www.edevlet.uk Open in urlscan Pro
2606:4700:3037::ac43:a7d0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://edevlet.uk/
Effective URL:
https://www.edevlet.uk/
Submission: On March 22 via manual (March 22nd 2021, 2:31:11 pm UTC) from TR

Summary HTTP 63 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 16 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3037::ac43:a7d0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.edevlet.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2020. Valid for: a year.

This is the only time www.edevlet.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	2606:4700:303... 2606:4700:3037::ac43:a7d0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 9	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:73b:46ad:270f:ab37	16509 (AMAZON-02) (AMAZON-02)
1	172.217.18.114 172.217.18.114	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2012	15169 (GOOGLE) (GOOGLE)
63	20

21 2606:4700:3037::ac43:a7d0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

edevlet.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.edevlet.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.212.130 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:73b:46ad:270f:ab37 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.114 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f18.1e100.net

p4-bj5rteafvjqam-cu6qp2ryshrwo23b-765933-i1-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p4-bj5rteafvjqam-cu6qp2ryshrwo23b-765933-i2-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	edevlet.uk 1 redirects edevlet.uk www.edevlet.uk	4 MB
16	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	207 KB
15	doubleclick.net 4 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	32 KB
6	gstatic.com fonts.gstatic.com p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com p4-bj5rteafvjqam-cu6qp2ryshrwo23b-765933-i1-v6exp3.v4.metric.gstatic.com p4-bj5rteafvjqam-cu6qp2ryshrwo23b-765933-i2-v6exp3.ds.metric.gstatic.com	81 KB
3	google.com 1 redirects adservice.google.com www.google.com	649 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	openx.net 2 redirects rtb.openx.net	766 B
2	googletagservices.com www.googletagservices.com	64 KB
1	innovid.com ag.innovid.com	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	mookie1.com odr.mookie1.com	324 B
1	quantserve.com cms.quantserve.com	464 B
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	640 B
1	googleapis.com fonts.googleapis.com	797 B
63	16

	Domain	Requested by
20	www.edevlet.uk	www.edevlet.uk
9	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	www.edevlet.uk pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
1	p4-bj5rteafvjqam-cu6qp2ryshrwo23b-765933-i2-v6exp3.ds.metric.gstatic.com
1	p4-bj5rteafvjqam-cu6qp2ryshrwo23b-765933-i1-v6exp3.v4.metric.gstatic.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	www.edevlet.uk
1	edevlet.uk	1 redirects
63	23

This site contains links to these domains. Also see Links.

Domain
www.mhthemes.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-01` - `2021-08-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.v4.metric.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.ds.metric.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.edevlet.uk/
Frame ID: 79611D24956972F6AF6D3690AE1E1485
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 25E6017C94F71BCDB623C306FE7B43C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3828324950511138&output=html&adk=3826760629&adf=1341073466&lmt=1616423452&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.edevlet.uk%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616423452130&bpp=284&bdt=147&idt=696&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2173238085024&frm=20&pv=2&ga_vid=1564563181.1616423453&ga_sid=1616423453&ga_hid=1121086992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068945%2C44739387%2C21069710&oid=3&pvsid=315491207883577&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=777
Frame ID: 7E6A3DADA320432AE37AF740A49A09CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3828324950511138&output=html&h=280&slotname=1569091564&adk=1807977121&adf=3515665459&pi=t.ma~as.1569091564&w=355&fwrn=4&fwrnh=100&lmt=1616423453&rafmt=1&psa=0&format=355x280&url=https%3A%2F%2Fwww.edevlet.uk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616423452586&bpp=14&bdt=603&idt=458&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2173238085024&frm=20&pv=1&ga_vid=1564563181.1616423453&ga_sid=1616423453&ga_hid=1121086992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1095&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068945%2C44739387%2C21069710&oid=3&pvsid=315491207883577&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lfeNnVld1u&p=https%3A//www.edevlet.uk&dtd=480
Frame ID: AB214E608420F5ABA37DA7557C7018D3
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: FF71B858C0BB310D36D2A23A1AF3941F
Requests: 2 HTTP requests in this frame

Frame: https://p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: DAF623C13E6569543BE399C386CC14A3
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3464C211147E05098B520C59390DF5F3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 8299E08637A6A45BDD4BD40DC7842460
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: D9B82BCE75F73B1C1A2C05A1A7D1EEE8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://edevlet.uk/ HTTP 302
https://www.edevlet.uk/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

63
Requests

100 %
HTTPS

61 %
IPv6

16
Domains

23
Subdomains

20
IPs

3
Countries

4986 kB
Transfer

5662 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mhthemes.com/
Title: MH Themes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://edevlet.uk/ HTTP 302
https://www.edevlet.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 48

https://rtb.openx.net/sync/dds?google_gid=CAESEHvKs7vYn-gebqigJJE2wWY&google_cver=1&google_push=AQvitULifqN3yz9yh_3OrJCTCv4EO4PY_IjO61VRD-aYoWusvCqQ-ydmkifPLlXCTIPSfnPTTAuT73zZC9wmIPDFKG70mFIoWHAW5Q HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEHvKs7vYn-gebqigJJE2wWY&google_cver=1&google_push=AQvitULifqN3yz9yh_3OrJCTCv4EO4PY_IjO61VRD-aYoWusvCqQ-ydmkifPLlXCTIPSfnPTTAuT73zZC9wmIPDFKG70mFIoWHAW5Q&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULifqN3yz9yh_3OrJCTCv4EO4PY_IjO61VRD-aYoWusvCqQ-ydmkifPLlXCTIPSfnPTTAuT73zZC9wmIPDFKG70mFIoWHAW5Q&google_hm=_t0XQyHMx28Vx-fsp9zeag== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULifqN3yz9yh_3OrJCTCv4EO4PY_IjO61VRD-aYoWusvCqQ-ydmkifPLlXCTIPSfnPTTAuT73zZC9wmIPDFKG70mFIoWHAW5Q&google_hm=_t0XQyHMx28Vx-fsp9zeag==&google_tc=

Request Chain 49

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMA7YbE_qjLQ5qT7MTSdYHU&google_cver=1&google_push=AQvitUK4m--7js92XRZ3NCpSrQlzec6S1r0s6M5sfU6jYg-hnhxKjcNaF5AC3s3kWwbeSUXSnOFDYjwrkreJVC0g5I-CjNBGzbIcRQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMA7YbE_qjLQ5qT7MTSdYHU&google_cver=1&google_push=AQvitUK4m--7js92XRZ3NCpSrQlzec6S1r0s6M5sfU6jYg-hnhxKjcNaF5AC3s3kWwbeSUXSnOFDYjwrkreJVC0g5I-CjNBGzbIcRQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjeGvFGJQaGmxz5IZEFVTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK4m--7js92XRZ3NCpSrQlzec6S1r0s6M5sfU6jYg-hnhxKjcNaF5AC3s3kWwbeSUXSnOFDYjwrkreJVC0g5I-CjNBGzbIcRQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjeGvFGJQaGmxz5IZEFVTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK4m--7js92XRZ3NCpSrQlzec6S1r0s6M5sfU6jYg-hnhxKjcNaF5AC3s3kWwbeSUXSnOFDYjwrkreJVC0g5I-CjNBGzbIcRQ&google_tc=

