmYhcLEdQMeeDTQ5GjCHmYuvYazbZh3fUvQVzgSB-N4Pg8Anvh8VsIc_KCWgU-e0MUFrsFOPYN9c9sygzKr5WAUSb0_ijpi7d9UbCr_PRcX6-pRYOZqmtDAJtds7eT2hUz4yJhtQucszsy5g8ekaekMaOhg49Yjw5iBaX5e7Uz6PZTu7OvRDNAzs9VaH0JvJfZHdnB5HRahinE8an86a1JtabNX06CvnN9SCO1YqU0mHBI0ZQaVerE6yJlOQg26QSSMEBC5WEy6WI5AByssJcUQGwLi-gEQLdiTbDoPxIySwscrkyVFh2voeiP-Fdw0arSXf5y6LM-f0bPPGOgsllxvngrR5ANQRu_fJptymO_mx87QZaB_DvQVVOSflaN58PGPaIrle6UeTuGGDbeZ0T5fpiWyOBySQUUvH70vYkg-qpG54H0iVIR_GA2atwDzSpn28P806HSnYO5qNOIZCjz_Ah8HLDMkGh2pkTCe4roVHJDRCBTO49-AJgcz8BdL-2O6alDyyHbDtKgBQd15j9LPVbvXAWnt-Od_ADVg1yiobloWv-ER-vVpQ2XW4eoW0F8j-zYZuk5Ks&cid=CAASKORoV8q7NhGYvEALU7Ddwy9z7VjVq6uY3pGlpO40QNF0l1P1acJksDs&dc_exteid=2039863682382238705&dc_pubid=4
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
partner.blau.de/a/ Frame 25BB
Redirect Chain
  • https://as.ad4m.at/ad/tai?a=158504&b=3&c=3&d=2&e=775&f=&g=dbmvidnat_Mweb_allnet&h=&gdpr=&gdpr_consent=&gdpr_pd=
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CJGI1vK0yfoCFUOZ_QcdYAgAXw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=viewoneidzmwaRfYfkP6GfeCQtMtqtzzpaVSZtDfWoneid__dbmvidnat_Mweb_allnet&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=viewoneidzmwaRfYfkP6GfeCQtMtqtzzpaVSZtDfWoneid__dbmvidnat_Mweb_allnet&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022100517340177152463023X117667V1225131106MSviewoneidzmwaRfYfkP6GfeCQtMtqtzzpaVSZtDfWoneid__dbmvidnat_M...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022100517340177152463023X117667V1225131106MSviewoneidzmwaRfYfkP6GfeCQtMtqtzzpaVSZtDfWoneid__dbmvidnat_Mweb_allnet&gdpr_consent=&gdpr=0&cons=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:01 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022100517340177152463023X117667V1225131106MSviewoneidzmwaRfYfkP6GfeCQtMtqtzzpaVSZtDfWoneid__dbmvidnat_Mweb_allnet&gdpr_consent=&gdpr=0&cons=0
date
Wed, 05 Oct 2022 15:34:01 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
dc_oe=ChMI8vGu8rTJ-gIVbKRRCh13_whTEAAYACDGtb5MQhMIpJj88bTJ-gIVlYf9Bx1ELAsx;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame 25BB 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8vGu8rTJ-gIVbKRRCh13_whTEAAYACDGtb5MQhMIpJj88bTJ-gIVlYf9Bx1ELAsx;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D0%26bt%3D0%26pst%3D0%26dur%3D10368%26vmtime%3D213%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364634222%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dxdi%3A0,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664984041078;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 25BB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstW3WJx6sa0IzUxyQn7zwbIgnc4PUG4F4pwmQ0cz4_iXpObVus489Fun5-PtIiwujFEHegdxVnGYgWiS35AC1MJLsIbb8Tawkbhtl0_wWNSNeuyRxM_1nddXoFDJw&sai=AMfl-YTRfUkIP_S7QiQpGo3monFFGQ0Ec74AE2n2p7OBEaN9GTOWyG8TS6Jgy7-JUYfQH3oD9yHtA17M1tt5rnKjwFT8aQY7RipZ0a6am9gPP70DBIDmNNdtMbKxHTtRbiY6aF4&sig=Cg0ArKJSzEPUo6ew69uEEAE&cid=CAASKORoV8q7NhGYvEALU7Ddwy9z7VjVq6uY3pGlpO40QNF0l1P1acJksDs&id=lidarv&acvw=sv%3D20211012%26cb%3Dn%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D0%26bt%3D0%26pst%3D0%26dur%3D10368%26vmtime%3D213%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364634222%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dxdi%3A0,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664984041078&avm=1
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 25BB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIA2556M9Y-SILpWP9u8PxNisiAON1e7DbOzoiKGuDvAuEAEgupftHmCVgoCAwAfIAQapAhpF3JtVurA-qAMByAObBKoE4AFP0EqMEr-PL1YDCqMRUjdeZq4XW4CDyC2ba6ysoFg7MJGSL-9Vd9mMAdGJcC0PHimcDXaj8F7EfTaBpNTIlYR_CQSjant9DLkK-ATc5RLxNfU5Spw7ioW48eXpcjHAYP7kIj9CBb-JNj-2deFUSil-ejaylnMv1du-cSXQk3aCPs2hmV2ByGMz8K4N5RQSMOhqeQ1cDUhk_yl77KQS9xglryzGgZoX6kdDE2IexJVJioUDA7C7o5xCfixLd2a-PJs0q_tyzvZNwXiTfM9b8659QlTBuHPGlG7qnRALeffVW8AE0b7M6KUD4AQDkAYBoAY3gAf5v5hiqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2sQloeMWwyZwcWoAKA5gLAcgLAbATkcHkCtATANgTA4gUBNgUAdAVAfgWAYAXAQ&sigh=2VKgdP0U9Fg&label=vast_creativeview&ad_mt=213
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
peg_logger.js
www.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame FE02 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3404d30f1b9956025fd6221078b56ab9f3301a4af97ddaeb3ef8cc4a8bb88de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:01 GMT
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 10:03:55 GMT
x-content-type-options
nosniff
server
cloudflare
age
29292
etag
W/"62399f0b-2ea6"
vary
Accept-Encoding
content-type
application/x-javascript
content-encoding
br
cache-control
max-age=86400
cf-ray
75573810ef3a5c5c-FRA
expires
Thu, 06 Oct 2022 07:25:45 GMT
pegtracking_combined.js
www.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame FE02 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19213d000c7feb206c1fbcec13e2d0eb9a1fef5b85daf65c498a00e2de827f3a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:01 GMT
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 28 Sep 2022 08:42:56 GMT
x-content-type-options
nosniff
server
cloudflare
age
29292
etag
W/"63340910-77af"
vary
Accept-Encoding
content-type
application/x-javascript
content-encoding
br
cache-control
max-age=86400
cf-ray
75573810ef415c5c-FRA
expires
Thu, 06 Oct 2022 07:25:45 GMT
eum.min.js
eum.instana.io/ Frame FE02 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:01 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 1 Jan 1970 00:00:01 GMT
server
cloudflare
age
63456
etag
1562908762--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin
*
cf-ray
755738116fa99be8-FRA
nvi
www.parship.de/nocache/ Frame FE02 		15 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/nocache/nvi?url_path=%2Fwplp%2Fhtlp%2Fde%2Findex.html&pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID&ref=https%3A%2F%2F31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com%2F
Requested by
Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:01 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cf-ray
755738112fc35c5c-FRA
content-length
15
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b93ebd19a19e707423c3d45ed9e51618911590edc8e94bdae72eaf10a7d01e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11296
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 15:34:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5302 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
894
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:19:07 GMT
expires
Thu, 05 Oct 2023 15:19:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 751E 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
265327a24697d389e5857e483f413dffa22da3c4ab7316576d1e4d4be6a39780
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fYHkFqgtphzjTd8J27zxrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://arsiv.sahadan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-fYHkFqgtphzjTd8J27zxrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:34:01 GMT
expires
Wed, 05 Oct 2022 15:34:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
pagead2.googlesyndication.com/bg/ Frame 5302 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16034
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 15:30:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 751E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092901&jk=3724661400419584&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 7B1E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvd8mIIx5UzMxywz6OQQVpjxUIzMXd5_lwIunrtH8JgF7O9JJTHpxokwy-HR9TTtT4AOduV4DsW8eLLFZNaBEWGqRLiP69-U_PE7ziIfNCQNq9MFS0diDUBdWCePt0n5xGjLREkbM&sai=AMfl-YT0I7HYfU9vjLwsm5HcikfQyXlrVbb4tKjTpQIyw5GKies0wzncIZZbXXpkcr3GasSQmXNqlEwTqb3bo_lgBqHuHp3RGYkYCebYARFKM_SENtsoAiC_9RB8iCEQ1pUTPw&sig=Cg0ArKJSzOfqqQ3rivzbEAE&id=ampim&o=320,137&d=980,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=400&tls=1400&g=100&h=100&tt=1400&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 5302 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2A82xw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j98&a=2146976674&t=event&_s=2&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7...
  • https://www.google-analytics.com/collect?v=1&_v=j98&a=2146976674&t=event&_s=2&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A...
35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2146976674&t=event&_s=2&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Detect&ea=NotFound&el=div%20visible%20with%20attribute%3A%20zero_attr-clientWidth&ev=6&_utma=140208355.1619174177.1664984039.1664984039.1664984039.1&_utmz=140208355.1664984040.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1664984041428&_u=CACCAEABAAAAACAAI~&jid=&gjid=&cid=1619174177.1664984039&tid=UA-241588-1&_gid=731457352.1664984040&z=1510442166
Protocol
H3
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 08:04:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26973
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j98&a=2146976674&t=event&_s=2&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Detect&ea=NotFound&el=div%20visible%20with%20attribute%3A%20zero_attr-clientWidth&ev=6&_utma=140208355.1619174177.1664984039.1664984039.1664984039.1&_utmz=140208355.1664984040.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1664984041428&_u=CACCAEABAAAAACAAI~&jid=&gjid=&cid=1619174177.1664984039&tid=UA-241588-1&_gid=731457352.1664984040&z=1510442166
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209142312000/ Frame 5D7E 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff325c328985ef8a083bc155e6fa6b5cf2182d7d3174d43c9e8e077f4a1576b9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Oct 2022 17:07:16 GMT
age
