www.dirilispostasi.com Open in urlscan Pro
104.21.81.155 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dirilispostasi.com/
Effective URL:
https://www.dirilispostasi.com/
Submission Tags: tranco_l324
Submission: On November 02 via api (November 2nd 2021, 9:34:01 am UTC) from DE — Scanned from DE

Summary HTTP 209 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 60 IPs in 11 countries across 65 domains to perform 209 HTTP transactions. The main IP is 104.21.81.155, located in and belongs to CLOUDFLARENET, US. The main domain is www.dirilispostasi.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 24th 2021. Valid for: a year.

This is the only time www.dirilispostasi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 40	104.21.81.155 104.21.81.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	104.26.2.13 104.26.2.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
1	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
3	104.21.54.3 104.21.54.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.168.180 172.67.168.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
14	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	143.204.98.34 143.204.98.34	16509 (AMAZON-02) (AMAZON-02)
1 3	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
4	135.125.163.79 135.125.163.79	16276 (OVH) (OVH)
2	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
4	213.19.162.61 213.19.162.61	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.196.230.57 18.196.230.57	16509 (AMAZON-02) (AMAZON-02)
2	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
2	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
1	143.204.98.84 143.204.98.84	16509 (AMAZON-02) (AMAZON-02)
1	54.68.24.0 54.68.24.0	16509 (AMAZON-02) (AMAZON-02)
1	31.13.92.36 31.13.92.36	32934 (FACEBOOK) (FACEBOOK)
1	74.125.206.155 74.125.206.155	15169 (GOOGLE) (GOOGLE)
2	157.90.162.130 157.90.162.130	24940 (HETZNER-AS) (HETZNER-AS)
2	172.217.18.100 172.217.18.100	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
2	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
2	152.228.222.122 152.228.222.122	16276 (OVH) (OVH)
2	178.250.2.130 178.250.2.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.17.120.107 104.17.120.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.63.58.93 178.63.58.93	24940 (HETZNER-AS) (HETZNER-AS)
6	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
3 3	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
6	8.39.36.141 8.39.36.141	() ()
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.18.234.75 52.18.234.75	16509 (AMAZON-02) (AMAZON-02)
5 7	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
4 5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 3	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	185.239.174.234 185.239.174.234	55081 (24SHELLS) (24SHELLS)
1	67.202.105.32 67.202.105.32	() ()
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 6	62.149.0.72 62.149.0.72	() ()
3 3	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 4	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
7	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 4	52.16.151.94 52.16.151.94	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.140 198.148.27.140	() ()
1	185.86.137.110 185.86.137.110	() ()
1 1	162.55.6.212 162.55.6.212	24940 (HETZNER-AS) (HETZNER-AS)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1	104.26.11.209 104.26.11.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	87.98.252.5 87.98.252.5	16276 (OVH) (OVH)
1	72.251.241.196 72.251.241.196	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1	169.197.150.8 169.197.150.8	() ()
1 2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
2 2	52.30.14.23 52.30.14.23	() ()
1	104.111.215.191 104.111.215.191	() ()
1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1 1	91.228.74.133 91.228.74.133	16509 (AMAZON-02) (AMAZON-02)
1 1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3 3	18.195.106.43 18.195.106.43	16509 (AMAZON-02) (AMAZON-02)
1 1	47.252.78.131 47.252.78.131	() ()
1 1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	89.207.16.137 89.207.16.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	66.155.71.149 66.155.71.149	() ()
1 1	159.65.196.12 159.65.196.12	() ()
1 1	34.98.107.212 34.98.107.212	() ()
1 1	37.252.172.249 37.252.172.249	() ()
1	54.228.52.99 54.228.52.99	() ()
2	172.67.8.174 172.67.8.174	() ()
1	46.249.52.248 46.249.52.248	() ()
1	198.47.127.20 198.47.127.20	() ()
209	60

40 104.21.81.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dirilispostasi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dirilispostasi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.dirilispostasi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 104.26.2.13 (United States)

ASN13335 (CLOUDFLARENET, US)

file.daktilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.daktilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.54.3 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn2.bildirt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.168.180 (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-34.fra50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.236 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.162.61 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-84.fra50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.68.24.0 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-24-0.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.162.130 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: statistics.daktilo.com

statistics.daktilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

f8316f82c44bf0ade3e28aab794d6b80.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.228.222.122 (France)