Request Chain 50

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGnzKRFBjClYfxJQmENohGA&google_cver=1&google_push=AQvitUJqDuKUzLnz-GiR7ZS7n3VJxEFOb_SqYYXT2v2ylL6wjj5CdXvMhkiKaQL5Icd8Tjz4HeBPAXoHz047ptWvCM08nF-hgnoo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01LT1NGTjQtMVQtNFJIQQ==&google_push=AQvitUJqDuKUzLnz-GiR7ZS7n3VJxEFOb_SqYYXT2v2ylL6wjj5CdXvMhkiKaQL5Icd8Tjz4HeBPAXoHz047ptWvCM08nF-hgnoo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01LT1NGTjQtMVQtNFJIQQ==&google_push=AQvitUJqDuKUzLnz-GiR7ZS7n3VJxEFOb_SqYYXT2v2ylL6wjj5CdXvMhkiKaQL5Icd8Tjz4HeBPAXoHz047ptWvCM08nF-hgnoo&google_tc=

Request Chain 51

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEODMDc-sjCpIcXTh8PLm16M&google_cver=1&google_push=AQvitUKAh1QOAHmBeWmIEHOetkfscwgDE_LNYq39go4ILEXCEfGWo7OxmuRQ6UxpObyt9ZZihYbf2uFdC6ZZVn5yDgE6xvz3FE8z1w HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEODMDc-sjCpIcXTh8PLm16M&google_cver=1&google_push=AQvitUKAh1QOAHmBeWmIEHOetkfscwgDE_LNYq39go4ILEXCEfGWo7OxmuRQ6UxpObyt9ZZihYbf2uFdC6ZZVn5yDgE6xvz3FE8z1w&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFiqHoYUcSfC8MfBPKWqnAAABIsAAAIB&google_push=AQvitUKAh1QOAHmBeWmIEHOetkfscwgDE_LNYq39go4ILEXCEfGWo7OxmuRQ6UxpObyt9ZZihYbf2uFdC6ZZVn5yDgE6xvz3FE8z1w&google_gid=CAESEODMDc-sjCpIcXTh8PLm16M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFiqHoYUcSfC8MfBPKWqnAAABIsAAAIB&google_push=AQvitUKAh1QOAHmBeWmIEHOetkfscwgDE_LNYq39go4ILEXCEfGWo7OxmuRQ6UxpObyt9ZZihYbf2uFdC6ZZVn5yDgE6xvz3FE8z1w&google_gid=CAESEODMDc-sjCpIcXTh8PLm16M&google_cver=1&google_tc=

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.edevlet.uk/
Redirect Chain

http://edevlet.uk/
https://www.edevlet.uk/

31 KB
6 KB

1169ms
1135ms

Document
text/html

2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.27
Resource Hash: 089db6bceff2f13be9fd9e9d74394e4f8bead1a8ae71f18cd093b78ac17c6c95

Request headers

:method: GET
:authority: www.edevlet.uk
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d57ef33ab9caf694bf2813ac2261b86981616423450
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:51 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
link: <https://www.edevlet.uk/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 08fbf190dc00004e0e911c8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oE3y3hbH%2F7ZCNGYG2KbmHUjiEQsUs5e65bPg0Ya3t9eoX4WRvAs5ucE3jnBQ57ewL4KJU4IMMOcNq6Dx0GGKTawXb5yZyQ8QniH8S3uid2hq2JDKG7ZobYX8AQ%3D%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 63401ec7cba24e0e-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Mon, 22 Mar 2021 14:30:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d57ef33ab9caf694bf2813ac2261b86981616423450; expires=Wed, 21-Apr-21 14:30:50 GMT; path=/; domain=.edevlet.uk; HttpOnly; SameSite=Lax
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Location: https://www.edevlet.uk/
X-Turbo-Charged-By: LiteSpeed
CF-Cache-Status: DYNAMIC
cf-request-id: 08fbf1903200002fa538bc4000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BP0ax5IS6ShJfFyEEgKuzbpvrrvS9ppbAXvIpEacRm6zrxGjXxv8VlYRN37XO247SPKdw6ZwYIOONbrZnsmfurLwDr4QDvpT%2BKz%2Fu7%2Bjky4WX9oBDr%2BK"}],"max_age":604800,"group":"cf-nel"}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 63401ec6bfa32fa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.edevlet.uk
URL: https://www.edevlet.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49857
x-xss-protection: 0
server: cafe
etag: 11991498641368206346
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 14:30:52 GMT

GET
H2 200 style.min.css
www.edevlet.uk/wp-includes/css/dist/block-library/ 40 KB
6 KB 338ms
337ms Stylesheet
text/css 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.edevlet.uk/wp-includes/css/dist/block-library/style.min.css?ver=5.3.6
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08fbf1955c00004e0ea4044000000001
last-modified: Wed, 10 Jun 2020 23:22:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=95Y6ZCFnoNp9oBqnHmRjipNz1clGgmxCY83MAQ9WBFq7eG26gF%2FvGmwK%2BbKosVmG5VqR1PsGcBRrEExSyAFXfVkjbnWEc1XyvMK2STi6PtwIH0mBWqyYqGdwaQ%3D%3D"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 63401ecefebf4e0e-FRA
expires: Mon, 29 Mar 2021 14:30:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
797 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400italic,400,500,600,700

Requested by

Host: www.edevlet.uk
URL: https://www.edevlet.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb8af7d3317cc1f73852f8b6cb595685d0385ccc5c81282d24e06b843c3d31a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 14:30:52 GMT
server: ESF
date: Mon, 22 Mar 2021 14:30:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Mar 2021 14:30:52 GMT

GET
H2 200 style.css
www.edevlet.uk/wp-content/themes/tuto/ 41 KB
8 KB 319ms
318ms Stylesheet
text/css 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.edevlet.uk/wp-content/themes/tuto/style.css?ver=1.2.7
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89426a99ff04cc5378d78993c6693c6ca8bd2132cee63587b69e275903b63150

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08fbf1955d00004e0ed01d8000000001
last-modified: Tue, 31 Mar 2020 08:55:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J3JpG%2FOAUMANiPp7jFVUOhR5R3LBIvnBMhRZjMOTC1%2BRCRGFo8rcSHMSXdQFko8kLq3B61uXXu0tlyXd0q6jVKCcG4o74ZW1R1eAsi3zJo46rX4cOecpTACeWA%3D%3D"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 63401ecefec44e0e-FRA
expires: Mon, 29 Mar 2021 14:30:49 GMT

GET
H2 200 font-awesome.min.css
www.edevlet.uk/wp-content/themes/tuto/includes/ 28 KB
6 KB 285ms
284ms Stylesheet
text/css 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.edevlet.uk/wp-content/themes/tuto/includes/font-awesome.min.css
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08fbf1955f00004e0ec9a93000000001
last-modified: Tue, 31 Mar 2020 08:55:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rz7N3AQz%2B7HPELjFgR3NlzlTDcl1Y82eGvzC5u2F%2F2bU%2FzaXnC6DNoXuVY3c%2BimB2Qf7dDj6qdercLz2rKLooD%2BnWTgmoF8n8ya7RccgGt0ZZz82Cyc3UNa%2F5A%3D%3D"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 63401ecefec94e0e-FRA
expires: Mon, 29 Mar 2021 14:30:49 GMT