167205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61591
x-xss-protection
0
server
sffe
etag
"e54f9754f7fcb5b6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Oct 2023 17:07:16 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 5D7E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccca58c9fa219fa65853a7398d935b56ce1fcdaab4787294b3f444ddf7d1036
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:16:27 GMT
age
404254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5187
x-xss-protection
0
server
sffe
etag
"59737ceedde8bf1d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:16:27 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 5D7E 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddcba88db922f967fd78e15a055bfeb5088c7c58500ca2b7f08b74eb3736189b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:16:16 GMT
age
404265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
etag
"e2dd099ef3a2ca02"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:16:16 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 5D7E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5e6919b2460cd051d50b47942408d3b3dbf0470fdaec473a7ca6b928d7ae4e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Oct 2022 05:36:22 GMT
age
122259
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
etag
"01e154329648e832"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Oct 2023 05:36:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 5D7E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25ae07afb30f4156fa035a5ffc7f14945c8863ef79772f062d3d04fd97c25391
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:16:16 GMT
age
404265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12955
x-xss-protection
0
server
sffe
etag
"45d7f146b93052d9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:16:16 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5D7E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:15:20 GMT
x-content-type-options
nosniff
server
cafe
age
65921
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3057
x-xss-protection
0
expires
Wed, 05 Oct 2022 21:15:20 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5D7E 		344 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 09:36:15 GMT
x-content-type-options
nosniff
server
cafe
age
21466
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 06 Oct 2022 09:36:15 GMT
truncated
/ Frame 5D7E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02183c199aefdb342db72ac9425d3fa5fc80ad3d63cbf7aedb8818981450979c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
9018701464054433309
tpc.googlesyndication.com/simgad/ Frame 5D7E 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9018701464054433309?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlsI2WIXoyOyAa63npwAsfwFyzJOw
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1db7414f60005222c9c46dbfa58f2ff50cb19077fbdcb11852b6957a1bbf677
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 14:17:00 GMT
x-content-type-options
nosniff
age
436621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57428
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 09:31:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 30 Sep 2023 14:17:00 GMT
l
www.google.com/ads/measurement/ Frame 5D7E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaRfKBVwXIMd8v_b431zeqY-OyHYBXzdXWrhruu64g_bdwy-TsS07CMS6nQXwyWDaMGEiuRL0HxsUBN06BYUKYuSDMZ5aw
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 5D7E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_ULb6KM9Y6_nB_2z9u8P1NOSmASE2KHRbImzmrLrEIOlga--MxABILqX7R5glYKAgMAHoAGI57PPA8gBAqkCy0EQn1aesD7gAgCoAwHIAwiqBPQBT9D8J184h_yjxm400Xb4UIqYRavrldozgePdgixeHM9HlfrgTwhtqXtBvLGvWZ-Sn2u0rQGiZunqzXSskGKyEXdOWRVMe8-wdEapukGpBUt_oGNz7y89g0CqGZ9gIJDZvArEZx8kUk0eFvMZ6pGq_oVyAybpbks__8UsfG18KuZvH04K5Ygji9XCsXzF4KMdBYZKs5TVDDEFggGIKKjPM6FyTws98LV-Y29QhURHqB5QsYkJjAoeOd-_SiRR-2B1SIDssRt-81BNF73Gp4TYTHxTu4mM0XWbSl-BK_eMZbY7l6JGZpHf6IjwRFv9tvgcBkIm4sAEkIz87aME4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB-CYzDCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCY-wLSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NoAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi01NjEwNjQ5MTQ2Njc0MzA2GOqjHA&sigh=PuuAsXQGAvo&uach_m=[UACH]
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
tracking-event
api.webgains.io/ Frame DFD7 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Oct 2022 15:34:01 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 05 Oct 2022 15:34:01 GMT
server
nginx
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5D7E
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Redirect headers

Date
Wed, 05 Oct 2022 15:34:01 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Cache-Control
private
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
container.html
31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B3A3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:33:59 GMT
expires
Thu, 05 Oct 2023 15:33:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 257B 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjKh7zGATAB&v=APEucNWnoigLGeIS7y9LppscxZgjB0ck7WwHH1slhqsoMN2U1Y_PLuYnxzc5tcN1KXdPXknz1qdehqX7jffBjBlfj0etSBYcpQcLPv02DqJ9MdA0bcLI3TlWbfPNpphMWSD_9jW6Xdph30ei53SfstBmhZd3k4ItA3t2dMDZayJLLGK1zc4pjnGW3Udk4g7tLAXZfIHRCDMP5avIF4kenJjwFjCIHWxaBQ
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:34:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame B3A3 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGOENqjlwf3ksykc0rbiNsflnapVQh4xdGN19bWqY6nf00ok1-o14GuENSWIyENdm6s4VgKsytcsIr_bst-XN4-xCP8cermfjRo2nDxHw8iD7Kbi0VW-6eZGIDl8fuOXb_yLCztJa24JynwIXI0GuZrzl7Ot8rKVjUXUl7IXgc2nOHQQ0&cry=1&dbm_d=AKAmf-BBmet-c3e9hvIvqc9fX3Imwv4Pa3we-uMW9ialxz89vDqlOh4Ucyq9QwSqcM5_Hrjm7AT5d67ehdEynoFM9cFCIvVyAJS-jA9LEVJsCVr4hZo466Ik9IlpSD488vTeWx8BswcU0zA2ez82_NByjiNKj81fvHIg8qw3-YK3AeJbvKvOSfIvNrZ1nvKsIgzYlvG-f12rTYf1a0aygmMy1XPwwhyX2A5j9uKclqhoC1AvbDC0g_OR-6k3X_BCso0EZfLB-obZnkf0NLBMvGlyKguuH1w3OPp-WTTERNLjN36rJRv6u58IcfUzXnvZnIWwwQV_2b42N21jw71NkmVRTIV8UZt57nTmPpDso4XxqDUE-8Vc5EKkymZjv4qBcAb5xi65DE1Gt1w8rIHDuP9lk7UTOEAosRbcC2R9sh30jGug1CsX_IVb1Xb__Sk3IcSjTZDCJYWHkpJkoFS1N9fBEUH8hDy1I577adFMsDF6Fi_tJRkWKMlwim342Em-aI2LN-IZC8HuybW9QbzLOwb1NzQecF_w-iCK_Z3mM2JCwyFl2Zfbpj9uAII1cJ9UaVp8vebIXWYpVr6vTpYXMbeTV9Jm12wcijc1nzOm9kKZQkpjprevnz59CdFdTfGEVbHxj7EjJJLfXWIdYevdRtBJf_07CdCNB0ZFDI4L0L3ZJJQscfkItn44YiKtdcbf02o23TDuSBXiyQyt1jFPQVq7KMnwLOiJ3iSBsI16uh3_AxHQM_Fz4BII3ujG0xvlKpF-q6qM1lXTrz9_ybrNyXey_aREtLmQaTtXbiqIDTIpxne4s41S1DlAq0QWDu1GUSAUy6QG3vIncrLoE799YcSL9cbax-JXaRvZ_Z_7CHG4LqKJ46gT_l5N_TYyDV5fQmRUWVe3eFDwtjLiAJCHfPbTPSd1K7jXXWHVrWFjV-fcOqUDvQTqv9U8sOY-WNRE6REyXs44tAxLh3CdCVHQoByYAgVP21z5eK_924tUY1j7TDbDOA-__2d9uRDB9cVOtlWaNjknBDFqypjbNB_yfpIkizRLwyvASplIMFDN3smdXlMnMSEfR2lNapCSccnatx072-dUV_rD5As24O3L7RFcc7mZmSdsmQcD8VOfb0fwgmyrrfRLoSG8DmEuxbriE0Lm_-XcConOJyjWg7DMo3ONb0HTHQQmYYgjBfbijH7WLXOMI6z3Uj4YDX5HuxvUkzro3cK1ET-iuRtj1Cps2i6ccZZti1hcKVtw4capJvhf6ZzSIy58D5UPVryNtTu_eEnyuFzBXOS9pYs7EOvgZSMdj20vOI42y_A1rgU_a8oJXiBEPzwL2h6aZR39wqdn7nMQZaEGdxvK9PthvKFC1W3K--TF80xj3JDAD0eM55PKvZhfddsOl3MBpOXX2HuYA9kAGsw7PGpS6Pg7wfwx3hsUs8LFFPAOduUWFAX45FCoRtkkW7eqHvwbsfw4qEbRSWx-YHP3DT1516RXpor16bFFvwofyAW24kWn_vucXBKLtzL1s2b0K5H9smAXPT_V-9PNwudYdKTkDDhMNEdgad06plJlUduw8z0zn6VcNHXynVVLa9yAF_IuQyMFJI42pvNSfeH-pPwgc70wIzCwU80TQCy0CScgAVMNVB62x5BidBLwt3bTS5oloYr2haCT7Zel7rNbIL27ezAQZtALnw2VPOI08m6UaPRXXIkwIegasdNu5hSO0DPmR42X4Kds9esQL3XWSmCyf9dWfExBsB8qu2Knnahnl_sfw1Ks0wvQZ2v33d7gmmCJb5sxdo3WuAMvrMoi0rvp0Dzb_bDWiDJebQd_Tl2tcqZEqnxHFnabyh5AYTzxt6yl96ZKlhb8_qCPiGfhQxQGwrA7Rdg0uFm64nhzHmM3vVMmB7_tF9QLtvrdXBKviWiVqlemATVo3II0_BmMJ7pZHREKlgQ05LEgo7Dhc96px6zecqYzmI_QYGp56QKCvXlMEc_4LoZqK1Pb-qI3DMzYbAVGRIKURg2unl0PljtoCt7-WbNN6Y0YCfdzG0YH779p2UCNKn7SspcojguXELDVn3fD5MF4iQS3sjTcFs33F34lu5ushM8WbGJIlQwdKFuRN84Dz56Qtvetjw2jluQ4Yo-gy6meKkTf7fa-NGu0_X84mMR2Ugvy7UXHeFgmF3KhX5PZlVP8Yw-tLQVv7L5HM-BQXpFEPFirGaYeaxdlZ-WVirHR6ERSOmVlfunqEIxUi1UQPKVEDMKjin_mvaqsgUYZ6yOMcxZVglNc_Rr-vhIx36lnqvGWxVIcnOWg7jMiPdI9EBNpUZSIalX3rMg_pHfxle4dRU4jI_-IQnvR3jtG2wxl-nJgX5kLvnZeCGQvGd9GlItMmkSrRgHeS7sw0WUO1SWT_VwkOw3T8kskSmdmUeEm4yBDoQF2EV5bSEMIANooCwcHBUxbIjX1NPGgfLD9f-bxNzD9NJ0Eli7Arr1SYZfDeLY-lEwxOb4VH4DoRVcVuPsArvzU3fxP6I1oKXQF17puXj1NNh6s2gWIhe_LqY4581L-7nI572Nt51N1YJ_3Y3mXkCUcMI3Orml2VzKRSZZ8sjJo4yZKi2134pwpAiHPezFe4Vkbi1XEsUO13uS6QkQKCsLx38iJIe_ufnlxch39874tlg_ispQNs3Smp6QWIPnTljsdxXo9-Et65NONsH9wGd8cSmZCBuukFUkjO9y5ExBHyvq4dw9XUnnQL3CXr36FBEDp5KEEfPQ58j9A5GgyPDmV6Yr-eyqJobcFCeJhkpC4gLKOAo5fWpyihyYJ_o1AoRj4qW_KUDm5bFueUwj1YUeR9qoGNVHTQpqqhGHigLupSyzqUmfVkR4zmVfQ21ctJC1rXX8TcoP5LFdKo-zoKUmrb7HLAxnP3rxR2EHkr7uCUtVj9M5DRPDULaaB_aaZQlK1beTgkGhMQO1XG4lRRCUgv2_wMjRDwjpBA7DqHbMtHpqmfsF6pvjpP4FF4Hz1dAaeWlcxOp-Y2pq8-LaeuETQMD5wKZ1gl7Zz9VYRkidyxve2PkdFKiUwhQC1doeeq3vMtVulLgSLy3ZhsCdrv3DjJ-Gp51FFV0sxO2siok5rj6cpeH3VkA2FbGn3zgL7ePnRHJ_lvhwf24KpxhqPy1P70wEhFcYxwUABVa9xe57kK52faCGzPgop3gScAkGKTdctDbtGwnuNFh_GzYWHqrXwA0PcxRwCFbxxY55qh-UA4_-dID8t_ULbg6dRUK-x3mUmtuQgbfbkgYOPw-AS_dwggNmFrlYBfQowzWQ13dKFc_iYWYZ7Nw_CCRLZZ4cHJ3i2lSSUtSMIFpf0rBwHxBcYhsbiA1rsSlzuSO6I6kJFmhcqvALy7LVCmEUs8C5Reioup9N8OxwNqhW6whyO-RKql6veeA_Dl_l-O0vbGUR3E0kEqNE6PbCFy_gpg3_0NbgJlZHocK4B9yO58ab3XBlSsM2kNsoS&cid=CAASKORoiDFKmHCzGchefiVcoltvllpZrHsA2urVelq0fc1uO5xQuc7FbQM&rfl=1%2Chttp%253A%252F%252Farsiv.sahadan.com%252F%240
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb2b478fa2847581cae9e11266ea742f3cd925d7f4801e49f9c0d6ad3ed47244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11384
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B3A3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CjG_WO98uX9UqPUTbjpwtX2VcM6uHofK-qP-KqrZazefg7zYXRMVJ8CI4y4yB_MFMJvO2efHDsWEuXRkeo8dQsNTfjt1_BixfkxlHmf466zT5ZcYg