ASN16276 (OVH, FR)
PTR: ns3189334.ip-152-228-222.eu

s333.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.63.58.93 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: tambora

user-sync.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 8.39.36.141 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.234.75 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-234-75.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.248 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.239.174.234 (United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (None, )

ASN- ()

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 62.149.0.72 (None, ) 1 redirects

ASN- ()

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.38 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.30 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.16.151.94 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-151-94.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (None, ) 1 redirects

ASN- ()

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.110 (None, )

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.212 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.209 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.98.252.5 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip5.ip-87-98-252.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia) 1 redirects

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (None, )

ASN- ()

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.210.112.236 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.14.23 (None, ) 2 redirects

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (None, )

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.133 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.106.43 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (None, ) 1 redirects

ASN- ()

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.207.16.137 (Roydon, United Kingdom)

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-usadmm.dotomi.com

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (None, ) 2 redirects

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (None, ) 1 redirects

ASN- ()

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (None, ) 1 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.249 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.52.99 (None, )

ASN- ()

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.8.174 (None, )

ASN- ()

cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.249.52.248 (None, )

ASN- ()

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	dirilispostasi.com 2 redirects dirilispostasi.com www.dirilispostasi.com static.dirilispostasi.com	1 MB
38	daktilo.com file.daktilo.com static.daktilo.com statistics.daktilo.com	684 KB
27	pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	36 KB
20	rubiconproject.com 4 redirects fastlane.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com secure-assets.rubiconproject.com	38 KB
14	gstatic.com fonts.gstatic.com	212 KB
12	doubleclick.net 5 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	147 KB
8	adtelligent.com 1 redirects s.adtelligent.com sync.adtelligent.com	4 KB
8	adxpremium.services rtb.adxpremium.services s333.adxpremium.services user-sync.adxpremium.services	14 KB
7	googlesyndication.com pagead2.googlesyndication.com f8316f82c44bf0ade3e28aab794d6b80.safeframe.googlesyndication.com tpc.googlesyndication.com	38 KB
7	adform.net 4 redirects adx.adform.net c1.adform.net cm.adform.net	3 KB
5	adsrvr.org 4 redirects match.adsrvr.org	2 KB
4	bidr.io 4 redirects match.prod.bidr.io	2 KB
4	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	4 KB
4	criteo.com 1 redirects bidder.criteo.com gum.criteo.com dis.criteo.com	6 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	onaudience.com 3 redirects pixel.onaudience.com	1 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	3 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net	800 B
3	google.com www.google.com adservice.google.com	2 KB
3	bildirt.com cdn2.bildirt.com	28 KB
2	connectad.io cdn.connectad.io sync-eu.connectad.io	935 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	947 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	559 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	openx.net 2 redirects rtb.openx.net	625 B
2	criteo.net static.criteo.net	54 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	facebook.net connect.facebook.net	79 KB
2	lijit.com ap.lijit.com ce.lijit.com	1019 B
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	e-planning.net ads.us.e-planning.net	92 B
1	gumgum.com rtb.gumgum.com	238 B
1	playground.xyz 1 redirects ads.playground.xyz	488 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	turn.com 1 redirects ad.turn.com	518 B
1	clientgear.com 1 redirects event.clientgear.com	263 B
1	quantserve.com 1 redirects pixel.quantserve.com	542 B
1	simpli.fi um.simpli.fi	612 B
1	bluekai.com tags.bluekai.com	304 B
1	deepintent.com match.deepintent.com	44 B
1	iprom.net 1 redirects core.iprom.net	521 B
1	adgrx.com cm.adgrx.com	408 B
1	erne.co 1 redirects green.erne.co	326 B
1	ad4m.at ad4m.at	915 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	535 B
1	loopme.me 1 redirects csync.loopme.me	217 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	contextweb.com 1 redirects bh.contextweb.com	497 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	tynt.com ic.tynt.com
1	rlcdn.com id.rlcdn.com
1	admixer.net 1 redirects inv-nets.admixer.net	499 B
1	brealtime.com biddr.brealtime.com	1 KB
1	facebook.com www.facebook.com	313 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	emxdgt.com hb.emxdgt.com	164 B
1	creativecdn.com prebid-eu.creativecdn.com	184 B
1	adxbid.info adxbid.info	87 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
209	65