GET
H2 200 jquery.js Show response
www.edevlet.uk/wp-includes/js/jquery/ 95 KB
32 KB 340ms
339ms Script
application/javascript 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.edevlet.uk/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08fbf1956000004e0ea90da000000001
last-modified: Sun, 01 Dec 2019 23:31:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bHRc0OdcgJYFR5a7j%2FJYp8XZDZNu8HbB1PfsQktWm%2BbmgUMrbXSpN7jyS%2BLP8bIhguDlkUNhrMP4KyMZGjlDP7QFRk%2BVEPfhWRr2oHJ3ROu9CTRZUZ%2FOgngCFA%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 63401ecefecc4e0e-FRA
expires: Mon, 29 Mar 2021 14:30:49 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.edevlet.uk/wp-includes/js/jquery/ 10 KB
4 KB 331ms
331ms Script
application/javascript 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.edevlet.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08fbf1956300004e0ee91b8000000001
last-modified: Fri, 20 May 2016 05:11:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MGggA4uGswirZ%2Frt%2FkzLqxDk1NoMALIrAuW5iPL%2F%2Bxq%2BUzadDSaZc7Rn5VLnSsIfZ7BM5OPc9EuXnR14uiREBkHaLqJfcAEPLUQ8YjCxXpfHCYieO73P6rRijA%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 63401ecf0ed14e0e-FRA
expires: Mon, 29 Mar 2021 14:30:49 GMT

GET
H2 200 scripts.js Show response
www.edevlet.uk/wp-content/themes/tuto/js/ 14 KB
5 KB 325ms
325ms Script
application/javascript 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.edevlet.uk/wp-content/themes/tuto/js/scripts.js?ver=5.3.6
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91961ff41bf0d6ee4559d8b3fde29639537b1b47a2b5924b15d43a86ad2f52b3

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08fbf1956b00004e0e9c83e000000001
last-modified: Tue, 31 Mar 2020 08:55:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qv7Xdh2tMrC97JAwjyZWV4Sw%2F9Zz9HGe6tyztlJA0Xtgjvg8n%2FOaKGc0%2FlAhweh7eNAj7Vl03%2Bzu3nSx7h9PE8ZSaXcBlwBo4QELj4q83G5LUXpbGNYVAIHLCw%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 63401ecf1edc4e0e-FRA
expires: Mon, 29 Mar 2021 14:30:49 GMT

GET
H2 200 e-devlet-giris.png
www.edevlet.uk/wp-content/uploads/2018/10/ 394 KB
394 KB 492ms
491ms Image
image/png 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.edevlet.uk/wp-content/uploads/2018/10/e-devlet-giris.png
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e1ea8a5acc63b9bc98ffe13847142745a01e87bc69dac262a06511ac98d086

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 403142
cf-request-id: 08fbf196c700004e0e872aa000000001
last-modified: Sat, 13 Oct 2018 08:36:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LL9WhTOuNfjQLVp9n3%2BCXC1TZp88lhP9CrZznLxEWIjTKWSFtGitlszrX9NYcUxYdiswFFuMjzprfg%2FKp%2F3qPBxkjqD%2F7ePVSa7Q37iWvHzyo4nO93%2F4G%2BGDjg%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63401ed13a984e0e-FRA
expires: Mon, 29 Mar 2021 14:30:49 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.edevlet.uk/wp-includes/js/ 14 KB
5 KB 319ms
319ms Script
application/javascript 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.edevlet.uk/wp-includes/js/wp-emoji-release.min.js?ver=5.3.6
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08fbf196dd00004e0eee9a4000000001
last-modified: Sun, 01 Dec 2019 23:31:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kT2iucAb%2Bv8L9YN4hBXpU%2FJh%2BuOYr9EId92wGJGwmo5V9LSYLwXY0vwrP18P2fVAuC4h0Zpd%2F7v%2B3qJMvaKuqyLwPS22wQ2OjuDwEMTVvX2xJ%2FfdN9OEE6sK1g%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 63401ed16ac64e0e-FRA
expires: Mon, 29 Mar 2021 14:30:49 GMT

GET
H2 200 e-devlet-sifresi-alma-768x407.png
www.edevlet.uk/wp-content/uploads/2018/10/ 547 KB
548 KB 481ms
480ms Image
image/png 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.edevlet.uk/wp-content/uploads/2018/10/e-devlet-sifresi-alma-768x407.png
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 126816c581c7c43733758adeb08f1b2ef7a6949bf13575fce2afc2318a47c236

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 560281
cf-request-id: 08fbf196e000004e0eac196000000001
last-modified: Sat, 13 Oct 2018 08:38:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rug6kpsd4XWbgpnJjyziItLOxuhEUHf645rWro5JJEG2KVBo0Wx3%2BaJRk41K4lgzwmyBqpIM%2Bdcg489HNQokj923%2BRJ0Ut4pB6jShtavvGy9KA3dXpJD1I7bUQ%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63401ed16ace4e0e-FRA
expires: Mon, 29 Mar 2021 14:30:49 GMT

GET
H2 200 e-devlet-sifremi-unuttum-768x407.png
www.edevlet.uk/wp-content/uploads/2018/10/ 547 KB
548 KB 424ms
423ms Image
image/png 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.edevlet.uk/wp-content/uploads/2018/10/e-devlet-sifremi-unuttum-768x407.png
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8341e99fa3572fbf5e0d6e17e304900a6b2dd322d8601ffb08f5396864325e0f

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 560292
cf-request-id: 08fbf196e100004e0eb6317000000001
last-modified: Sat, 13 Oct 2018 08:44:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T34wHeRhJgZz%2BMcGFvbaDipmaP8QcqXAWXLr%2B6M8wDudyG%2FC4r0OSX4t6XBVGUTOCUxopghpK8rxH8WhZLjbwHAVxkZKhXOCV%2B0TR70IAfMBNsQDOuXATo2OdQ%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63401ed16acf4e0e-FRA
expires: Mon, 29 Mar 2021 14:30:49 GMT

GET
H2 200 e-devlet-kapisi-768x407.png
www.edevlet.uk/wp-content/uploads/2018/10/ 546 KB
547 KB 560ms
559ms Image
image/png 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.edevlet.uk/wp-content/uploads/2018/10/e-devlet-kapisi-768x407.png
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2efc1c9c4c6e9d4e6a03b0856b4be272e1fafdb5089831a3b1bbaccee57401fa

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 559097
cf-request-id: 08fbf196e300004e0ebd3dc000000001
last-modified: Sat, 13 Oct 2018 08:49:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3zBQW2VvfBjv7T2Q3R0u8r5fgQmMrQ0H3lcIKtYF5Imp42cLMoqxuGoW1Fq6%2FCmPQ58q59wdIH5YK7OaomV5QsXM5RW0MJoYgkOL32fRowZAOORrgnDW%2B3hvpw%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63401ed16ad44e0e-FRA
expires: Mon, 29 Mar 2021 14:30:50 GMT

GET
H2 200 ssk-sigorta-sorgulama-768x407.png
www.edevlet.uk/wp-content/uploads/2018/10/ 392 KB
393 KB 523ms
522ms Image
image/png 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.edevlet.uk/wp-content/uploads/2018/10/ssk-sigorta-sorgulama-768x407.png
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8fd9d9b5fcf95c1f3f3d9a822d941dd3a8b1e82bd2bdaf6bd434a7fdcdf51bb