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame B3A3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 15:30:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame B3A3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 15:27:25 GMT
l
www.google.com/ads/measurement/ Frame B3A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2qD3lLb4ISDe0LNfkWESMM1MBsuo_iNVNQQWrbun8MazXhWppkdq-KTHlSiL4Gyg70-X8-XBO9YTZZdudOrxOhcfPkw
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B3A3 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 15:34:01 GMT
rum
dsum-sec.casalemedia.com/ Frame 257B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJh3t6HXWLxXgaq04WxZuNc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJh3t6HXWLxXgaq04WxZuNc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjKh7zGATAB&v=APEucNWnoigLGeIS7y9LppscxZgjB0ck7WwHH1slhqsoMN2U1Y_PLuYnxzc5tcN1KXdPXknz1qdehqX7jffBjBlfj0etSBYcpQcLPv02DqJ9MdA0bcLI3TlWbfPNpphMWSD_9jW6Xdph30ei53SfstBmhZd3k4ItA3t2dMDZayJLLGK1zc4pjnGW3Udk4g7tLAXZfIHRCDMP5avIF4kenJjwFjCIHWxaBQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJh3t6HXWLxXgaq04WxZuNc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 257B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yz2j6IkAQLTPaHqkkWy3KwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJh3t6HXWLxXgaq04WxZuNc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJh3t6HXWLxXgaq04WxZuNc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjKh7zGATAB&v=APEucNWnoigLGeIS7y9LppscxZgjB0ck7WwHH1slhqsoMN2U1Y_PLuYnxzc5tcN1KXdPXknz1qdehqX7jffBjBlfj0etSBYcpQcLPv02DqJ9MdA0bcLI3TlWbfPNpphMWSD_9jW6Xdph30ei53SfstBmhZd3k4ItA3t2dMDZayJLLGK1zc4pjnGW3Udk4g7tLAXZfIHRCDMP5avIF4kenJjwFjCIHWxaBQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJh3t6HXWLxXgaq04WxZuNc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 257B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECvxeIDBDWXcPRR0nIwkUcQ&google_cver=1
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECvxeIDBDWXcPRR0nIwkUcQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjKh7zGATAB&v=APEucNWnoigLGeIS7y9LppscxZgjB0ck7WwHH1slhqsoMN2U1Y_PLuYnxzc5tcN1KXdPXknz1qdehqX7jffBjBlfj0etSBYcpQcLPv02DqJ9MdA0bcLI3TlWbfPNpphMWSD_9jW6Xdph30ei53SfstBmhZd3k4ItA3t2dMDZayJLLGK1zc4pjnGW3Udk4g7tLAXZfIHRCDMP5avIF4kenJjwFjCIHWxaBQ
Protocol
HTTP/1.1
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:01 GMT
AN-X-Request-Uuid
37c7ca69-fc75-4cb5-92e6-72de13b4a8aa
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.134; 138.199.38.134; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECvxeIDBDWXcPRR0nIwkUcQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 257B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0MzEwMzQ4NDQ5OTAwMDM1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0MzEwMzQ4NDQ5OTAwMDM1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjKh7zGATAB&v=APEucNWnoigLGeIS7y9LppscxZgjB0ck7WwHH1slhqsoMN2U1Y_PLuYnxzc5tcN1KXdPXknz1qdehqX7jffBjBlfj0etSBYcpQcLPv02DqJ9MdA0bcLI3TlWbfPNpphMWSD_9jW6Xdph30ei53SfstBmhZd3k4ItA3t2dMDZayJLLGK1zc4pjnGW3Udk4g7tLAXZfIHRCDMP5avIF4kenJjwFjCIHWxaBQ
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:01 GMT
AN-X-Request-Uuid
858079f1-31d2-43aa-a054-2070ec614e22
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0MzEwMzQ4NDQ5OTAwMDM1
Connection
keep-alive
X-Proxy-Origin
138.199.38.134; 138.199.38.134; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B3A3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGOENqjlwf3ksykc0rbiNsflnapVQh4xdGN19bWqY6nf00ok1-o14GuENSWIyENdm6s4VgKsytcsIr_bst-XN4-xCP8cermfjRo2nDxHw8iD7Kbi0VW-6eZGIDl8fuOXb_yLCztJa24JynwIXI0GuZrzl7Ot8rKVjUXUl7IXgc2nOHQQ0&cry=1&dbm_d=AKAmf-BBmet-c3e9hvIvqc9fX3Imwv4Pa3we-uMW9ialxz89vDqlOh4Ucyq9QwSqcM5_Hrjm7AT5d67ehdEynoFM9cFCIvVyAJS-jA9LEVJsCVr4hZo466Ik9IlpSD488vTeWx8BswcU0zA2ez82_NByjiNKj81fvHIg8qw3-YK3AeJbvKvOSfIvNrZ1nvKsIgzYlvG-f12rTYf1a0aygmMy1XPwwhyX2A5j9uKclqhoC1AvbDC0g_OR-6k3X_BCso0EZfLB-obZnkf0NLBMvGlyKguuH1w3OPp-WTTERNLjN36rJRv6u58IcfUzXnvZnIWwwQV_2b42N21jw71NkmVRTIV8UZt57nTmPpDso4XxqDUE-8Vc5EKkymZjv4qBcAb5xi65DE1Gt1w8rIHDuP9lk7UTOEAosRbcC2R9sh30jGug1CsX_IVb1Xb__Sk3IcSjTZDCJYWHkpJkoFS1N9fBEUH8hDy1I577adFMsDF6Fi_tJRkWKMlwim342Em-aI2LN-IZC8HuybW9QbzLOwb1NzQecF_w-iCK_Z3mM2JCwyFl2Zfbpj9uAII1cJ9UaVp8vebIXWYpVr6vTpYXMbeTV9Jm12wcijc1nzOm9kKZQkpjprevnz59CdFdTfGEVbHxj7EjJJLfXWIdYevdRtBJf_07CdCNB0ZFDI4L0L3ZJJQscfkItn44YiKtdcbf02o23TDuSBXiyQyt1jFPQVq7KMnwLOiJ3iSBsI16uh3_AxHQM_Fz4BII3ujG0xvlKpF-q6qM1lXTrz9_ybrNyXey_aREtLmQaTtXbiqIDTIpxne4s41S1DlAq0QWDu1GUSAUy6QG3vIncrLoE799YcSL9cbax-JXaRvZ_Z_7CHG4LqKJ46gT_l5N_TYyDV5fQmRUWVe3eFDwtjLiAJCHfPbTPSd1K7jXXWHVrWFjV-fcOqUDvQTqv9U8sOY-WNRE6REyXs44tAxLh3CdCVHQoByYAgVP21z5eK_924tUY1j7TDbDOA-__2d9uRDB9cVOtlWaNjknBDFqypjbNB_yfpIkizRLwyvASplIMFDN3smdXlMnMSEfR2lNapCSccnatx072-dUV_rD5As24O3L7RFcc7mZmSdsmQcD8VOfb0fwgmyrrfRLoSG8DmEuxbriE0Lm_-XcConOJyjWg7DMo3ONb0HTHQQmYYgjBfbijH7WLXOMI6z3Uj4YDX5HuxvUkzro3cK1ET-iuRtj1Cps2i6ccZZti1hcKVtw4capJvhf6ZzSIy58D5UPVryNtTu_eEnyuFzBXOS9pYs7EOvgZSMdj20vOI42y_A1rgU_a8oJXiBEPzwL2h6aZR39wqdn7nMQZaEGdxvK9PthvKFC1W3K--TF80xj3JDAD0eM55PKvZhfddsOl3MBpOXX2HuYA9kAGsw7PGpS6Pg7wfwx3hsUs8LFFPAOduUWFAX45FCoRtkkW7eqHvwbsfw4qEbRSWx-YHP3DT1516RXpor16bFFvwofyAW24kWn_vucXBKLtzL1s2b0K5H9smAXPT_V-9PNwudYdKTkDDhMNEdgad06plJlUduw8z0zn6VcNHXynVVLa9yAF_IuQyMFJI42pvNSfeH-pPwgc70wIzCwU80TQCy0CScgAVMNVB62x5BidBLwt3bTS5oloYr2haCT7Zel7rNbIL27ezAQZtALnw2VPOI08m6UaPRXXIkwIegasdNu5hSO0DPmR42X4Kds9esQL3XWSmCyf9dWfExBsB8qu2Knnahnl_sfw1Ks0wvQZ2v33d7gmmCJb5sxdo3WuAMvrMoi0rvp0Dzb_bDWiDJebQd_Tl2tcqZEqnxHFnabyh5AYTzxt6yl96ZKlhb8_qCPiGfhQxQGwrA7Rdg0uFm64nhzHmM3vVMmB7_tF9QLtvrdXBKviWiVqlemATVo3II0_BmMJ7pZHREKlgQ05LEgo7Dhc96px6zecqYzmI_QYGp56QKCvXlMEc_4LoZqK1Pb-qI3DMzYbAVGRIKURg2unl0PljtoCt7-WbNN6Y0YCfdzG0YH779p2UCNKn7SspcojguXELDVn3fD5MF4iQS3sjTcFs33F34lu5ushM8WbGJIlQwdKFuRN84Dz56Qtvetjw2jluQ4Yo-gy6meKkTf7fa-NGu0_X84mMR2Ugvy7UXHeFgmF3KhX5PZlVP8Yw-tLQVv7L5HM-BQXpFEPFirGaYeaxdlZ-WVirHR6ERSOmVlfunqEIxUi1UQPKVEDMKjin_mvaqsgUYZ6yOMcxZVglNc_Rr-vhIx36lnqvGWxVIcnOWg7jMiPdI9EBNpUZSIalX3rMg_pHfxle4dRU4jI_-IQnvR3jtG2wxl-nJgX5kLvnZeCGQvGd9GlItMmkSrRgHeS7sw0WUO1SWT_VwkOw3T8kskSmdmUeEm4yBDoQF2EV5bSEMIANooCwcHBUxbIjX1NPGgfLD9f-bxNzD9NJ0Eli7Arr1SYZfDeLY-lEwxOb4VH4DoRVcVuPsArvzU3fxP6I1oKXQF17puXj1NNh6s2gWIhe_LqY4581L-7nI572Nt51N1YJ_3Y3mXkCUcMI3Orml2VzKRSZZ8sjJo4yZKi2134pwpAiHPezFe4Vkbi1XEsUO13uS6QkQKCsLx38iJIe_ufnlxch39874tlg_ispQNs3Smp6QWIPnTljsdxXo9-Et65NONsH9wGd8cSmZCBuukFUkjO9y5ExBHyvq4dw9XUnnQL3CXr36FBEDp5KEEfPQ58j9A5GgyPDmV6Yr-eyqJobcFCeJhkpC4gLKOAo5fWpyihyYJ_o1AoRj4qW_KUDm5bFueUwj1YUeR9qoGNVHTQpqqhGHigLupSyzqUmfVkR4zmVfQ21ctJC1rXX8TcoP5LFdKo-zoKUmrb7HLAxnP3rxR2EHkr7uCUtVj9M5DRPDULaaB_aaZQlK1beTgkGhMQO1XG4lRRCUgv2_wMjRDwjpBA7DqHbMtHpqmfsF6pvjpP4FF4Hz1dAaeWlcxOp-Y2pq8-LaeuETQMD5wKZ1gl7Zz9VYRkidyxve2PkdFKiUwhQC1doeeq3vMtVulLgSLy3ZhsCdrv3DjJ-Gp51FFV0sxO2siok5rj6cpeH3VkA2FbGn3zgL7ePnRHJ_lvhwf24KpxhqPy1P70wEhFcYxwUABVa9xe57kK52faCGzPgop3gScAkGKTdctDbtGwnuNFh_GzYWHqrXwA0PcxRwCFbxxY55qh-UA4_-dID8t_ULbg6dRUK-x3mUmtuQgbfbkgYOPw-AS_dwggNmFrlYBfQowzWQ13dKFc_iYWYZ7Nw_CCRLZZ4cHJ3i2lSSUtSMIFpf0rBwHxBcYhsbiA1rsSlzuSO6I6kJFmhcqvALy7LVCmEUs8C5Reioup9N8OxwNqhW6whyO-RKql6veeA_Dl_l-O0vbGUR3E0kEqNE6PbCFy_gpg3_0NbgJlZHocK4B9yO58ab3XBlSsM2kNsoS&cid=CAASKORoiDFKmHCzGchefiVcoltvllpZrHsA2urVelq0fc1uO5xQuc7FbQM&rfl=1%2Chttp%253A%252F%252Farsiv.sahadan.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 21:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 21:58:36 GMT
ztx5c7qof41s
hal9000.redintelligence.net/zone/ Frame B3A3 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/ztx5c7qof41s?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCt4Tg6aM9Y7aaHtDD7_UP9qSt6AibpoCiabWM6ovOD_AuEAEgupftHmCVgoCAwAfIAQmpAstBEJ9WnrA-qAMBqgTgAU_QAzdPRRroKQoqH0i2m3A-a0c_N0UZjMi2vopsyQ2qKzwx6ceOxK8OwlIjy6k3wa66BUw7mp2_dQ68vteE_Ok72xwS8ePHltk_smj8jGWaKh7AzHZsVzwMMxNRo2Ih8YfB5EPLMtKL7VGMlpucCzGbFX3udOB4Xan-aUGpDyVTZ8dtMzpC63eBMi71xVhodxcD3fm6V1yT9T2-gdapNnikvEJZ0pPUNS-2uVzgV4nfgw4FsBHHqTg16bbqlp0-uuVOFei_Wb5h40hDsmPSaJp0orXQ8M6lEmCtaW24dX1cwATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDmAsByAsBgAwBsBORqNEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoiDFKmHCzGchefiVcoltvllpZrHsA2urVelq0fc1uO5xQuc7FbQM%26sig%3DAOD64_0bcrY4PlYiLAOdNDX8V9aPdfTyyQ%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-ABO0pn_Y8iwmrFbtdzlpRVyHkQ73C_aa0AvH8RkMosM6_WSCp2CSEc7L6NWfIPHGl0mIt16Ee9ScvBwCVJOPN7Q57YVYM9Wxf9SaxKv0_rFT4-F_ma7P1Rk8iCDyYnW9oBwcekJ0resYAqwA5T0kGO0ZhDEszfV_x7LAa225NGHtxj7xg%26cry%3D1%26dbm_d%3DAKAmf-CG4zu8OmhuaT04PJ5UPOCaWrH3QsyjPIH4sFkElwOhpWK0Uugk9zmoI7r4TEw0ydoJRXhvdSG6iserz8TYimQLUbXGBzigcuMYEZXT3MswYQB1SXootocbuIdd3YA6U1dVWOzqN2Wx61tgM-DB0PszVDi5Q-gPm77hMZZNyuk3yzLTViK7Pf_Dq1rlVR3FAYjGKFaqk5OisvDj1IxQUTIQWIB5BhXYxoBLguXrpsqYk2Mc8Ox1w7ln5znfe8pCAF9f4uWYe12DAQV4Z_yxSl50QGCHfTmheqQtuMHlljLdIfV5zhxTOeh5seIdKWr2x_HkMdAHZLxemqvvaZzk3ShQksXkK6YbcX6ev6_zjzAaaL_wEuuy-55TQh3cv7COchDmspm1b1uW-sgWi3l5kuleXG23URkMz63NZuFoeUO8qUoDdkP2lWXPOZ38NrmfJFJ2ed6rA0V8txz4LPBfhk9YIStIRSQ2CA09b0SxHSNqLLsXYImSHs4uQxHlSBhIj5x0yteBN6BLvLJPihq710iNG_QwRvgzG9d9keU27BCmoAWj3I0%26adurl%3D
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
3c0a075150f51b67e71ce468b2ec9f5addf0ac1071b69c8c20a9ffeb5640603b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:01 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4059
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F491 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
139525
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 00:48:36 GMT
expires
Wed, 04 Oct 2023 00:48:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
pagead2.googlesyndication.com/bg/ Frame F491 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16034