	Domain	Requested by
36	www.dirilispostasi.com	www.dirilispostasi.com file.daktilo.com
27	file.daktilo.com	www.dirilispostasi.com file.daktilo.com
14	fonts.gstatic.com	fonts.googleapis.com
13	simage2.pubmatic.com	ads.pubmatic.com
9	static.daktilo.com	www.dirilispostasi.com
7	image2.pubmatic.com	ads.pubmatic.com
7	cm.g.doubleclick.net	5 redirects
6	sync.adtelligent.com	1 redirects s.adtelligent.com ads.pubmatic.com
6	pixel.rubiconproject.com	eus.rubiconproject.com
6	eus.rubiconproject.com	adxbid.info eus.rubiconproject.com s.adtelligent.com user-sync.adxpremium.services
5	match.adsrvr.org	4 redirects
4	match.prod.bidr.io	4 redirects
4	c1.adform.net	3 redirects ads.pubmatic.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	fastlane.rubiconproject.com	adxbid.info
4	rtb.adxpremium.services	adxbid.info s.adtelligent.com
4	securepubads.g.doubleclick.net	www.dirilispostasi.com securepubads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	pixel.onaudience.com	3 redirects
3	ads.pubmatic.com	s.adtelligent.com ads.pubmatic.com user-sync.adxpremium.services
3	ib.adnxs.com	3 redirects
3	sync.mathtag.com	3 redirects
3	token.rubiconproject.com	3 redirects
3	sync-tm.everesttech.net	3 redirects
3	cdn2.bildirt.com	www.dirilispostasi.com cdn2.bildirt.com
2	pixel-sync.sitescout.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.1rx.io	2 redirects
2	d5p.de17a.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	rtb.openx.net	2 redirects
2	s.adtelligent.com	user-sync.adxpremium.services s.adtelligent.com
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	user-sync.adxpremium.services	adxbid.info user-sync.adxpremium.services
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	static.criteo.net	adxbid.info static.criteo.net
2	s333.adxpremium.services	adxbid.info
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.google.com	tpc.googlesyndication.com
2	statistics.daktilo.com	file.daktilo.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.dirilispostasi.com connect.facebook.net
2	adx.adform.net	adxbid.info
2	fonts.googleapis.com	file.daktilo.com
2	static.dirilispostasi.com	www.dirilispostasi.com
2	dirilispostasi.com	2 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	cm.adform.net	1 redirects
1	ads.us.e-planning.net	user-sync.adxpremium.services
1	ce.lijit.com
1	sync-eu.connectad.io	cdn.connectad.io
1	cdn.connectad.io	user-sync.adxpremium.services
1	rtb.gumgum.com	ads.pubmatic.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	event.clientgear.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	tags.bluekai.com	ads.pubmatic.com
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	core.iprom.net	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	green.erne.co	1 redirects
1	ad4m.at	ads.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	csync.loopme.me	1 redirects
1	rtb-csync.smartadserver.com	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	secure-assets.rubiconproject.com	1 redirects
1	ic.tynt.com	s.adtelligent.com
1	id.rlcdn.com
1	inv-nets.admixer.net	1 redirects
1	biddr.brealtime.com	adxbid.info
1	f8316f82c44bf0ade3e28aab794d6b80.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.facebook.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1	certify.alexametrics.com
1	hb.emxdgt.com	adxbid.info
1	ap.lijit.com	adxbid.info
1	prebid-eu.creativecdn.com	adxbid.info
1	bidder.criteo.com	adxbid.info
1	certify-js.alexametrics.com	www.dirilispostasi.com
1	adxbid.info	www.dirilispostasi.com
1	www.googletagmanager.com	www.dirilispostasi.com
209	96

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
instagram.com
youtube.com
tr.linkedin.com
www.kizilay.org.tr
daktilo.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-24` - `2022-02-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2021-08-05` - `2022-09-05`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-11` - `2021-11-09`	3 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
statistics.daktilo.com R3	`2021-09-24` - `2021-12-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-01` - `2021-12-30`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
ads.us.e-planning.net R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh

This page contains 33 frames:

Primary Page: https://www.dirilispostasi.com/
Frame ID: 81ADE2E493DF51C75476980E4C26704E
Requests: 128 HTTP requests in this frame

Frame: https://f8316f82c44bf0ade3e28aab794d6b80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0B63C4D5DBA1B34ABFBD31871D88C0C7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 86DFCB357BD954DCFC322CD456298776
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AB2451B97ECCD25C52F456220AB27A5E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dirilispostasi.com
Frame ID: C36912AF5AB6236CC46393A593255CEE
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 613EDF32798C1C0CE162D8394F4884D4
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Frame ID: 3AEB0E2B75F966BCB4CAE643EAD5ADF1
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D4208F2611883EF096B117DA84CDA21C
Requests: 10 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=601760
Frame ID: EB004E21504B024C347AC846D5FB85B9
Requests: 4 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 3CE4179FB31CC3B4B29A493AD12E0EEF
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 4F47F193D25D80B0181D9AFFFB0DFC41
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 9EF4605591F9AF84C2E16C0442CA8AEE
Requests: 23 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 9CCE44F8BD66C449D512F26180BD7DA5
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6CF22D03-EB5C-4A6E-828A-919FC5C88B75
Frame ID: 644586E4FF642525F6B1B02D5217B85B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6907008484512410888
Frame ID: 6B452814153892E985CE45621C7E7A74
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 3B44D68DDA1577898C7A15650FD39CB8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7025903482167097497
Frame ID: F908DFC6693B906B16290570CBDCA3D0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYEF-gABepTuXwBR&gdpr=0&gdpr_consent=
Frame ID: 47FFC7E2E2F3F11A217414DFD540F314
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB6NE7DAgwAADNXDtoCIw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: D60CC4314195B303E10A8737CDB62C73
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 5212B696DCFE19D83E294D683741A37F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1747fa27-a3cb-48d9-b00d-4f9f14d35e8b-003
Frame ID: 9B57E533719A0ADCB8440DA7FF9CDE55
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 146B4028752665FF821E39E034B362C7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=UMFdhe7GkMfhaKGWmp4cXv8d
Frame ID: B362303DA833A8F143DFE83C1C464CE8
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: E83632E39D55C5756C309C42AF3A1A33
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:282120941244716
Frame ID: 40545E0C6D233F219F1CDEB1576208F5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: CFEF9B8E1453A77A72095B0843D0D2DE
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1bf0d0e7-1a8b-4b58-8bc4-40586cc34719-tuct87a8b7e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 668C9FAA3B9074CE6B421A1E592439BD
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=6CF22D03-EB5C-4A6E-828A-919FC5C88B75
Frame ID: E667908CC6B67CA1B3107308CCFF8937
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 57BF089831032E5B2FC793C3AB450692
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 2D3EB3922996C54762408B3AFF90DB95
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 04608D3CB708A54C876FA66508725763
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/06acb78a4245d8ec?ruidm=1&du=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Frame ID: 1DA99619DA70FD187778DE8641A3D1EF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Frame ID: D1B96857739A908020F70B2132B1E90D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Haber - Son Dakika Haberleri - Haberler - Diriliş Postası

Page URL History Show full URLs

http://dirilispostasi.com/ HTTP 301
https://dirilispostasi.com/ HTTP 301
https://www.dirilispostasi.com/ Page URL

Page Statistics

209
Requests

87 %
HTTPS

0 %
IPv6

65
Domains

96
Subdomains

60
IPs

11
Countries

3009 kB
Transfer

4628 kB
Size

70
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/dirilispostasi

Search URL Search Domain Scan URL

URL: https://twitter.com/dirilispostasi

Search URL Search Domain Scan URL

URL: https://instagram.com/dirilispostasicom/

Search URL Search Domain Scan URL

URL: https://youtube.com/c/Dirili%C5%9FPostas%C4%B1Gazetesi

Search URL Search Domain Scan URL

URL: https://tr.linkedin.com/company/dirili%C5%9F-postas%C4%B1

Search URL Search Domain Scan URL

URL: https://www.kizilay.org.tr/Bagis/BagisYap/20/acil-afet-cadiri-bagisi?utm_source=dirilispostasi&utm_medium=bannerl&utm_campaign=cadir