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 401708
cf-request-id: 08fbf196e300004e0ec0102000000001
last-modified: Wed, 17 Oct 2018 21:37:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KNJ3wjHgq5MQj94vLnZpTyeNIBHv7z6xauXmNRn2LxCQ4Q4eKCKkXzmaMTbUHo3XK42K61VjnhSaTPB4jzG%2F23ZhgSlx9tAQANlMGMBmBNERb6rYmi1T28gUew%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63401ed16ad64e0e-FRA
expires: Mon, 29 Mar 2021 14:30:50 GMT

GET
H2 200 egm-emniyet-trafik-cezasi-sorgulama-768x337.png
www.edevlet.uk/wp-content/uploads/2018/10/ 340 KB
340 KB 552ms
551ms Image
image/png 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.edevlet.uk/wp-content/uploads/2018/10/egm-emniyet-trafik-cezasi-sorgulama-768x337.png
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc9868adb53562dcc0a4c5dbbe1865ad85984c0290a29d56c1b6f9a248754bb5

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347844
cf-request-id: 08fbf196e300004e0e8687a000000001
last-modified: Wed, 17 Oct 2018 18:48:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U82QGI1sSn5pjwXF2pF%2Foz6X5chM9VDarqq93ArxYz9621zb4kmrxw4gJvoa4SjpfkJW7p%2BPsjcWjTFzHu3w8ajtsXtA47di%2BHnHKHD6ZOx1m9dRlLkMI3Lyew%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63401ed16ad74e0e-FRA
expires: Mon, 29 Mar 2021 14:30:50 GMT

GET
H2 200 HGS-SORGULAMA-768x407.png
www.edevlet.uk/wp-content/uploads/2018/10/ 501 KB
502 KB 479ms
478ms Image
image/png 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.edevlet.uk/wp-content/uploads/2018/10/HGS-SORGULAMA-768x407.png
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24c487cf9cc2d368cc4de7f4e395b86b512e7f6356d10f2be78edb3ef081756f

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 513281
cf-request-id: 08fbf196e500004e0e78285000000001
last-modified: Sat, 13 Oct 2018 20:01:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fIhduO%2FTxN7baamOyAK1JQR3MlD%2FmqRdFywp1m84xrUgiVsLo7SepR7v5qBr9MpeIwixk8ZNmEQ7i%2FpynDbma6tiRd%2FQFSRUJv%2BxTGF4e8lKcOuZrcG6u99xsw%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63401ed16ada4e0e-FRA
expires: Mon, 29 Mar 2021 14:30:49 GMT

GET
H2 200 e-devlet-mobil-indir-768x407.png
www.edevlet.uk/wp-content/uploads/2018/10/ 547 KB
548 KB 551ms
550ms Image
image/png 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.edevlet.uk/wp-content/uploads/2018/10/e-devlet-mobil-indir-768x407.png
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd25f8c20d413d6f86854b214257863b9f82fc7de24cef5ec0517814aa961a1

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 559859
cf-request-id: 08fbf196e500004e0ecf24c000000001
last-modified: Sat, 13 Oct 2018 08:47:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gtblDFyR45mcKPX8ST%2FOAi1t1%2B8fnNohMpxUWS4rfiFrpx5DwZPQBsCCzWwZybcfWJ%2FzHZ7p3uZaZj4NIjFSr10UrvxZkfe3xJ6%2FLH7SVvxnjk90ARKFrUrEjQ%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63401ed16ade4e0e-FRA
expires: Mon, 29 Mar 2021 14:30:50 GMT

GET
H2 200 uyap-vatandas-mahkeme-dava-dosyasi-sorgulama-768x403.png
www.edevlet.uk/wp-content/uploads/2018/10/ 324 KB
325 KB 460ms
459ms Image
image/png 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.edevlet.uk/wp-content/uploads/2018/10/uyap-vatandas-mahkeme-dava-dosyasi-sorgulama-768x403.png
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9d139c90313c39d30b0b281836b0d1b0617cbb6da07bc0a63c74ea5244e61ae

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 332196
cf-request-id: 08fbf196e500004e0e9f3ed000000001
last-modified: Wed, 17 Oct 2018 19:05:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ppQ9ePMYOeSqg0LoaK7c9Ijd3Oj2sOoYSF6j4doVjSw%2F23%2FvVa%2BPnCEOJAcu7aEXlc6WNyuSt2e94ezXyr68imVzpkziunvZcq66y9tkxhi6oo5ytr64JirvUw%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63401ed16adf4e0e-FRA
expires: Mon, 29 Mar 2021 14:30:49 GMT

GET
H2 200 vergi-borcu-sorgulama-768x335.png
www.edevlet.uk/wp-content/uploads/2018/10/ 309 KB
309 KB 556ms
555ms Image
image/png 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.edevlet.uk/wp-content/uploads/2018/10/vergi-borcu-sorgulama-768x335.png
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a648d02bd99b838b817b6cf25bb995a6cbdbb27723b98f3cd06587dec93cfe8

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 316129
cf-request-id: 08fbf196e500004e0ed01f2000000001
last-modified: Wed, 17 Oct 2018 18:39:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FkbXMmkBFGS6J92PgNhmC98ZmOvx%2Bbvco4tvChugayYvxnV8XTklsFgoDZ4NSbLp1mrkZF%2FCZcEqZolhWisTqkXaBjIGNnltLcWnSaq0TVDpdtkB15gTngwkqg%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63401ed16ae04e0e-FRA
expires: Mon, 29 Mar 2021 14:30:50 GMT

GET
H2 200 wp-embed.min.js Show response
www.edevlet.uk/wp-includes/js/ 1 KB
956 B 327ms
327ms Script
application/javascript 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.edevlet.uk/wp-includes/js/wp-embed.min.js?ver=5.3.6
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08fbf196c500004e0e9122a000000001
last-modified: Sun, 01 Dec 2019 23:31:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xeTmGA1z%2FYC16ytQ%2Bs0rfGnSauCkUd5%2B4sCYsrOJpPD42YYWFy7jO4%2BvIjG9fuc5jRwHSxcdiY8AShJWrPAz55rZ2zFpCUiP2wBVpGOLdGCVKtWOQ5yZqRC%2BeQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 63401ed13a8d4e0e-FRA
expires: Mon, 29 Mar 2021 14:30:49 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 226 KB
85 KB 66ms
50ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3828324950511138&plah=www.edevlet.uk&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 14:30:52 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 46 KB
46 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400italic,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.edevlet.uk
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:26:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:37:32 GMT
server: sffe
age: 590642
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47272
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:26:50 GMT