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 15:30:47 GMT
request.php
hal900029.redintelligence.net/ Frame B3A3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request.php?zone=ztx5c7qof41s&nw=20&renderingType=javascript&namespace=3d16b96210&subid=&uid=c9470194806d01fa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCt4Tg6aM9Y7aaHtDD7_UP9qSt6AibpoCiabWM6ovOD_AuEAEgupftHmCVgoCAwAfIAQmpAstBEJ9WnrA-qAMBqgTgAU_QAzdPRRroKQoqH0i2m3A-a0c_N0UZjMi2vopsyQ2qKzwx6ceOxK8OwlIjy6k3wa66BUw7mp2_dQ68vteE_Ok72xwS8ePHltk_smj8jGWaKh7AzHZsVzwMMxNRo2Ih8YfB5EPLMtKL7VGMlpucCzGbFX3udOB4Xan-aUGpDyVTZ8dtMzpC63eBMi71xVhodxcD3fm6V1yT9T2-gdapNnikvEJZ0pPUNS-2uVzgV4nfgw4FsBHHqTg16bbqlp0-uuVOFei_Wb5h40hDsmPSaJp0orXQ8M6lEmCtaW24dX1cwATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDmAsByAsBgAwBsBORqNEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoiDFKmHCzGchefiVcoltvllpZrHsA2urVelq0fc1uO5xQuc7FbQM%26sig%3DAOD64_0bcrY4PlYiLAOdNDX8V9aPdfTyyQ%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-ABO0pn_Y8iwmrFbtdzlpRVyHkQ73C_aa0AvH8RkMosM6_WSCp2CSEc7L6NWfIPHGl0mIt16Ee9ScvBwCVJOPN7Q57YVYM9Wxf9SaxKv0_rFT4-F_ma7P1Rk8iCDyYnW9oBwcekJ0resYAqwA5T0kGO0ZhDEszfV_x7LAa225NGHtxj7xg%26cry%3D1%26dbm_d%3DAKAmf-CG4zu8OmhuaT04PJ5UPOCaWrH3QsyjPIH4sFkElwOhpWK0Uugk9zmoI7r4TEw0ydoJRXhvdSG6iserz8TYimQLUbXGBzigcuMYEZXT3MswYQB1SXootocbuIdd3YA6U1dVWOzqN2Wx61tgM-DB0PszVDi5Q-gPm77hMZZNyuk3yzLTViK7Pf_Dq1rlVR3FAYjGKFaqk5OisvDj1IxQUTIQWIB5BhXYxoBLguXrpsqYk2Mc8Ox1w7ln5znfe8pCAF9f4uWYe12DAQV4Z_yxSl50QGCHfTmheqQtuMHlljLdIfV5zhxTOeh5seIdKWr2x_HkMdAHZLxemqvvaZzk3ShQksXkK6YbcX6ev6_zjzAaaL_wEuuy-55TQh3cv7COchDmspm1b1uW-sgWi3l5kuleXG23URkMz63NZuFoeUO8qUoDdkP2lWXPOZ38NrmfJFJ2ed6rA0V8txz4LPBfhk9YIStIRSQ2CA09b0SxHSNqLLsXYImSHs4uQxHlSBhIj5x0yteBN6BLvLJPihq710iNG_QwRvgzG9d9keU27BCmoAWj3I0%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=4856273112383&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ztx5c7qof41s?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCt4Tg6aM9Y7aaHtDD7_UP9qSt6AibpoCiabWM6ovOD_AuEAEgupftHmCVgoCAwAfIAQmpAstBEJ9WnrA-qAMBqgTgAU_QAzdPRRroKQoqH0i2m3A-a0c_N0UZjMi2vopsyQ2qKzwx6ceOxK8OwlIjy6k3wa66BUw7mp2_dQ68vteE_Ok72xwS8ePHltk_smj8jGWaKh7AzHZsVzwMMxNRo2Ih8YfB5EPLMtKL7VGMlpucCzGbFX3udOB4Xan-aUGpDyVTZ8dtMzpC63eBMi71xVhodxcD3fm6V1yT9T2-gdapNnikvEJZ0pPUNS-2uVzgV4nfgw4FsBHHqTg16bbqlp0-uuVOFei_Wb5h40hDsmPSaJp0orXQ8M6lEmCtaW24dX1cwATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDmAsByAsBgAwBsBORqNEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoiDFKmHCzGchefiVcoltvllpZrHsA2urVelq0fc1uO5xQuc7FbQM%26sig%3DAOD64_0bcrY4PlYiLAOdNDX8V9aPdfTyyQ%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-ABO0pn_Y8iwmrFbtdzlpRVyHkQ73C_aa0AvH8RkMosM6_WSCp2CSEc7L6NWfIPHGl0mIt16Ee9ScvBwCVJOPN7Q57YVYM9Wxf9SaxKv0_rFT4-F_ma7P1Rk8iCDyYnW9oBwcekJ0resYAqwA5T0kGO0ZhDEszfV_x7LAa225NGHtxj7xg%26cry%3D1%26dbm_d%3DAKAmf-CG4zu8OmhuaT04PJ5UPOCaWrH3QsyjPIH4sFkElwOhpWK0Uugk9zmoI7r4TEw0ydoJRXhvdSG6iserz8TYimQLUbXGBzigcuMYEZXT3MswYQB1SXootocbuIdd3YA6U1dVWOzqN2Wx61tgM-DB0PszVDi5Q-gPm77hMZZNyuk3yzLTViK7Pf_Dq1rlVR3FAYjGKFaqk5OisvDj1IxQUTIQWIB5BhXYxoBLguXrpsqYk2Mc8Ox1w7ln5znfe8pCAF9f4uWYe12DAQV4Z_yxSl50QGCHfTmheqQtuMHlljLdIfV5zhxTOeh5seIdKWr2x_HkMdAHZLxemqvvaZzk3ShQksXkK6YbcX6ev6_zjzAaaL_wEuuy-55TQh3cv7COchDmspm1b1uW-sgWi3l5kuleXG23URkMz63NZuFoeUO8qUoDdkP2lWXPOZ38NrmfJFJ2ed6rA0V8txz4LPBfhk9YIStIRSQ2CA09b0SxHSNqLLsXYImSHs4uQxHlSBhIj5x0yteBN6BLvLJPihq710iNG_QwRvgzG9d9keU27BCmoAWj3I0%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
c31eafa574b32f7e5646c4e71e3ce58130b8fce3e5db11e1b82cad0c20bc7ce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:01 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
22110300096617304444646012103029
Connection
close
Content-Length
973
Expires
Wed, 05 Oct 2022 16:34:01 +0200
csi
csi.gstatic.com/ Frame 25BB 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=6~l8vsibwl&c=1703062874021&slotId=851531437010.5&qqid=CKSY_PG0yfoCFZWH_QcdRCwLMQ&fb=web_video-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=801&mt=video%2Fmp4&vs=640x360&dm=10000&event_name=first_play&asset_bytes=66449&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=14&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=4&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.l8vsic98
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:813::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092901&jk=3724661400419584&bg=!lZalltLNAAYQgTJdMIE7ACkAdvg8WjVR2A0JtQrWeF7BjX6HRuG9Cq7sI_xB9HmZDet2ezpVdY8gXwIAAABjUgAAAAFoAQeZApme3L2qNwKx7NMHjL2kdYUSXTbGN_EcxLchg2LFSI-ZkZfwymBq8ayVjaLQ0UXHuSOZHS9rm8qZJM1IycdxD4ZgJzcI2ZFW1UFdZttWtZMPAy8tb6hbI1U9CQDcI0OVW_SEaSoGT-gXjjqbMYDJm5cl-Olo3QJFT4ZgSNAoFXrJv7GtJvC7yNLiYF3qhrcMZnMiDf34PR7WE_zcxhlgJgOMmtSNjvwNwPJq8AastPhnoewNJUiHsUVMecEHn_NOzWvp7t6re_nqRWPBMu1IAXD8ESxNPbOciVH-ptx4ocWEtfw5D4Z6fp9spZ2WNMrbddpxGKSNiFxGzb5F5--k6P6lw_XX11FB4qyAOk7g7tGBtIPnABcp1AlKoZ7xY7eUDKyH2mWi4KNMYlFZ33i1yTzH6k9vKzpSz4VYEe-3c6I7lLOiIFLvD-5EdouB1glrk4jv6TBEQh8UaDCs_BDaSsB6w9CUPsheVUsEp-cXxD4O7kQTdr_k902AnghfLaqPfgMx25K6kl9ZGFxT3E6sO_5d_cErVGm1mK--A1oCVFgmGg9q1rRJvblFPhHdawn8NxeQfIFqp4m6PnPYVlvHUGIZRsMQqWFPhtH2sRTkPbs3FgrTCQbm2bYRHSBdtM_8pZ29MQmdiPfHq6WT9ELQwqNebqXvhvaPb2AQHYhbNfaIChj7VnO-V7tBX9DTneyV9h3s1sf6oUoV_YKKf5L7D3yPoTLFSwSlXc8nbvTmRX9UKn2ihEfuZtnXp9haeXFAJtvCf_dwAFz8r42fIOgeLoejtxmT27k0AudG-rbBXZUOGz-43GtDeWQ82NZNYgVWXhuXgzW-i-nxC3BYswP_L9Xitp4KSfK5Dc6C-dqNvP503Vl6C3-Awxs_fA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
viewability
hal900012.redintelligence.net/ Frame BDB4 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/viewability?s=64667200082843704445330012103012&a=adabae63&vb=v
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=64667200082843704445330012103012&a=04ecbd6b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/request_content.php?s=64667200082843704445330012103012&a=04ecbd6b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:01 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame F491 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BI_Mb6aM9Y7uXM8_xgAeC_5yYDwAAAAA4AeAEAg&bg=!aGulay_NAAYQgTJdMIE7ACkAdvg8Wp1OA0lbGJmwl3Gvyqyxt9t0VYkCNdMl71WmeV1_aYPN457OeAIAAABLUgAAAAJoAQeZAutw6vKxltA-QbCOqeucUsnZZhFobWfC7aasXaQ0gasoEsyCzJLibZaZ8z8eRLR5I1OgSvSoEfLyRx5uiCEZ5zBz0K-6bMhSjshhVeiCwZ4uJf0CGXvbzIcgv7Hy-1rKtKRi-lA-ckCLQLaUFWD2rz6pEYQsNGBn9kU4JpV7unNDfMYaeeWei4zvExL3St1bL8VFsv_Q9iBNMiWIzxU8hnYtXJZtPyCjkT0Mvda5jUvhfBni8wElTdJyXJSuu8BqhTxPeWh_UP4Vj-M4-XQEmTmcv_A16ZmlcUYSRAwuUGBGE6g-ezn3eyIhnUZGIvX_Xla_nY49jtWdHmo0srz4uV5LUB-vkup0VHrtwmtXOa18NkNyXnOimQ_UPPC4cJJbx1BhQOORKUeVnBT-bwv5FGD38mjFy0lGWznTwTA8GDErugKj2JB1Ze80_W1IhHOYC4DrbpgGHtcrlzScQJY9vstPfOXrrmh72TwqhDGNBYNdZXpcesiKMQ72J7uY4qm5S8w8Yx1pQOrJMThp6T5Vkq2uvg-mfwhdxvTXMoZCMHW5EQRwgEllS_gdKwz_7Ttwao40tS2IHLJa0WoCuftnDpZ1qRKj5CV5dCVq-JdFC4lxu-E9oKf5KLDLMcAu9_LL2_Ksp8o-DlHfahvfqRoGOPqCwWukAbg2pmSkkfJeBpxBFc-6WUphDrBFhZyDlCBcc0Ry6iJAeoHL3vOYhFwVPOl-HcDt2BxR1OTu7An98SUqQ3xhSvA8QywBeV0aOmhj5ubk3ABA2MJrAh1hGyYGSJ2yo5dHg20z1nX9IdZzQDdCMuEPWd37-BOVuFX35mxEMxA-_B-zCVevggRroyJTxHm07b-pna0yPBnlQ73G__C4VPPFG1TkEHTMYQkZDgvBJsc53zrrlREoHcvwjiwGTRxfQD8cqs_FKiwzxPaTEYaDp2_qUEK7O-HUQXHnLxiZxD5NSbNXpO4SQpWAxGyHhqPU5EU-3g4R2tMWrgc
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cshow.php
www.awin1.com/ Frame 5907 		43 B
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=3202020&v=11601&q=357526&r=113440&pref1=22110300096617304444646012103029&pv=1
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=ztx5c7qof41s&nw=20&renderingType=javascript&namespace=3d16b96210&subid=&uid=c9470194806d01fa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCt4Tg6aM9Y7aaHtDD7_UP9qSt6AibpoCiabWM6ovOD_AuEAEgupftHmCVgoCAwAfIAQmpAstBEJ9WnrA-qAMBqgTgAU_QAzdPRRroKQoqH0i2m3A-a0c_N0UZjMi2vopsyQ2qKzwx6ceOxK8OwlIjy6k3wa66BUw7mp2_dQ68vteE_Ok72xwS8ePHltk_smj8jGWaKh7AzHZsVzwMMxNRo2Ih8YfB5EPLMtKL7VGMlpucCzGbFX3udOB4Xan-aUGpDyVTZ8dtMzpC63eBMi71xVhodxcD3fm6V1yT9T2-gdapNnikvEJZ0pPUNS-2uVzgV4nfgw4FsBHHqTg16bbqlp0-uuVOFei_Wb5h40hDsmPSaJp0orXQ8M6lEmCtaW24dX1cwATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDmAsByAsBgAwBsBORqNEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoiDFKmHCzGchefiVcoltvllpZrHsA2urVelq0fc1uO5xQuc7FbQM%26sig%3DAOD64_0bcrY4PlYiLAOdNDX8V9aPdfTyyQ%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-ABO0pn_Y8iwmrFbtdzlpRVyHkQ73C_aa0AvH8RkMosM6_WSCp2CSEc7L6NWfIPHGl0mIt16Ee9ScvBwCVJOPN7Q57YVYM9Wxf9SaxKv0_rFT4-F_ma7P1Rk8iCDyYnW9oBwcekJ0resYAqwA5T0kGO0ZhDEszfV_x7LAa225NGHtxj7xg%26cry%3D1%26dbm_d%3DAKAmf-CG4zu8OmhuaT04PJ5UPOCaWrH3QsyjPIH4sFkElwOhpWK0Uugk9zmoI7r4TEw0ydoJRXhvdSG6iserz8TYimQLUbXGBzigcuMYEZXT3MswYQB1SXootocbuIdd3YA6U1dVWOzqN2Wx61tgM-DB0PszVDi5Q-gPm77hMZZNyuk3yzLTViK7Pf_Dq1rlVR3FAYjGKFaqk5OisvDj1IxQUTIQWIB5BhXYxoBLguXrpsqYk2Mc8Ox1w7ln5znfe8pCAF9f4uWYe12DAQV4Z_yxSl50QGCHfTmheqQtuMHlljLdIfV5zhxTOeh5seIdKWr2x_HkMdAHZLxemqvvaZzk3ShQksXkK6YbcX6ev6_zjzAaaL_wEuuy-55TQh3cv7COchDmspm1b1uW-sgWi3l5kuleXG23URkMz63NZuFoeUO8qUoDdkP2lWXPOZ38NrmfJFJ2ed6rA0V8txz4LPBfhk9YIStIRSQ2CA09b0SxHSNqLLsXYImSHs4uQxHlSBhIj5x0yteBN6BLvLJPihq710iNG_QwRvgzG9d9keU27BCmoAWj3I0%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=4856273112383&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-253-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 05 Oct 2022 15:34:02 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
activityi;dc_pre=CJrPifO0yfoCFQSb7QodBYYFyw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9501720839780.758
8019191.fls.doubleclick.net/ Frame 5E6C
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9501720839780.758?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CJrPifO0yfoCFQSb7QodBYYFyw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9501720839780.758?