Search URL Search Domain Scan URL

URL: https://daktilo.com/
Title: daktilo haber yazılımı - v1.9

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dirilispostasi

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dirilispostasicom/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dirilispostasi.com/ HTTP 301
https://dirilispostasi.com/ HTTP 301
https://www.dirilispostasi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 139

https://inv-nets.admixer.net/adxcm.aspx?ssp=5FEC4B7E-00BE-4619-A907-C423ED15D8EA&rurl=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadmixer%26uid%3D%24%24visitor_cookie%24%24 HTTP 302
https://rtb.adxpremium.services/setuid?bidder=admixer&uid=97682341382146508fe90527d01c2a92

Request Chain 142

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YYEF-gABepTuXwBR HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYEF-gABepTuXwBR&_test=YYEF-gABepTuXwBR

Request Chain 143

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/lYD6J6WFjauxG8AG7yac_8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1470818885593306330

Request Chain 144

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZIVzhaUlItMTktRFNESw==

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGIcJKcmkYilFji1QeIacUA&google_cver=1

Request Chain 147

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9f5d6181-05fe-4b00-a8c7-d45f03f3d083

Request Chain 149

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTQ0ZDIyZjBmNWYzNDdjYWM1YzJiZjNjY2U2Y2NkYmE2ODVlZWJjMA

Request Chain 153

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=9be2bca6-c03a-4fa2-abaa-887f6efebd9d

Request Chain 154

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4355608036038888155

Request Chain 155

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D HTTP 302
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=09ce6ed942648654

Request Chain 157

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
https://eus.rubiconproject.com/usync.html?p=17184-d

Request Chain 158

https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YYEF-vBe4ibicEmsz5sxIAAA%261154

Request Chain 163

https://c1.adform.net/serving/cookie/match?party=14&cid=6CF22D03-EB5C-4A6E-828A-919FC5C88B75 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6CF22D03-EB5C-4A6E-828A-919FC5C88B75

Request Chain 164

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6907008484512410888

Request Chain 165

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 166

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7025903482167097497

Request Chain 167

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYEF-gABepTuXwBR&gdpr=0&gdpr_consent=

Request Chain 168

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCNk5FN0RBZ3dBQUROWER0b0NJdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB6NE7DAgwAADNXDtoCIw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAB6NE7DAgwAADNXDtoCIw&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB6NE7DAgwAADNXDtoCIw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 169

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 170

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8597210411 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8597210411 HTTP 302
https://sync.1rx.io/usersync/tradedesk/c5d92ccb-809b-450c-9f97-3ae42741fa79 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1747fa27-a3cb-48d9-b00d-4f9f14d35e8b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-1747fa27-a3cb-48d9-b00d-4f9f14d35e8b-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1747fa27-a3cb-48d9-b00d-4f9f14d35e8b-003

Request Chain 172

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=UMFdhe7GkMfhaKGWmp4cXv8d

Request Chain 174

https://core.iprom.net/cookiesync HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:282120941244716

Request Chain 176

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1bf0d0e7-1a8b-4b58-8bc4-40586cc34719-tuct87a8b7e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bPItA-tcSm6CipGfxciLdQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 179

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9f5d6181-05fe-4b00-a8c7-d45f03f3d083

Request Chain 180

https://pixel.onaudience.com/?partner=214&mapped=6CF22D03-EB5C-4A6E-828A-919FC5C88B75 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b2984f1e605a3ed4d5f0e43fb51c7e73 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=678743cbd28b04a1

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkNGMjJEMDMtRUI1Qy00QTZFLTgyOEEtOTE5RkM1Qzg4Qjc1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA-225urQ8y4RlLTqP57gDc&google_cver=1

Request Chain 184

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9f5d6181-05fe-4b00-a8c7-d45f03f3d083&gdpr=0&gdpr_consent=

Request Chain 185

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cb0152cf-2098-4929-aeb8-197baf46b2cd

Request Chain 186

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8506709660684975894

Request Chain 187

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4355608036038888155&gdpr=0&gdpr_consent=

Request Chain 188

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EBD15BYUq7ALQ6_mFUTg5BNFqOILGPvsRxnctkLI

Request Chain 189

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6CF22D03-EB5C-4A6E-828A-919FC5C88B75&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Mi0SDjpE2uUPhcfceKSerkw4g.GH5Ww-~A&gdpr=0&gdpr_consent=