GET
H2 200 fontawesome-webfont.woff2
www.edevlet.uk/wp-content/themes/tuto/fonts/ 70 KB
71 KB 500ms
499ms Font
font/woff2 2606:4700:3037::ac43:a7d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.edevlet.uk/wp-content/themes/tuto/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.edevlet.uk
URL: https://www.edevlet.uk/wp-content/themes/tuto/includes/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin: https://www.edevlet.uk
Referer: https://www.edevlet.uk/wp-content/themes/tuto/includes/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896
cf-request-id: 08fbf196f800004e0ea6bdb000000001
last-modified: Tue, 31 Mar 2020 08:55:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eLO2TdPBbjzYJCSFoIaL%2FqG8UXdLSQKvpJKCPt8t%2FlGmhs1KaRG6EMc7e5HNW4fMRSqtWqhDsBzfxVlg7JcXyhWOFn4ZNoAwDdU3%2BE8orNR%2BMaNuJakscCQ2Gg%3D%3D"}],"max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63401ed18b0e4e0e-FRA
expires: Mon, 29 Mar 2021 14:30:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 25E6 10 KB
5 KB 11ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.edevlet.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.edevlet.uk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 04:26:34 GMT
expires: Mon, 05 Apr 2021 04:26:34 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 36258
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v19/ 30 KB
30 KB 40ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyCMIT5lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400italic,400,500,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eab423f0008a1b0fb56d3a0112959570b9dee431055f89b4e24c5a734d88a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.edevlet.uk
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 10:24:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 23:15:18 GMT
server: sffe
age: 187573
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30432
x-xss-protection: 0
expires: Sun, 20 Mar 2022 10:24:39 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
640 B 118ms
43ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.edevlet.uk&callback=_gfp_s_&client=ca-pub-3828324950511138

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3828324950511138&plah=www.edevlet.uk&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

15a6c295c8a20b6b87b26292cfd2a024bef73376676a972f8d9574f2c8a5a7b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 50ms
12ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.edevlet.uk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 47ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.edevlet.uk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7E6A 54 B
363 B 110ms
100ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3828324950511138&output=html&adk=3826760629&adf=1341073466&lmt=1616423452&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.edevlet.uk%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616423452130&bpp=284&bdt=147&idt=696&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2173238085024&frm=20&pv=2&ga_vid=1564563181.1616423453&ga_sid=1616423453&ga_hid=1121086992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068945%2C44739387%2C21069710&oid=3&pvsid=315491207883577&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=777

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3828324950511138&output=html&adk=3826760629&adf=1341073466&lmt=1616423452&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.edevlet.uk%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616423452130&bpp=284&bdt=147&idt=696&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2173238085024&frm=20&pv=2&ga_vid=1564563181.1616423453&ga_sid=1616423453&ga_hid=1121086992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068945%2C44739387%2C21069710&oid=3&pvsid=315491207883577&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=777
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.edevlet.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.edevlet.uk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 22 Mar 2021 14:30:53 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 22-Mar-2021 14:45:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 14:30:53 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 56ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Mon, 22 Mar 2021 14:30:52 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB21 64 KB
24 KB 487ms
487ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3828324950511138&output=html&h=280&slotname=1569091564&adk=1807977121&adf=3515665459&pi=t.ma~as.1569091564&w=355&fwrn=4&fwrnh=100&lmt=1616423453&rafmt=1&psa=0&format=355x280&url=https%3A%2F%2Fwww.edevlet.uk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616423452586&bpp=14&bdt=603&idt=458&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2173238085024&frm=20&pv=1&ga_vid=1564563181.1616423453&ga_sid=1616423453&ga_hid=1121086992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1095&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068945%2C44739387%2C21069710&oid=3&pvsid=315491207883577&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lfeNnVld1u&p=https%3A//www.edevlet.uk&dtd=480

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82e7aacc1fc9545528878c51bb00b1c38394fefda6d078f360ddcb77666a9346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3828324950511138&output=html&h=280&slotname=1569091564&adk=1807977121&adf=3515665459&pi=t.ma~as.1569091564&w=355&fwrn=4&fwrnh=100&lmt=1616423453&rafmt=1&psa=0&format=355x280&url=https%3A%2F%2Fwww.edevlet.uk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616423452586&bpp=14&bdt=603&idt=458&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2173238085024&frm=20&pv=1&ga_vid=1564563181.1616423453&ga_sid=1616423453&ga_hid=1121086992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1095&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068945%2C44739387%2C21069710&oid=3&pvsid=315491207883577&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lfeNnVld1u&p=https%3A//www.edevlet.uk&dtd=480
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.edevlet.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.edevlet.uk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 22 Mar 2021 14:30:53 GMT
server: cafe
content-length: 24534
x-xss-protection: 0
set-cookie: IDE=AHWqTUnc-MGj39HsMyLZP4vIhtLWKMywXLR-ZZqXlB28nYO0rizvYUvy7jdZghYYuj4; expires=Sat, 16-Apr-2022 14:30:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 14:30:53 GMT
cache-control: private

GET
H2 200 9217700862403725573
tpc.googlesyndication.com/simgad/ Frame AB21 12 KB
12 KB 49ms
12ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9217700862403725573?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql1GB42_igi0JpwcgxMWxkMbWFSQw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3828324950511138&output=html&h=280&slotname=1569091564&adk=1807977121&adf=3515665459&pi=t.ma~as.1569091564&w=355&fwrn=4&fwrnh=100&lmt=1616423453&rafmt=1&psa=0&format=355x280&url=https%3A%2F%2Fwww.edevlet.uk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616423452586&bpp=14&bdt=603&idt=458&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2173238085024&frm=20&pv=1&ga_vid=1564563181.1616423453&ga_sid=1616423453&ga_hid=1121086992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1095&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068945%2C44739387%2C21069710&oid=3&pvsid=315491207883577&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lfeNnVld1u&p=https%3A//www.edevlet.uk&dtd=480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64a09d35829fc5f94e946ea2ddb2a1bb956ec602024eba5f0f1ec710505ad4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:12:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Oct 2020 08:14:01 GMT
server: sffe
age: 526713
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12032
x-xss-protection: 0
expires: Wed, 16 Mar 2022 12:12:20 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame AB21 17 KB
7 KB 40ms
5ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 14:24:47 GMT

GET
H2 200 common_one_point_five_click_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame AB21 10 KB
4 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/common_one_point_five_click_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b3366d8afc4664823cdaadcb7bc44862fabbccca3b25b0fc204103d083c1fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 16:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4387
x-xss-protection: 0
server: cafe
etag: 13499103927891914226
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 16:46:34 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame AB21 2 KB
1 KB 39ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 14:27:45 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB21 117 KB
36 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Mon, 22 Mar 2021 14:30:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame AB21 13 KB
6 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 14:28:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AB21 0
0 15ms
13ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWD6Dd_LX3Y-RVCSmAH_k0fF2eJFwOm3AqqF_XO6LJ12Qh7M9ViOl4WC0T2R1EA2lOP-dxMCC8MNL8p9eRHtAgUi_qPw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3828324950511138&output=html&h=280&slotname=1569091564&adk=1807977121&adf=3515665459&pi=t.ma~as.1569091564&w=355&fwrn=4&fwrnh=100&lmt=1616423453&rafmt=1&psa=0&format=355x280&url=https%3A%2F%2Fwww.edevlet.uk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616423452586&bpp=14&bdt=603&idt=458&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2173238085024&frm=20&pv=1&ga_vid=1564563181.1616423453&ga_sid=1616423453&ga_hid=1121086992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1095&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068945%2C44739387%2C21069710&oid=3&pvsid=315491207883577&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lfeNnVld1u&p=https%3A//www.edevlet.uk&dtd=480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame AB21 25 KB
11 KB 39ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