391 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJrPifO0yfoCFQSb7QodBYYFyw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9501720839780.758?
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
fe4fb3ecb07cbf8a2d42b090393acb02a9c734da61083e8fd17f504f7c0aa2d7
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
323
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:34:02 GMT
expires
Wed, 05 Oct 2022 15:34:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 15:34:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJrPifO0yfoCFQSb7QodBYYFyw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9501720839780.758?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900029.redintelligence.net/ Frame 2106 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request_content.php?s=22110300096617304444646012103029&a=42723783
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=ztx5c7qof41s&nw=20&renderingType=javascript&namespace=3d16b96210&subid=&uid=c9470194806d01fa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCt4Tg6aM9Y7aaHtDD7_UP9qSt6AibpoCiabWM6ovOD_AuEAEgupftHmCVgoCAwAfIAQmpAstBEJ9WnrA-qAMBqgTgAU_QAzdPRRroKQoqH0i2m3A-a0c_N0UZjMi2vopsyQ2qKzwx6ceOxK8OwlIjy6k3wa66BUw7mp2_dQ68vteE_Ok72xwS8ePHltk_smj8jGWaKh7AzHZsVzwMMxNRo2Ih8YfB5EPLMtKL7VGMlpucCzGbFX3udOB4Xan-aUGpDyVTZ8dtMzpC63eBMi71xVhodxcD3fm6V1yT9T2-gdapNnikvEJZ0pPUNS-2uVzgV4nfgw4FsBHHqTg16bbqlp0-uuVOFei_Wb5h40hDsmPSaJp0orXQ8M6lEmCtaW24dX1cwATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDmAsByAsBgAwBsBORqNEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORoiDFKmHCzGchefiVcoltvllpZrHsA2urVelq0fc1uO5xQuc7FbQM%26sig%3DAOD64_0bcrY4PlYiLAOdNDX8V9aPdfTyyQ%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-ABO0pn_Y8iwmrFbtdzlpRVyHkQ73C_aa0AvH8RkMosM6_WSCp2CSEc7L6NWfIPHGl0mIt16Ee9ScvBwCVJOPN7Q57YVYM9Wxf9SaxKv0_rFT4-F_ma7P1Rk8iCDyYnW9oBwcekJ0resYAqwA5T0kGO0ZhDEszfV_x7LAa225NGHtxj7xg%26cry%3D1%26dbm_d%3DAKAmf-CG4zu8OmhuaT04PJ5UPOCaWrH3QsyjPIH4sFkElwOhpWK0Uugk9zmoI7r4TEw0ydoJRXhvdSG6iserz8TYimQLUbXGBzigcuMYEZXT3MswYQB1SXootocbuIdd3YA6U1dVWOzqN2Wx61tgM-DB0PszVDi5Q-gPm77hMZZNyuk3yzLTViK7Pf_Dq1rlVR3FAYjGKFaqk5OisvDj1IxQUTIQWIB5BhXYxoBLguXrpsqYk2Mc8Ox1w7ln5znfe8pCAF9f4uWYe12DAQV4Z_yxSl50QGCHfTmheqQtuMHlljLdIfV5zhxTOeh5seIdKWr2x_HkMdAHZLxemqvvaZzk3ShQksXkK6YbcX6ev6_zjzAaaL_wEuuy-55TQh3cv7COchDmspm1b1uW-sgWi3l5kuleXG23URkMz63NZuFoeUO8qUoDdkP2lWXPOZ38NrmfJFJ2ed6rA0V8txz4LPBfhk9YIStIRSQ2CA09b0SxHSNqLLsXYImSHs4uQxHlSBhIj5x0yteBN6BLvLJPihq710iNG_QwRvgzG9d9keU27BCmoAWj3I0%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=4856273112383&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
4c177e0256d6150953d6213b99009208516ba2752cf502ef65f0bc31c5b575ae

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2315
Content-Type
text/html; charset=utf-8
Date
Wed, 05 Oct 2022 15:34:02 GMT
Expires
Wed, 05 Oct 2022 16:34:02 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 81D1 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67613
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 20:47:09 GMT
etag
48472445140208031
expires
Wed, 05 Oct 2022 20:47:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B3A3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90fdaf8cb0b156fcff8bec0af276d05a355f66e16b1f8d88c6e1c05651085d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 81D1 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELrIWCW5k-GhFWv0A_iMNbk&google_cver=1&google_push=AZmPxg8ubu2fG8Onr-XDKEM7EANgufjQBm9MesPP6JEiqGwTuj19nqgGHPYlMblhn0CwJBoJA9VoRJNEqI0s3zzCWevUqOuuhA
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 81D1 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJU1l9pjAuSolRFQa2-Zsg4&google_cver=1&google_push=AZmPxg9uWlbHpx4V0svJqwxUeOr0vSo3E7wPKuJ4hyVNn0xNpm4-JPDLpKyuHekTigRIR5VS9SKLyxFtTPJMiYz6SjCk5ceJCDk
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 81D1
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEAr5-RbkQawv3oHMgyd6XYQ&google_cver=1&google_push=AZmPxg_BpXr-RNmCJ_ujvjrrAz9M6ZcmgUSac6TPWDtyH9bwLRwZNOml_2rbCueZHUBuTY9ulee55...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_BpXr-RNmCJ_ujvjrrAz9M6ZcmgUSac6TPWDtyH9bwLRwZNOml_2rbCueZHUBuTY9ulee55mbd2vZOby7VMTrG2J-XYvI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_BpXr-RNmCJ_ujvjrrAz9M6ZcmgUSac6TPWDtyH9bwLRwZNOml_2rbCueZHUBuTY9ulee55mbd2vZOby7VMTrG2J-XYvI
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 05 Oct 2022 15:34:01 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 511ACB7926434B43B6ADE997C88DB948 Ref B: VIEEDGE2006 Ref C: 2022-10-05T15:34:02Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_BpXr-RNmCJ_ujvjrrAz9M6ZcmgUSac6TPWDtyH9bwLRwZNOml_2rbCueZHUBuTY9ulee55mbd2vZOby7VMTrG2J-XYvI
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAXqS05khucDJtMcaYFV6w==
pixel
cm.g.doubleclick.net/ Frame 81D1
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEHF-GLZEk2DcM2S81dDUm1U&google_cver=1&google_push=AZmPxg-uozJdpSCXVXrl9dsNBIFO87tgO98bPDE1p65G7SC1s_Jo4g3UMapkMPyWyzgv_Axc7k3HQh8r6sZGW6vUScALhm0vIzU
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-uozJdpSCXVXrl9dsNBIFO87tgO98bPDE1p65G7SC1s_Jo4g3UMapkMPyWyzgv_Axc7k3HQh8r6sZGW6vUScALhm0vIzU&google_hm=ZzEyYTU3ZDM1ZWU1YmM1Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-uozJdpSCXVXrl9dsNBIFO87tgO98bPDE1p65G7SC1s_Jo4g3UMapkMPyWyzgv_Axc7k3HQh8r6sZGW6vUScALhm0vIzU&google_hm=ZzEyYTU3ZDM1ZWU1YmM1ZjYyNDk=
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:02 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-uozJdpSCXVXrl9dsNBIFO87tgO98bPDE1p65G7SC1s_Jo4g3UMapkMPyWyzgv_Axc7k3HQh8r6sZGW6vUScALhm0vIzU&google_hm=ZzEyYTU3ZDM1ZWU1YmM1ZjYyNDk=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 81D1
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEdOx12St2egXge8k2r38FY&google_cver=1&google_push=AZmPxg_GxPZyewURzebgI1mbR7nJJmxg3k8XHgrvIG1OwO8uYNxa-t89gkyqAqZu75WjvgWnFHky7...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg_GxPZyewURzebgI1mbR7nJJmxg3k8XHgrvIG1OwO8uYNxa-t89gkyqAqZu75WjvgWnFHky76jwHqqnm3lYE2i3Qkoyag&google_hm=WXoyajZzQ284W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg_GxPZyewURzebgI1mbR7nJJmxg3k8XHgrvIG1OwO8uYNxa-t89gkyqAqZu75WjvgWnFHky76jwHqqnm3lYE2i3Qkoyag&google_hm=WXoyajZzQ284WDBBQUNKSTZJVUFBQUFB
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
48
Date
Wed, 05 Oct 2022 15:34:02 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEEdOx12St2egXge8k2r38FY&google_push=AZmPxg_GxPZyewURzebgI1mbR7nJJmxg3k8XHgrvIG1OwO8uYNxa-t89gkyqAqZu75WjvgWnFHky76jwHqqnm3lYE2i3Qkoyag&proto=google_ebda","cluster_id":48,"gdpr":true,"ipv4":"0.0.0.0","key":"Yz2j6sCo8X0AACJI6IUAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40230"}
X-SO-Key
Yz2j6sCo8X0AACJI6IUAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40230
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg_GxPZyewURzebgI1mbR7nJJmxg3k8XHgrvIG1OwO8uYNxa-t89gkyqAqZu75WjvgWnFHky76jwHqqnm3lYE2i3Qkoyag&google_hm=WXoyajZzQ284WDBBQUNKSTZJVUFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40230.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-IP
138.199.38.134
report
sync.teads.tv/um/ Frame 81D1
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELzk6VHJMI9UbrZxj8mpxE8&google_cver=1&google_p...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AZmPxg_2m72G5e8BtqSBs22pznmtKwhk2Gy-jlZWlHQ4PkHnJL2WnP2flw4SPIL_mkDCNCExFuAawHHMIx97zt7Kt76rFuLc-XM
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires
Wed, 05 Oct 2022 15:34:02 GMT
pragma
no-cache
date
Wed, 05 Oct 2022 15:34:02 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 81D1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELT7q07hN_m_5g9QrsPjTaM&google_cver=1&google_push=AZmPxg9PFCkIZVX47...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM0MzEwMzQ4NDQ5OTAwMDM1&google_gid=CAESELT7q07hN_m_5g9QrsPjTaM&google_cver=1&google_push=AZmPxg9PFCkIZVX47Tg0hbUPhRpMiVRtD10iJ1LWPD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM0MzEwMzQ4NDQ5OTAwMDM1&google_gid=CAESELT7q07hN_m_5g9QrsPjTaM&google_cver=1&google_push=AZmPxg9PFCkIZVX47Tg0hbUPhRpMiVRtD10iJ1LWPDlmiAZx0bDr_adYm84_sAKEbbNCL2PI6HtVRyscS7bSuTcHWXJtZ-IKqvFF
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 15:34:02 GMT
AN-X-Request-Uuid
7cf562cf-b550-42aa-920e-95221f199516
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM0MzEwMzQ4NDQ5OTAwMDM1&google_gid=CAESELT7q07hN_m_5g9QrsPjTaM&google_cver=1&google_push=AZmPxg9PFCkIZVX47Tg0hbUPhRpMiVRtD10iJ1LWPDlmiAZx0bDr_adYm84_sAKEbbNCL2PI6HtVRyscS7bSuTcHWXJtZ-IKqvFF
Connection
keep-alive
X-Proxy-Origin