329059d559fdef07b7854e9550433cf721a2301c3279b96d5c04f32477fbb63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10816
x-xss-protection: 0
server: cafe
etag: 5325187549321947876
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 14:18:13 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame AB21 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cj3EXHapYYPX9Bb2GmLAP9_OykA3t4vrxYavE-_2uDa3K_d8FEAEg-e6_RWCViriCyAegAZfKjZoCyAECqQKD7iruVe-zPqgDAcgDyQSqBMoBT9CGjUmIYLTiLmbe7oGrv84xN3K1t3ZLBJ4_uSP8vuMql08wH3-7XhuD-UP7FQTURCobLnhC2W-ZTOizizMtyshXfuqntVhpsll0NkelJJW38kXk-Rg8OC77BZG-o2f-CyC9YsO0gRbOX4ty2LG4fiHSeIFF8kaA0rqpJseSg74znh9V2t0Be-FjYjbMhSYhAQbP_P6jKfRTL1dLXkEHbjTSSDHdVlBWDqQqW2Ja1H6NBEgqgoAYgy_MYbEeI2ZLLB-sw5G_DWZyscAEk6K22qYDkgUECAQYAZIFBAgFGASgBgKAB9G18uUBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEIbhZ9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0zODI4MzI0OTUwNTExMTM4&sigh=qo7h-iSl2Ks&tpd=AGWhJmusYGxBanBaoejmUxsO5Mny9hMyjLLTnoSq8YLCQhgYzA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3828324950511138&output=html&h=280&slotname=1569091564&adk=1807977121&adf=3515665459&pi=t.ma~as.1569091564&w=355&fwrn=4&fwrnh=100&lmt=1616423453&rafmt=1&psa=0&format=355x280&url=https%3A%2F%2Fwww.edevlet.uk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616423452586&bpp=14&bdt=603&idt=458&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2173238085024&frm=20&pv=1&ga_vid=1564563181.1616423453&ga_sid=1616423453&ga_hid=1121086992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1095&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068945%2C44739387%2C21069710&oid=3&pvsid=315491207883577&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lfeNnVld1u&p=https%3A//www.edevlet.uk&dtd=480
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 22 Mar 2021 14:30:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FF71 143 B
216 B 10ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3828324950511138&output=html&h=280&slotname=1569091564&adk=1807977121&adf=3515665459&pi=t.ma~as.1569091564&w=355&fwrn=4&fwrnh=100&lmt=1616423453&rafmt=1&psa=0&format=355x280&url=https%3A%2F%2Fwww.edevlet.uk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616423452586&bpp=14&bdt=603&idt=458&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2173238085024&frm=20&pv=1&ga_vid=1564563181.1616423453&ga_sid=1616423453&ga_hid=1121086992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1095&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068945%2C44739387%2C21069710&oid=3&pvsid=315491207883577&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lfeNnVld1u&p=https%3A//www.edevlet.uk&dtd=480
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnc-MGj39HsMyLZP4vIhtLWKMywXLR-ZZqXlB28nYO0rizvYUvy7jdZghYYuj4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3828324950511138&output=html&h=280&slotname=1569091564&adk=1807977121&adf=3515665459&pi=t.ma~as.1569091564&w=355&fwrn=4&fwrnh=100&lmt=1616423453&rafmt=1&psa=0&format=355x280&url=https%3A%2F%2Fwww.edevlet.uk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616423452586&bpp=14&bdt=603&idt=458&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2173238085024&frm=20&pv=1&ga_vid=1564563181.1616423453&ga_sid=1616423453&ga_hid=1121086992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1095&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068945%2C44739387%2C21069710&oid=3&pvsid=315491207883577&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lfeNnVld1u&p=https%3A//www.edevlet.uk&dtd=480

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Mar 2021 13:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2967
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame DAF6 247 B
776 B 120ms
36ms Document
text/html 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

85d36a9567bc31883b9f0ed4b6082d5f99dae429fff801985282177e1395d249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-dC3Ul205CUlc9kIq22xHwg' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 204
date: Mon, 22 Mar 2021 14:30:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3464 1 KB
835 B 9ms
8ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 03:14:09 GMT
expires: Tue, 23 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 40604
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame AB21 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98940b2b1978045fe8b62e799f9d0d15dd73a763da585e2f89273d027d8f0d1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FF71
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
179 B

40ms
39ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 14:30:54 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 22-Mar-2021 15:30:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 14:30:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 14:30:54 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 iframe.html Show response
p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame DAF6 7 KB
3 KB 35ms
30ms Document
text/html 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

1508d7b4142d7bd3d6260c06e383df1169e156b31b72f435281ff193b0380a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-SYdz2_taqsElN3RycxR3Lg' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 2424
date: Mon, 22 Mar 2021 14:30:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 25 Feb 2021 15:45:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3464 35 B
464 B 32ms
9ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECMoqCGgkwheJbpVawBG5zU&google_cver=1&google_push=AQvitULciSslcuRp_KqYVB9O-6iCAIslG3w3U_7cXQ0qrLiI-4T0mqJEOL3pnEVHi8gTj6-WNBggy1eC7G37TRiV8vyjAGl-kfNp3g

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:30:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 3464 43 B
324 B 76ms
25ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEA-HQJYQmfWBaCF5vRsKfHk&google_push=AQvitUJpQenrhVGpOrmODO1Wk6Ycfv3H53nbD-MBu9nRLzYjl4ZzqaxKijdqvAXP1H9j6wAB_QALo2BtvAhZQJyDG1v7Y5Jeggwi6w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3828324950511138&output=html&h=280&slotname=1569091564&adk=1807977121&adf=3515665459&pi=t.ma~as.1569091564&w=355&fwrn=4&fwrnh=100&lmt=1616423453&rafmt=1&psa=0&format=355x280&url=https%3A%2F%2Fwww.edevlet.uk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616423452586&bpp=14&bdt=603&idt=458&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2173238085024&frm=20&pv=1&ga_vid=1564563181.1616423453&ga_sid=1616423453&ga_hid=1121086992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1095&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068945%2C44739387%2C21069710&oid=3&pvsid=315491207883577&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lfeNnVld1u&p=https%3A//www.edevlet.uk&dtd=480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:30:54 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3464
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEHvKs7vYn-gebqigJJE2wWY&google_cver=1&google_push=AQvitULifqN3yz9yh_3OrJCTCv4EO4PY_IjO61VRD-aYoWusvCqQ-ydmkifPLlXCTIPSfnPTTAuT73zZC9wmIPDFKG70mFIoWHAW5Q
https://rtb.openx.net/sync/dds?google_gid=CAESEHvKs7vYn-gebqigJJE2wWY&google_cver=1&google_push=AQvitULifqN3yz9yh_3OrJCTCv4EO4PY_IjO61VRD-aYoWusvCqQ-ydmkifPLlXCTIPSfnPTTAuT73zZC9wmIPDFKG70mFIoWHAW5...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULifqN3yz9yh_3OrJCTCv4EO4PY_IjO61VRD-aYoWusvCqQ-ydmkifPLlXCTIPSfnPTTAuT73zZC9wmIPDFKG70mFIoWHAW5Q&google_hm=_t0XQyHMx28Vx-fsp9zeag==
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULifqN3yz9yh_3OrJCTCv4EO4PY_IjO61VRD-aYoWusvCqQ-ydmkifPLlXCTIPSfnPTTAuT73zZC9wmIPDFKG70mFIoWHAW5Q&google_hm=_t0XQyHMx28Vx-fsp9zea...

170 B
201 B

38ms
37ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULifqN3yz9yh_3OrJCTCv4EO4PY_IjO61VRD-aYoWusvCqQ-ydmkifPLlXCTIPSfnPTTAuT73zZC9wmIPDFKG70mFIoWHAW5Q&google_hm=_t0XQyHMx28Vx-fsp9zeag==&google_tc=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:30:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:30:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULifqN3yz9yh_3OrJCTCv4EO4PY_IjO61VRD-aYoWusvCqQ-ydmkifPLlXCTIPSfnPTTAuT73zZC9wmIPDFKG70mFIoWHAW5Q&google_hm=_t0XQyHMx28Vx-fsp9zeag==&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 420
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3464
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjeGvFGJQaGmxz5IZEFVTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjeGvFGJQaGmxz5IZEFVTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

39ms
38ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjeGvFGJQaGmxz5IZEFVTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK4m--7js92XRZ3NCpSrQlzec6S1r0s6M5sfU6jYg-hnhxKjcNaF5AC3s3kWwbeSUXSnOFDYjwrkreJVC0g5I-CjNBGzbIcRQ&google_tc=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:30:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:30:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjeGvFGJQaGmxz5IZEFVTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK4m--7js92XRZ3NCpSrQlzec6S1r0s6M5sfU6jYg-hnhxKjcNaF5AC3s3kWwbeSUXSnOFDYjwrkreJVC0g5I-CjNBGzbIcRQ&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 653
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3464
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGnzKRFBjClYfxJQmENohGA&google_cver=1&google_push=AQvitUJqDuKUzLnz-GiR7ZS7n3VJxEFOb_SqYYXT2v2ylL6wjj5CdXvMhkiKaQL5Icd8Tjz4HeB...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01LT1NGTjQtMVQtNFJIQQ==&google_push=AQvitUJqDuKUzLnz-GiR7ZS7n3VJxEFOb_SqYYXT2v2ylL6wjj5CdXvMhkiKaQL5Icd8Tjz4HeBPAXoHz047ptWvCM08nF-hgnoo
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01LT1NGTjQtMVQtNFJIQQ==&google_push=AQvitUJqDuKUzLnz-GiR7ZS7n3VJxEFOb_SqYYXT2v2ylL6wjj5CdXvMhkiKaQL5Icd8Tjz4HeBPAXoHz047ptWvCM08nF-hgnoo&...

170 B
190 B

34ms
33ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01LT1NGTjQtMVQtNFJIQQ==&google_push=AQvitUJqDuKUzLnz-GiR7ZS7n3VJxEFOb_SqYYXT2v2ylL6wjj5CdXvMhkiKaQL5Icd8Tjz4HeBPAXoHz047ptWvCM08nF-hgnoo&google_tc=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:30:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:30:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01LT1NGTjQtMVQtNFJIQQ==&google_push=AQvitUJqDuKUzLnz-GiR7ZS7n3VJxEFOb_SqYYXT2v2ylL6wjj5CdXvMhkiKaQL5Icd8Tjz4HeBPAXoHz047ptWvCM08nF-hgnoo&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 416
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3464
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEODMDc-sjCpIcXTh8PLm16M&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEODMDc-sjCpIcXTh8PLm16M&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFiqHoYUcSfC8MfBPKWqnAAABIsAAAIB&google_push=AQvitUKAh1QOAHmBeWmIEHOetkfscwgDE_LNYq39go4ILEXCEfGWo7OxmuRQ6UxpObyt9ZZihYbf2uFdC6ZZVn5yDg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFiqHoYUcSfC8MfBPKWqnAAABIsAAAIB&google_push=AQvitUKAh1QOAHmBeWmIEHOetkfscwgDE_LNYq39go4ILEXCEfGWo7OxmuRQ6UxpObyt9ZZihYbf2uFdC6ZZVn5yDg...

170 B
190 B

36ms
35ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFiqHoYUcSfC8MfBPKWqnAAABIsAAAIB&google_push=AQvitUKAh1QOAHmBeWmIEHOetkfscwgDE_LNYq39go4ILEXCEfGWo7OxmuRQ6UxpObyt9ZZihYbf2uFdC6ZZVn5yDgE6xvz3FE8z1w&google_gid=CAESEODMDc-sjCpIcXTh8PLm16M&google_cver=1&google_tc=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:30:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:30:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFiqHoYUcSfC8MfBPKWqnAAABIsAAAIB&google_push=AQvitUKAh1QOAHmBeWmIEHOetkfscwgDE_LNYq39go4ILEXCEfGWo7OxmuRQ6UxpObyt9ZZihYbf2uFdC6ZZVn5yDgE6xvz3FE8z1w&google_gid=CAESEODMDc-sjCpIcXTh8PLm16M&google_cver=1&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 490
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 3464 43 B
296 B 83ms
20ms Image
image/gif 2a05:d01c:1d8:8102:73b:46ad:270f:ab37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOzgvfLiAum8baLm5fBHBFo&google_cver=1&google_push=AQvitUJbHFqqKEIM_scqv3G13cb-kz-j-B8VoTWG_Ic1BFdWxb-rX8UMcL7B-JhGpBgvd-MMO-pk74KywhJOT0Qmc_MYWU6ig44l
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3828324950511138&output=html&h=280&slotname=1569091564&adk=1807977121&adf=3515665459&pi=t.ma~as.1569091564&w=355&fwrn=4&fwrnh=100&lmt=1616423453&rafmt=1&psa=0&format=355x280&url=https%3A%2F%2Fwww.edevlet.uk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616423452586&bpp=14&bdt=603&idt=458&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2173238085024&frm=20&pv=1&ga_vid=1564563181.1616423453&ga_sid=1616423453&ga_hid=1121086992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1095&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068945%2C44739387%2C21069710&oid=3&pvsid=315491207883577&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lfeNnVld1u&p=https%3A//www.edevlet.uk&dtd=480
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:73b:46ad:270f:ab37 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:30:54 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3464 0
236 B 97ms
36ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LasdNhCSrikyEaez9tpzGLZ9dOBm8eoPO87jWxr0orrKH1FdwCVaYUfA3Td2JVdsIfSPHi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:54 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 49ms
26ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe4b913af8614b0ecbcdb7fb18ba9fbc4af6e24b527acf25b9a689b038f219e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 14:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6563
x-xss-protection: 0