138.199.38.134; 138.199.38.134; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 81D1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IBeafAN7lGcfmw6ibJYxHwAIdBjvHZDs6CbPbkBtuV7WSUXQ8p_Js19yWvVFwRnbrHKDd06eY
Requested by
Host: 31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
URL: https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:34:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 2106 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=22110300096617304444646012103029&a=42723783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 02:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 02:21:27 GMT
imgbanneraktion-160x600-1661866287204.jpg
a1.awin1.com/ads/awin/11601/ Frame 2106
Redirect Chain
  • https://www.awin1.com/cshow.php?s=3202020&v=11601&q=357526&r=113440&pref1=22110300096617304444646012103029&pv=0
  • https://ui2.awin.com/ads/awin/11601/imgbanneraktion-160x600-1661866287204.jpg
  • https://a1.awin1.com/ads/awin/11601/imgbanneraktion-160x600-1661866287204.jpg
92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.awin1.com/ads/awin/11601/imgbanneraktion-160x600-1661866287204.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=22110300096617304444646012103029&a=42723783
Protocol
H2
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca988a496a2c90c7cfd66182061425adbeb2e712c268234d0a45f77557047af7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 02:01:18 GMT
x-amz-version-id
wWRUtQbEWQSBWLkgaWBPZuHFYdo0sJJx
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
48765
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
94566
last-modified
Tue, 30 Aug 2022 13:31:28 GMT
server
AmazonS3
etag
"d24b332f6e945b37f80d14cbc9bd1155"
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
x-amz-cf-id
rFmSFFu2euTEc_dyhchy_eVpX8e3pTLxTjckwTziO4vGA7dZ_NIE5g==

Redirect headers

location
https://a1.awin1.com/ads/awin/11601/imgbanneraktion-160x600-1661866287204.jpg
date
Wed, 05 Oct 2022 15:34:02 GMT
content-length
0
dc_pre=CJrPifO0yfoCFQSb7QodBYYFyw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9501720839780.758
adservice.google.com/ddm/fls/z/ Frame 5E6C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJrPifO0yfoCFQSb7QodBYYFyw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9501720839780.758
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJrPifO0yfoCFQSb7QodBYYFyw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9501720839780.758?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900029.redintelligence.net/ Frame 2106 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/viewability?s=22110300096617304444646012103029&a=f2531904&vb=m
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=22110300096617304444646012103029&a=42723783
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/request_content.php?s=22110300096617304444646012103029&a=42723783
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:02 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 2106 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 5D7E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPiTkhkUm9NVPKDorLCqy7UB4NSqggEQIMgCPCK8_BLIFXjVMJrVfRHyPQ6pOPmuN0lXIMevOW6bHf6IykuUPSfZvTwtbCQnDRtGvmR7SxkhmuE6Gwz3ZPYzP7pXVsl3wxb_TwJg&sai=AMfl-YRPhs8vJ3cXrq6zxuGNa1RwYqOuK2_eKPSUnoTdk86WkXuPMr16CigWopOFoDiQpDajYjqQEaNL0n9IHu0cf2SOGWDkSRJyjEy-1iFL8QIJNTbkjaG3NWg9uEQP1D0&sig=Cg0ArKJSzKbvdsVovUjxEAE&cid=CAASF-RodxDCnhcTrjnG1yoynyHbq-XDP_pi&id=ampim&o=150,0&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=120&tls=1121&g=100&h=100&tt=1121&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B3A3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFWLu84KfK9JSTNo_jDJ6t6zLa2Gl4k1HmhuG9YsfOyAauGNEMgSRznBDq9SCiJVrZymMMolCs-ncAuPzEkl187PX200D8jWA_3HfloQyCQvF-upG_aly1c7t4&sai=AMfl-YSewZpOFISl1qwamCcWfkF4QDHKLwVVFZohR7a_gi4xNvcsdl1LMOgHO7Tb_VY1jbFjpRdsqbd7hbJ3hqMfp3vHjhloR4avj3eURT-2_0C1CpqlI0DSqZTLSJauhvrpIYk&sig=Cg0ArKJSzCBfVFIte3EOEAE&cid=CAASKORoiDFKmHCzGchefiVcoltvllpZrHsA2urVelq0fc1uO5xQuc7FbQM&id=lidar2&mcvt=1000&p=0,1290,600,1450&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=386702893&rs=4&la=0&cr=0&vs=4&r=v&rst=1664984041803&rpt=248&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900029.redintelligence.net/ Frame 2106 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/viewability?s=22110300096617304444646012103029&a=f2531904&vb=v
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=22110300096617304444646012103029&a=42723783
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/request_content.php?s=22110300096617304444646012103029&a=42723783
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 15:34:03 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
dc_oe=ChMI8vGu8rTJ-gIVbKRRCh13_whTEAAYACDGtb5MQhMIpJj88bTJ-gIVlYf9Bx1ELAsx;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D23,5,187,296%26tos%3D2084,0,0,0,0%26mtos%3D20...
ade.googlesyndication.com/ddm/activity/ Frame 25BB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8vGu8rTJ-gIVbKRRCh13_whTEAAYACDGtb5MQhMIpJj88bTJ-gIVlYf9Bx1ELAsx;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D23,5,187,296%26tos%3D2084,0,0,0,0%26mtos%3D2084,2084,2084,2084,2084%26amtos%3D0,0,0,0,0%26mcvt%3D2084%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2286%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D0%26bt%3D1%26pst%3D0%26dur%3D10368%26vmtime%3D2502%26dtos%3D2084%26dtoss%3D1%26dvs%3D2084%26dfvs%3D2084%26dvpt%3D2286%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364634222%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2084;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1664984041078;ecn1=1;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 25BB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstW3WJx6sa0IzUxyQn7zwbIgnc4PUG4F4pwmQ0cz4_iXpObVus489Fun5-PtIiwujFEHegdxVnGYgWiS35AC1MJLsIbb8Tawkbhtl0_wWNSNeuyRxM_1nddXoFDJw&sai=AMfl-YTRfUkIP_S7QiQpGo3monFFGQ0Ec74AE2n2p7OBEaN9GTOWyG8TS6Jgy7-JUYfQH3oD9yHtA17M1tt5rnKjwFT8aQY7RipZ0a6am9gPP70DBIDmNNdtMbKxHTtRbiY6aF4&sig=Cg0ArKJSzEPUo6ew69uEEAE&cid=CAASKORoV8q7NhGYvEALU7Ddwy9z7VjVq6uY3pGlpO40QNF0l1P1acJksDs&id=lidarv&acvw=sv%3D20211012%26cb%3Dn%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D23,5,187,296%26tos%3D2084,0,0,0,0%26mtos%3D2084,2084,2084,2084,2084%26amtos%3D0,0,0,0,0%26mcvt%3D2084%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2286%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D0%26bt%3D1%26pst%3D0%26dur%3D10368%26vmtime%3D2502%26dtos%3D2084%26dtoss%3D1%26dvs%3D2084%26dfvs%3D2084%26dvpt%3D2286%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364634222%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2084&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1664984041078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI8vGu8rTJ-gIVbKRRCh13_whTEAAYACDGtb5MQhMIpJj88bTJ-gIVlYf9Bx1ELAsx;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D23,5,187,296%26tos%3D2186,0,0,0,0%26mtos%3D21...
ade.googlesyndication.com/ddm/activity/ Frame 25BB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8vGu8rTJ-gIVbKRRCh13_whTEAAYACDGtb5MQhMIpJj88bTJ-gIVlYf9Bx1ELAsx;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D23,5,187,296%26tos%3D2186,0,0,0,0%26mtos%3D2186,2186,2186,2186,2186%26amtos%3D0,0,0,0,0%26mcvt%3D2186%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2388%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D0%26bt%3D2%26pst%3D0%26dur%3D10368%26vmtime%3D2603%26dtos%3D102%26dtoss%3D2%26dvs%3D102%26dfvs%3D102%26dvpt%3D102%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2186,2186,2186,2186,2186%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364634222%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2186;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1664984041078;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 25BB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIA2556M9Y-SILpWP9u8PxNisiAON1e7DbOzoiKGuDvAuEAEgupftHmCVgoCAwAfIAQapAhpF3JtVurA-qAMByAObBKoE4AFP0EqMEr-PL1YDCqMRUjdeZq4XW4CDyC2ba6ysoFg7MJGSL-9Vd9mMAdGJcC0PHimcDXaj8F7EfTaBpNTIlYR_CQSjant9DLkK-ATc5RLxNfU5Spw7ioW48eXpcjHAYP7kIj9CBb-JNj-2deFUSil-ejaylnMv1du-cSXQk3aCPs2hmV2ByGMz8K4N5RQSMOhqeQ1cDUhk_yl77KQS9xglryzGgZoX6kdDE2IexJVJioUDA7C7o5xCfixLd2a-PJs0q_tyzvZNwXiTfM9b8659QlTBuHPGlG7qnRALeffVW8AE0b7M6KUD4AQDkAYBoAY3gAf5v5hiqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2sQloeMWwyZwcWoAKA5gLAcgLAbATkcHkCtATANgTA4gUBNgUAdAVAfgWAYAXAQ&sigh=2VKgdP0U9Fg&label=videoplaytime25&ad_mt=2604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI8vGu8rTJ-gIVbKRRCh13_whTEAAYACDGtb5MQhMIpJj88bTJ-gIVlYf9Bx1ELAsx;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D23,5,187,296%26tos%3D4842,0,0,0,0%26mtos%3D48...
ade.googlesyndication.com/ddm/activity/ Frame 25BB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8vGu8rTJ-gIVbKRRCh13_whTEAAYACDGtb5MQhMIpJj88bTJ-gIVlYf9Bx1ELAsx;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D23,5,187,296%26tos%3D4842,0,0,0,0%26mtos%3D4842,4842,4842,4842,4842%26amtos%3D0,0,0,0,0%26mcvt%3D4842%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5044%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D0%26bt%3D6%26pst%3D0%26dur%3D10368%26vmtime%3D5259%26dtos%3D2656%26dtoss%3D3%26dvs%3D2656%26dfvs%3D2656%26dvpt%3D2656%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2656,2656,2656,2656,2656%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364634222%26psm%3D63%26psv%3D62%26psfv%3D62%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,4842;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1664984041078;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 25BB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIA2556M9Y-SILpWP9u8PxNisiAON1e7DbOzoiKGuDvAuEAEgupftHmCVgoCAwAfIAQapAhpF3JtVurA-qAMByAObBKoE4AFP0EqMEr-PL1YDCqMRUjdeZq4XW4CDyC2ba6ysoFg7MJGSL-9Vd9mMAdGJcC0PHimcDXaj8F7EfTaBpNTIlYR_CQSjant9DLkK-ATc5RLxNfU5Spw7ioW48eXpcjHAYP7kIj9CBb-JNj-2deFUSil-ejaylnMv1du-cSXQk3aCPs2hmV2ByGMz8K4N5RQSMOhqeQ1cDUhk_yl77KQS9xglryzGgZoX6kdDE2IexJVJioUDA7C7o5xCfixLd2a-PJs0q_tyzvZNwXiTfM9b8659QlTBuHPGlG7qnRALeffVW8AE0b7M6KUD4AQDkAYBoAY3gAf5v5hiqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2sQloeMWwyZwcWoAKA5gLAcgLAbATkcHkCtATANgTA4gUBNgUAdAVAfgWAYAXAQ&sigh=2VKgdP0U9Fg&label=videoplaytime50&ad_mt=5260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 15:34:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery string| VERSION undefined| TEMPTROBJCOLOR undefined| TEMPTROBJ number| popupWidth function| HLon function| HLoff function| parseFloat2 function| putpoint function| replaceTurkish function| MM_swapImgRestore function| MM_preloadImages function| MM_findObj function| MM_swapImage function| openWin undefined| dateValid string| OK function| isDate function| validateNum function| isLeapYear function| PrevStandings_onclick function| Tc function| TcExchange function| MSc function| BBMSc function| BBTc function| BBStanding function| BBComp function| MScExchange function| Kc function| KcExchange function| OpenForum function| PDc function| Tahmin function| PDcExchange function| KPc function| replaceChars function| blinkIt function| getElementsById function| rgb2Hex function| IntToHex function| MakeHex function| getCookie function| setCookie function| __gid object| variables object| cookieVariables function| getValueWithQuote function| generateCookieString function| getGeneralCookie function| rollObj object| myRollObj function| cumulativeOffset function| relocateBanner function| openOddLink function| initDuelMatches function| StringBuilder function| popMatch function| popComparison function| popTeam function| popBasketTeam object| cookieVariablesX object| Medyanet_Display_Settings number| advertisement_not_blocked object| AdmostClient boolean| _cookieTest string| LOGO_PATH string| ICON_PATH string| IMG_PATH string| BTEAM_LOGO_PATH object| Mackolik object| tmp object| dimml object| _0x54bf function| _0x453b function| _typeof undefined| ReklamUpArsivMackolikCom object| googletag number| stickyIsActive function| screenArea function| infiniteAds function| _amw1 object| ggeac object| google_js_reporting_queue number| activeNewsPage boolean| boolSlideNews function| gotoNews boolean| has_panels boolean| has_filmstrip number| strip_size object| _0x150d function| _0x5e59 undefined| ReklamUpInterstitial_v2 undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| DP_jQuery_1664984039909 function| atrk object| _atrk_opts boolean| _atrk_fired string| gaJsHost number| google_global_correlator object| jQuery18204795423543135664 object| _gat object| _gaq object| adblockDetector string| GoogleAnalyticsObject function| ga object| pageTracker string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| COMSCORE function| udm_ object| _comscore object| ns_p object| google_tag_data object| gaplugins object| gaData object| timeout object| gemius_cmpclient object| gemius_cookie object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt function| saveCookieConsent function| loadCookieConsent function| openCookieDialog object| closure_lm_539155 object| expireTime number| cont function| sticky_relocate_master number| begin number| end string| k object| GoogleGcLKhOms object| google_image_requests

46 Cookies

Domain/Path Name / Value
arsiv.sahadan.com/ Name: am_cookie_test
Value: true
.sahadan.com/ Name: __asc
Value: 148a5b26183a8c841f062bfd3e3
.sahadan.com/ Name: __auc
Value: 148a5b26183a8c841f062bfd3e3
.arsiv.sahadan.com/ Name: __utmc
Value: 140208355
.arsiv.sahadan.com/ Name: __utmz
Value: 140208355.1664984040.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.arsiv.sahadan.com/ Name: __utmt
Value: 1
.arsiv.sahadan.com/ Name: __utma
Value: 140208355.1619174177.1664984039.1664984039.1664984039.1
.arsiv.sahadan.com/ Name: __utmb
Value: 140208355.1.10.1664984040
.sahadan.com/ Name: _ga
Value: GA1.2.1619174177.1664984039
.sahadan.com/ Name: _gid
Value: GA1.2.731457352.1664984040
.sahadan.com/ Name: _gat
Value: 1
.sahadan.com/ Name: __gfp_64b
Value: vu4X9Faf2AvKONBYLDtZ69b1SWSI.cinvFsCuA58ZWv.87|1664984040
.hit.gemius.pl/ Name: Gtest
Value: KlxdNMGGQMQGqSl0eRG_69EissGMXP8c25nSGYkG2rntXBG.
.hit.gemius.pl/ Name: Gdyn
Value: KlQgXMMGQMQGqSl0eRG_69EissGMXP8c25nSGYkG2rntFRxSG7RrGGHgUMhHGGK1ysKsRjBGqSRxSG8.
.casalemedia.com/ Name: CMID
Value: Yz2j6IkAQLTPaHqkkWy3KwAA
.casalemedia.com/ Name: CMPS
Value: 2210
.casalemedia.com/ Name: CMPRO
Value: 2210
.adnxs.com/ Name: uuid2
Value: 534310348449900035
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 60101a2585a213e2
arsiv.sahadan.com/ Name: intdate
Value: 1664984040648
.doubleclick.net/ Name: DSID
Value: NO_DATA
.awin1.com/ Name: awpv11524
Value: 296283|1664984040|229cb440-44c3-11ed-bf79-22313f494a88
trf.greatviews.de/ Name: ads_si
Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%2222a9444e-44c3-11ed-a127-00155d53a129%22%3Bs%3A3%3A%22sit%22%3Bi%3A1665070440%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: cjcookie
Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj22a9a07e-44c3-11ed-a127-00155d53a129%22%3Bs%3A6%3A%22expire%22%3Bi%3A1728056040%3B%7D
trf.greatviews.de/ Name: mcookie
Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%2222a943ea-44c3-11ed-a127-00155d53a129%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221664984040%25%255712300%25%2522a9432c-44c3-11ed-a127-00155d53a129%22%3Bs%3A6%3A%22expire%22%3Bi%3A1680536040%3B%7D
trf.greatviews.de/ Name: ads_pu
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1665588840%3B%7D
trf.greatviews.de/ Name: ads_ps
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
.www.parship.de/ Name: __cf_bm
Value: MQT7AhVNJtFtq5k.SSGvxnntG89EO8x.FXCfGQBYy_I-1664984041-0-AV6rfMtqDdCG2XJKpBZJvOlea5UF1iLvr/nquKWWoBez2gLrKaIjfnhKGuQUWRRtS02zDNUFz/3Zy75ayHaBmq4=
.parship.de/ Name: NVI_LC2
Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID_TS%3A1664984041
.parship.de/ Name: NVI_FC
Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1664984040.5712300.22a9432c-44c3-11ed-a127-00155d53a129ID_TS%3A1664984041
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTE0MDAwMDAwMDA2MTY2NDk4NDA0MXZsZWExZGUyMDIyMTAwNTE3MzQwMTc3MTUyNDYzMDIzWDExNzY2N1YxMjI1MTMxMTA2TVN2aWV3b25laWR6bXdhUmZZZmtQNkdmZUNRdE10cXR6enBhVlNadERmV29uZWlkX19kYm12aWRuYXRfTXdlYl9hbGxuZXQxMTc2Njc
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022100517340177152463023X117667V1225131106MSviewoneidzmwaRfYfkP6GfeCQtMtqtzzpaVSZtDfWoneid__dbmvidnat_Mweb_allnet&wfid=117667
.sahadan.com/ Name: __gads
Value: ID=e49869bbe2f83242:T=1664984039:S=ALNI_MbNyNkJRsmZ8OkjCEmvyZT4J4TT9Q
.doubleclick.net/ Name: IDE
Value: AHWqTUm6butkKZz2SFEROUSKrle5241NF-K_PGXnNEsPonpyxMWwnopqlj77veUcw34
.casalemedia.com/ Name: CMTS
Value: 2199
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>sx9]HB!A#FV.TOKKnyW<U1`VROYQM-:J)4w6Zn0f6K]UV?>qrz:F9j_9ImP7po87MW<QG=%9sk@3@'s>T>C!(K
.awin1.com/ Name: awpv11601
Value: 113440|1664984042|23599ba0-44c3-11ed-96b9-2237162cbb98
.awin1.com/ Name: AWSESS
Value: 357526:3202020
.quantserve.com/ Name: d
Value: EB4BCQGhJ4EA
.quantserve.com/ Name: mc
Value: 633da3ea-188ae-7e152-4f6fa
.yieldmo.com/ Name: yieldmo_id
Value: g12a57d35ee5bc5f6249%7C1664984042180%7C0%7C
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&659fec74-abb5-4026-84a6-8532ab79a67a"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjQ5ODQwNDI7MjswMjGPuSEDQ5gDM6yhv7BP+ni9hwBmzz1LAehHW//VTUmh7w==
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2405:u=1:x=1:i=1664984042:t=1665070442:v=2:sig=AQEYzjHKyIymLsWIUsjtMBoSDxp7ae4u"

42 Console Messages

Source Level URL
Text
javascript warning URL: http://arsiv.sahadan.com/Default.aspx(Line 33)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://go.admost.com/adx/js/admost.js?r=0.6589149889241654, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://arsiv.sahadan.com/Default.aspx(Line 33)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://go.admost.com/adx/js/admost.js?r=0.6589149889241654, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://is.cdn.md/i4/Css/jquery-autocomplete/jquery.autocomplete.css?v=3.295
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46730&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46730&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=18834&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=18834&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=38097&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=38097&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46727&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46727&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=49848&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=49848&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=34177&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=34177&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=18833&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=18833&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=18830&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=18830&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46728&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46728&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://arsiv.sahadan.com/Default.aspx(Line 1313)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://arsiv.sahadan.com/Default.aspx(Line 1313)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://arsiv.sahadan.com/Default.aspx(Line 1362)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://b.scorecardresearch.com/beacon.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://arsiv.sahadan.com/Default.aspx(Line 1362)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://b.scorecardresearch.com/beacon.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other error URL: http://imasdk.googleapis.com/js/core/bridge3.536.0_tr.html#goog_485519871
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other warning URL: https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=21376&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=21376&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46731&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46731&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=29753&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=29753&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=26436&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=26436&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://www.gstatic.com/admanager/outstream/web_video.js(Line 387)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=51258&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.6589149889241654
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=51258&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=64667200082843704445330012103012&t=htlp
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network error URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64667200082843704445330012103012
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
other warning URL: https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

31fe2b7430b1e0e0eb90fdd4512bfdf4.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
a1.awin1.com
abada0b115741742db07108cad8215155.profile.gru3-p3.cloudfront.net
ad.doubleclick.net
ade.googlesyndication.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
arsiv.sahadan.com
as.ad4m.at
b.cdn.md
b.scorecardresearch.com
baltar.dimml.io
bid.g.doubleclick.net
cdn.ampproject.org