GET
H2 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8299 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 69445
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Mon, 22 Mar 2021 14:30:54 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame D9B8 12 KB
5 KB 35ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.edevlet.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.edevlet.uk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Mon, 22 Mar 2021 14:16:57 GMT
expires: Tue, 22 Mar 2022 14:16:57 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 837
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame D9B8 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 69445
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
109 B 44ms
43ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=315491207883577&bg=!-Pul-7_NAAbUo7L91KM7ACkAdvg8Wp5aVIMY_itBY4OMXXKhrUN9Dv0Q34K7MfcNBGwol2CoJ4SNxgIAAACoUgAAAAtoAQcKAICVDfL70S0EQjaJBF1nv7pICOg1KvRwb16pp1CCMkdPU3jxgkJ4rbr1Gkjg3fC6OiNSUd3Ncr4M1Hhs7h5aSQMjRhQAfDqLYa33J9F2Uw5LVmmtB00vUc_8Sjadvi0xlV9mzjzBYVA8UCoSjrIOr5uAj2UKJdQwxaHdZRuRvTQ6ZpkBy4iX4uKZyP7kOS1cfGFaUcWaU3RIB9yTr0Pj-V0dBJYvFYwgXC8uvlIgZj71uhFajSatDpunMw1Mnmw9cYgNlCj7KExUGK5SHkRQfxkiOQ9c6WwT2gFkgb8-flrafETODQ7-Wsd5q19J3pxSRze5nSRa8zux87Rh9qXYfUHA0FXJNNPPvMiR9ExB2jm4LCiHL1pmpGT7N9xFqvLLjbZojaHAeVul3EGfZT7VoWWCEKeJHmsUbMqZrHyz9mxFDmTBmXSJD0vLPNQ8ZAxXOy7yg0AR79WJ-YJVm4vO3gyRHbOrLbeN_SySImZoxaAx-AIFAMG6b25B3IOyVmZ_Pphe34uH1y_DC_Itn-4TTiF2ijmLufzDZD7AG02zK3nmiASb03T9-QJlm5epZf6LhBLrsPJlv5K8Yk81yTqSGIPbIzcq19MNi1BJ6XcJXXNqUM3iIPOtTkur9avmipOKcd3yv3FjTLSVH2b6CJxWRL3k8neRT0_rhdlA0VziX4GZatBAGrap64S8KzZ4d6Ryt2nTTe4KzTDMJL2Eaa7LDP2VRIS1_-sXSdto9HRHx9mRqs_rE7VAeT4WMMdJXAi-p3XfV_bS1cDRCIQcHJ3xCw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edevlet.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:30:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AB21 42 B
479 B 74ms
59ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBWkzjMTRrEYmIDnV79mtnudrDYqSjOvDrX0xob0HDqs3cdk4aDflV_x1zj3WqrZaQXX_yq5qJVQ6gQluCNTgBfXxMcUnUGlTw-9MibMQT0u9ClTCtU1rEOiAOug&sai=AMfl-YQ8osR0sOqqwBsMHD9MTkRHaVMHXuUvDH6zR5Np9p0pXNVWW_4CQpo0MZK9l97UJTorSWLslKbnrJkcj3VpGAVHRwbIl6tWaPU&sig=Cg0ArKJSzAGwOhnOFPRREAE&cid=CAASF-Rofy0jYfNFzwggv2E2wGoe_Jw5Roes&id=osdim&mcvt=1000&p=241,1105,521,1441&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1807977121&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616423453079&dlt=509&rpt=192&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:30:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-bj5rteafvjqam-cu6qp2ryshrwo23b-765933-i1-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame DAF6 35 B
410 B 101ms
31ms Image
image/gif 172.217.18.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-bj5rteafvjqam-cu6qp2ryshrwo23b-765933-i1-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.114 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f18.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:31:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-bj5rteafvjqam-cu6qp2ryshrwo23b-765933-i2-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame DAF6 35 B
410 B 60ms
14ms Image
image/gif 2a00:1450:4001:813::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-bj5rteafvjqam-cu6qp2ryshrwo23b-765933-i2-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 14:31:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 17:00:27	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.edevlet.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
edevlet.uk
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
odr.mookie1.com
p4-bj5rteafvjqam-cu6qp2ryshrwo23b-765933-i1-v6exp3.v4.metric.gstatic.com
p4-bj5rteafvjqam-cu6qp2ryshrwo23b-765933-i2-v6exp3.ds.metric.gstatic.com
p4-bj5rteafvjqam-cu6qp2ryshrwo23b-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.edevlet.uk
www.google.com
www.googletagservices.com
142.250.185.162
142.250.186.99
172.217.18.114
184.30.20.241
185.64.189.115
216.58.212.130
2606:4700:3037::ac43:a7d0
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2012
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2004
2a05:d01c:1d8:8102:73b:46ad:270f:ab37
34.98.67.61
35.186.253.211
69.173.144.165
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
089db6bceff2f13be9fd9e9d74394e4f8bead1a8ae71f18cd093b78ac17c6c95
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
126816c581c7c43733758adeb08f1b2ef7a6949bf13575fce2afc2318a47c236
1508d7b4142d7bd3d6260c06e383df1169e156b31b72f435281ff193b0380a10
15a6c295c8a20b6b87b26292cfd2a024bef73376676a972f8d9574f2c8a5a7b0
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1a648d02bd99b838b817b6cf25bb995a6cbdbb27723b98f3cd06587dec93cfe8
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
24c487cf9cc2d368cc4de7f4e395b86b512e7f6356d10f2be78edb3ef081756f
2efc1c9c4c6e9d4e6a03b0856b4be272e1fafdb5089831a3b1bbaccee57401fa
329059d559fdef07b7854e9550433cf721a2301c3279b96d5c04f32477fbb63b
44e1ea8a5acc63b9bc98ffe13847142745a01e87bc69dac262a06511ac98d086
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b3366d8afc4664823cdaadcb7bc44862fabbccca3b25b0fc204103d083c1fc7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
64a09d35829fc5f94e946ea2ddb2a1bb956ec602024eba5f0f1ec710505ad4a2
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7eab423f0008a1b0fb56d3a0112959570b9dee431055f89b4e24c5a734d88a06
82e7aacc1fc9545528878c51bb00b1c38394fefda6d078f360ddcb77666a9346
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8341e99fa3572fbf5e0d6e17e304900a6b2dd322d8601ffb08f5396864325e0f
839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
85d36a9567bc31883b9f0ed4b6082d5f99dae429fff801985282177e1395d249
89426a99ff04cc5378d78993c6693c6ca8bd2132cee63587b69e275903b63150
91961ff41bf0d6ee4559d8b3fde29639537b1b47a2b5924b15d43a86ad2f52b3
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
98940b2b1978045fe8b62e799f9d0d15dd73a763da585e2f89273d027d8f0d1f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b8fd9d9b5fcf95c1f3f3d9a822d941dd3a8b1e82bd2bdaf6bd434a7fdcdf51bb
bc9868adb53562dcc0a4c5dbbe1865ad85984c0290a29d56c1b6f9a248754bb5
bfd25f8c20d413d6f86854b214257863b9f82fc7de24cef5ec0517814aa961a1
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cb8af7d3317cc1f73852f8b6cb595685d0385ccc5c81282d24e06b843c3d31a7
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9d139c90313c39d30b0b281836b0d1b0617cbb6da07bc0a63c74ea5244e61ae
fe4b913af8614b0ecbcdb7fb18ba9fbc4af6e24b527acf25b9a689b038f219e2

www.edevlet.uk Open in urlscan Pro 2606:4700:3037::ac43:a7d0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

61 %IPv6

16 Domains

23 Subdomains

20 IPs

3 Countries

4986 kBTransfer

5662 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.edevlet.uk Open in urlscan Pro
2606:4700:3037::ac43:a7d0 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

61 %
IPv6

16
Domains

23
Subdomains

20
IPs

3
Countries

4986 kB
Transfer

5662 kB
Size

1
Cookies

63 HTTP transactions
1 data transactions