cdn.dimml.io
cdn.eksiup.com
cdn.track.production.webgains.team
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d31qbv1cthcecs.cloudfront.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
eum.instana.io
fonts.googleapis.com
fonts.gstatic.com
gatr.hit.gemius.pl
gcdn.2mdn.net
go.admost.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900012.redintelligence.net
hal900029.redintelligence.net
hm.cdn.md
ib.adnxs.com
images.performgroup.com
imasdk.googleapis.com
is.cdn.md
js.duhnet.tv
ls.hit.gemius.pl
medialead.de
pagead2.googlesyndication.com
partner.blau.de
pv.medialead.de
px.ads.linkedin.com
r3---sn-4g5ednsk.c.2mdn.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb-csync.smartadserver.com
run.admost.com
s0.2mdn.net
sahadan.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
str.hit.gemius.pl
sync.teads.tv
tags.bluekai.com
tg.socdm.com
tpc.googlesyndication.com
track.webgains.com
trf.greatviews.de
ui2.awin.com
use.fontawesome.com
vz-795b4bfd-cff.b-cdn.net
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.parship.de
www.telefonica-partner.de
108.158.153.16
124.146.215.50
13.224.189.29
13.224.189.44
13.225.78.115
13.225.78.30
13.225.78.35
13.225.78.39
142.250.184.194
142.250.185.102
142.250.186.166
142.251.39.2
145.239.193.130
146.59.30.108
172.217.16.194
18.132.138.70
18.134.23.117
185.102.219.173
185.59.220.199
185.80.39.216
185.86.137.131
185.89.210.244
188.165.145.88
195.244.38.50
195.244.61.20
23.205.253.64
23.35.236.154
23.35.237.56
23.36.162.83
2606:4700:20::681a:ad1
2606:4700::6810:cc16
2606:4700::6813:b979
2606:4700:e2::ac40:840f
2607:f8b0:4005:813::2003
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:22::14
2a00:1450:4001:6f::8
2a00:1450:4001:802::2002
2a00:1450:4001:803::2003
2a00:1450:4001:806::2006
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c02::9b
2a00:1450:400d:806::2002
2a00:1450:400d:807::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::200a
2a02:6ea0:c700::17
2a02:fa8:8806:16::1370
2a06:98c1:3120::3
2a0b:4d07:102::1
3.15.76.72
34.254.127.56
37.252.173.62
37.59.195.0
52.49.122.80
64.233.167.154
69.192.160.219
77.223.136.105
77.223.147.103
78.46.85.162
82.222.8.80
84.200.5.215
85.239.105.10
88.99.219.174
94.130.102.164
94.23.99.218
0133a3a8bad96c183d5fd19407b4cc471dcdd5eb0e81c5504c198ae5a04d6d40
02183c199aefdb342db72ac9425d3fa5fc80ad3d63cbf7aedb8818981450979c
0240de66a7b445f61b5a32e74c7d1dff431ac48b1b218ba454275b8f22046368
03476d1678f85e3ff8b5265c78c7caa0fff3bb82e8ea71ec0e58844ed3914c6f
035bc7a9b73d7cfcc86c1ff802a860de23e7c0bf6fcbd4dbde722a3468f47006
04a1cd06115f2def20313e09fe4af55a14ca175e762988a3847417e0d8f6ed47
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b3681b1af915cc18f9650b1b79bf684d660ca257e13c4d6fbaca0d0575c0a3f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d9e3d4b89f176becf05bc50cf86a5966d3e5a6f87f986bae3a65c1be3b04a5d
121ae86017bb1f29119cc1eb5649be9ff1fca0766c37b2a9eeec4e981990a307
121f06391f8b4ce267b855305ee2045a9f02125e8514c217b2824b4565980212
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14938290f2332fc75449a68069edcb6144654cb15308e7f34fddb72c60749135
14ee0390722dba1d6e95b766412095d436df22f30b83dfbb9cb38fde3cd72c95
15787640cfad6eed68e8b369869bf42a15b1ccd95ad1d976607ef7759710435c
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
1694d5d52547530f2cc3feb29cb467a5a749e8ff702c26b21d237fbd8a9edc6e
16ac5f05c34c7c36e84e366c4048afb61fb7886c96cf6764da9f9d9916a87bf9
1702a9f1b4dc874c1f3031c66983d3cb9b8e268c09ea0634510383ef95bc73f8
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
17ef511e2faf2b0eb9cbc20d5fdce977076b9f2da8036e6b7fbdcb2103c2a57a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19213d000c7feb206c1fbcec13e2d0eb9a1fef5b85daf65c498a00e2de827f3a
196a6359e0a3051606f13dda018daba7819f9cba767adff922e633ee2d50a7f0
1c117db733062d719ab13893c5610a6c7119297d1b32105ac2f5f2a57b4fc926
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661
1dbe5850f671cf92fe1d7b55226a830fbe4daba614bf6c6ceeca9e236326930f
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
23c6ff27e2823ac5bff095ef9ab427b04db7a5e7af1d7cc75e12c7c911d9983b
25ae07afb30f4156fa035a5ffc7f14945c8863ef79772f062d3d04fd97c25391
265327a24697d389e5857e483f413dffa22da3c4ab7316576d1e4d4be6a39780
29618906293281d3604dea2b1e6caa556e3e84102a16bb7afa96438ed94b2695
2bf517104f255123ba18c57e1de2f672c0271712d716ff844a26ea8162453b45
2db8d490874233aa54cca7388434312358f981e180ebac3df6ad8938b64d8fb9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e9b33e2310fe243055ae2d79e9a8805caf7ae61c256f41cc07f4a7ebe5f400f
313d5cbad55a31674c5451e2a961ab892e951ea7c59396ea5a89c944c9b029bd
3272767301b4a690bd58b5a9b143ef909168e9ca09053c91c93fa0c49157f4f5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34667fc83e3f4d9ff6080d44c4fc4dd87e0d3a6a8d680dbd3adb05a73d99f590
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b
37004deec8edce7dcffbc9c3e46255a46c83197d62b7a2fd6e8ac8eb0fdf4efc
394814da5867ac6dd0819e14379934242530d7e2320e9b859deb9b5a216ad905
3c0a075150f51b67e71ce468b2ec9f5addf0ac1071b69c8c20a9ffeb5640603b
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3dfb78d105e89ffe3359c30a219301b46640e01cb726e00693b9a1e745b678b8
3ea5f5e57bcdba2a5925058f077a3c016ac0c03d940a9866f82bddd5bf150dd2
3f71c7e1467e9bac745ba1f27ec773b77b04b551e3b48eae8447a14c43aefc0d
400e7a9f32b9d47c90e67bdab6d07c576845afd6a5f9bce0bfb8580350b7118d
415219a853066f4771ca7bddc3b20bb8f432c5bd62a35dc703f255784156aa04
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
454f97323a1a1f954078fb117649b63a4a3e76e38b8eb34acdf2c8b41508bbf5
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
487c01ecc966766eb7f3619d55bed1960a857e2a88ed35bbd59bad6f45d048d4
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6ee1b60d99686cc425241e8b26d22d79843b31258b90c14b06d420d0ea9639
4c177e0256d6150953d6213b99009208516ba2752cf502ef65f0bc31c5b575ae
4ce26ce6b24e357e956a71f5651702de3968153ecbb7a097f3cfe45bd0055d46
4ec12baf6cba1184f734c98640a42cd7a3208c2edf5871231eb6c3a58a021520
4f64f8e57fceff16ab30429262845ed261ba56e666ee48dd8c0f0616eefd0702
4f6afecd3822b010be6a51478e8a97556f63d1199b43a139543af84ec33dad6c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53d94d99aea6bce949af941217303245057b545dc1b96252f610a57f56a6226a
53ef9e8412836d3dce42ef6d118d1f55a593d35c8af0771d33e3419177e59253
5456a7711a8316413cfefaf002784ed40b25e1bb8b43d1d0e10921051cf3291d
54a6606bed93bee86d6763cdc2f435c3501de5b129044f7896fda2080e9d5caa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c38a936e96b9666fa72f322bc23685f1cea12805219d881bb99259538fb91e
5b93ebd19a19e707423c3d45ed9e51618911590edc8e94bdae72eaf10a7d01e0
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
607e4da1c02751a1a410252976fd2ac1008ad4d2f6be77a93b8047d55ef7e691
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d51d572fe8a36202afe3422b21b3a1f13ecf1843e1bc7fc6aafb756a8b3c1c
66c473d28591572dcdf5e6f5ace03c5e2dafdf17516956d9556d8d703e447c2b
68bbcdadbeb721cb66952f4e3aaa5faa5de544567f63ce3979a8850b91f8a6db
6cacd3365f6ea4b210a4f3aec4343a8c8badc495e4177921aa9d4b1a87ead073
6df79e98ac3f39a612316d11ac887567173d8b940ca5ca1c48582e5ac57e79b0
70c9596456c1bdc191573b8bc0fd6fbf520417921506d2f2fe842a777ef4b2a0
7688a1c1a7ec22b7b4a4b6f7f23f66236f38a7e9a814627a5d00b6392263b6e1
76fe6a7100c6203e3c30420f68f62dc1d36e6a3c1b6566f82bfa268871225c85
7ab20fdd9ee45b7ed420f924edaefe5b24787d224a7fff3e713a1ddba1e5ffff
7acea79c2521213b0e379bcb9c0fe0c690e5cb7ccad1998c5920b2a5699843ad
7d0faca785be135eeeaee5cd2ba681e5ababa983819df716a01acfe8c67f26e5
7dce527399393dc3ad9b311a552545d55d6be11c3b553968ae40a67b7837d6c1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
8853e974d661a5636217c397d87dd0c3c3c67390b67f0924136430125ea8e933
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ccca58c9fa219fa65853a7398d935b56ce1fcdaab4787294b3f444ddf7d1036
8e3cb39f7f7c73a7bf8b5b278b579919ba953829cc7ba7b74091aacf896a0fa2
8eb210f051cf5fb47c491940ac07f6ec351ffc3d16546f9d4c6538023dd9b55e
90fdaf8cb0b156fcff8bec0af276d05a355f66e16b1f8d88c6e1c05651085d42
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
92caaaf854584eb93b0d007a93e0c4c438f8136ad4932edf58a6c83da611ad00
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
96c0598f9fe9df975d595a6ba24ebff8c1bd6fe14902dd37b2ebb639daedf5bf
988e335e1e417630ca5579e4dca36d7f6582e6521cd5c934c5608ac32b12058d
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d312140f3532b29659e3b5c2eb94ff9d7d5f09376b21993c5909442eece0067
9e0475bc6b5858f1d4d16178f48f9993fc45ecd976c9c147330ed300fc220c51
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f45a49d27117af1323c98b6f17499f08f49e5e60db826db929e583f2e8e65f
a30e7f3239b07a4811f6c77a5c62fc5b5774033f099783db947047cd0a0ef113
a314bd0381551764a32150f16251feccf4184b14859eadec2e06cb0d35d4681e
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a81cecefe8865615fe3e4c8858e69f1d92f4cff8a56095d2c57bdfb61fb07439
a843f537fd7eb5593d2debd4f79221a795a933768d280dfad3412d871c3421dd
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa2cb8a5241d24ae98bad193afc76ca3b5437f2d95c62c7c49dbdc9ad6a2fac9
aa375c9d8594075036cfab0100df40326469b2f875de5610fe8077bbf77ee57c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3a1fa0ef7b588488567c0c08308726216748bcbdc69e38d78cc5b9683a2eb4
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04b12cadf378663dd825a3554cc04856238b223260bc77e20aaf54923f649fe
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1db7414f60005222c9c46dbfa58f2ff50cb19077fbdcb11852b6957a1bbf677
b3f2e69fff634830a400c124c00dd5c97f023d6154a03aa9ec9a5eb690c9f196
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4a7ef9af3af11bb37d635bfed849032d26ef1cd51095cff7e664fcddf9e114c
b98d31df3b8d5da00ceadbd1bdd1df086dd83cc04e451184de153aff2b162f2a
bc90f63957859845f729b7c4499a4dbdd0b21f0f0737cadce1d5d36ec0000f8e
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd3a43f2643f0295e41de02e3bde14b0a94f2ee5a6e95dfd7d0048bb9bafb6a9
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c21a3f821b4d312076f3a473f9e741b53658761b5f0886873e12039eb5190cbe
c31eafa574b32f7e5646c4e71e3ce58130b8fce3e5db11e1b82cad0c20bc7ce8
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
c829b10207ab4ac7c70a5358e75be2dc56cabb752085d5a1bfc531432edd2448
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca988a496a2c90c7cfd66182061425adbeb2e712c268234d0a45f77557047af7
cb9404060fda4757f932c63af8efa23cb6088538410793e9ce068f0d1818df51
cecaa3c6afa068e141ee4972e5449634fb581b3447bfa6169d3c038d2450a5e8
cf025959d5ae6414b0f1fb142746a84a93a8e7c0f1aaff024bdfcb740e3c3552
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d26928222c5d515cdbab26bed671c5461b6d1bc2947a126d834c55efe740e3ff
d2bff305675aebc514c504b1ca9f8bd805df158e90fc073126ba139ee27d56e2
d5e6919b2460cd051d50b47942408d3b3dbf0470fdaec473a7ca6b928d7ae4e3
d731a0b67521f56a398187ed988cf3ba1a6f679b3ba293576c522d3d32047130
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8f2e242ba8edee7a4a983c8de41eed420d7a933b9dc2563c798dc1328825e97
d93e17588f48e21f0f1e47e57d6019e748b2b5625796708ccf7767ddc7c9db70
d9bcc622da74d5b781d9449ceb10c2dcbcc614838d01a93923556200b67fb37e
dba74544c15f57cd96359f59fcc118e2e39a1b3fff3123dca2f32ce838ecb33f
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
ddcba88db922f967fd78e15a055bfeb5088c7c58500ca2b7f08b74eb3736189b
de8daa27e049afc33fd42d0e387f98fce09710896e5f487d0298ddf9ec6d3999
ded1d9b7817a8247c96877fb6bfef1f651d94018cc4df64f298209867a4307e9
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309
e22e56e5d6ab8067865637574878f62679a5bcf77cd2324cf301158724e3a158
e3219f0c7466ddb2c626a3d104277441d8b1a20e239606f7fda68ed6a35e3dfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444291a8eb00c0786a77e8b783c318b2d77db35e6715aff504a46d8e64b3335
e4bc697496bb350dee2dd90f94e8454e52a371f64121a5565f0a54652a0716e5
e5774d459aad81e96c4ebf256bf1c62436707f09b022083d8719fdfeba1b3957
e62af54a296f56631510f41fe04abc6fdb1b703d6e2968a50a6741c5aac93ea0
e9ef8c5630768eac23544ef13c37e2158f1508b43657a11f482c6dbdf2ffad79
ea3273964fd64f1966a84354ec26014e38f1f725f5dcec8a5777f63e7531d430
eb2b478fa2847581cae9e11266ea742f3cd925d7f4801e49f9c0d6ad3ed47244
ec56b2a59262e7489dfdeb863840fbf779478550f423b3cb9b4a9047342da21b
ee2f84d61840b2cc4a48fa5794940cc1cb8d122309a0be318b3d5ad6041a21a0
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22cecb8a7b101abf207c81c1bcc643650330a6b4626cf1ed7e965b2dd69680a
f3404d30f1b9956025fd6221078b56ab9f3301a4af97ddaeb3ef8cc4a8bb88de
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8c438d279c6bd38c07d7713ec638668b54cbb2b2e55d01e3a7ba28f144365ee
fca8ce5b63454588162eed0c873ffb9837b3c305bae8e5627989d3a851eda2e0
fddc433f7cc747ef4fe82c66486feb8783af32e11f590cf4bb46708b8ec05418
fe4fb3ecb07cbf8a2d42b090393acb02a9c734da61083e8fd17f504f7c0aa2d7
ff325c328985ef8a083bc155e6fa6b5cf2182d7d3174d43c9e8e077f4a1576b9