Request Chain 191

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=489ee382-0604-447b-93b2-7932e9258f7b HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk2c696f4f-a858-4b1f-a4e3-e2f7b3083a4f&expires=7&user_group=5&ssp=pubmatic&bsw_param=489ee382-0604-447b-93b2-7932e9258f7b HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=489ee382-0604-447b-93b2-7932e9258f7b&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 192

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2669381476336386478&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 194

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=45c10386-9b23-40d8-83a8-a29eb9707e10-618105ff-5553&gdpr=0&gdpr_consent=

Request Chain 195

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:437600c9-9b52-4f5b-be6c-7e0afc17b990&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 196

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4355608036038888155

Request Chain 206

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=1&gdpr_consent=&uid=3966584620220902299

209 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.dirilispostasi.com/
Redirect Chain

http://dirilispostasi.com/
https://dirilispostasi.com/
https://www.dirilispostasi.com/

205 KB
35 KB

106ms
96ms

Document
text/html

104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2efdf04197bc7313ba31945803d26df637a9ad77f2d0404d02002cc2ac399316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 02 Nov 2021 09:33:45 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=60, public
varnish_ttl: 1m
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 60.000
vary: Accept-Encoding
x-cache: HIT
access-control-allow-origin: *
x-cache-hits: 7
x-xss-protection: 1
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 09:33:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcLSs5kIlD7QCvCk3Ac8zNXWTOpEQUo7MvMxIaqnZSwG3WcsR4lo3gvxpDGnJxLyM8ViBM7cy3lx5BVsg%2BqlR%2FMajO48yag%2FFcqO7J3v0yv1Xn6rr%2B3xDhqC9yjPcy0IeqLm3lFWZ8OA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a7c5cf9ecbb412b-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Tue, 02 Nov 2021 09:33:45 GMT
content-type: text/html; charset=UTF-8
location: https://www.dirilispostasi.com/
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
age: 51
x-cache: HIT
access-control-allow-origin: *
x-cache-hits: 12
x-xss-protection: 1
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAqh9q%2FSP1az9vk1L85k0Vx4YuRLlGcNXzvt99toda0uFS0qM2oqaOYA1IpyylJmAPAGZK6fQTjep4059Gkz7Ncf0BPQ6E6he3Wy5gtyR6%2F6igMWRyEUfyG6mHVWVMzU%2FEguoAk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a7c5cf95bcc412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 grid.min.css
file.daktilo.com/themes/enerjik/assets/builds/grid/ 43 KB
4 KB 69ms
31ms Stylesheet
text/css 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/enerjik/assets/builds/grid/grid.min.css?m=1632226142

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5548e7bf67ad28b3313166b6b3ba8952f8affaba0d965588714e52a703c502d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2471
x-cache: HIT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ab9c-5cc804369a23a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZ1Ane33UlY3%2Fn7MfZoUU6JLfkB8N6z354uTtMl7%2BanwR6AJPP5KK4bcbWCf2K07jz7AwzvxtizC1DyffUxV%2Fu3ag6K3qKGehFGy4IQpMthakY3tToAFaXBfP1d28yTq0fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfaee86412b-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 39

GET
H2 200 font.min.css
file.daktilo.com/themes/enerjik/assets/font/ 923 B
608 B 72ms
33ms Stylesheet
text/css 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1632226142

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97da891736b0d9d1b5666f39c9db226662e8ee06267c7965a14dca09d4c9b1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2471
x-cache: HIT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"39b-5cc80436a0f9b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ee2Z0Y1X4T8S%2FW7JYeeD3mEJ2YYWJYYb6cEJrR1c1rBIajzusaF%2BOJoSRITu3aO8sCEnbwardgFGLU8mTVb5EviNmZbvUtstSxomJOyp2ejoa3H2Uk43i4jAZfJUHs7XlaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfaee93412b-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 40

GET
H2 200 nanoscroller.min.css
file.daktilo.com/themes/enerjik/assets/libs/nanoscroller/ 677 B
724 B 79ms
41ms Stylesheet
text/css 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/enerjik/assets/libs/nanoscroller/nanoscroller.min.css?m=1632226142

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f866a109e8db92ae71e373067c499aa1be704dfc8f33344d1ecf9b8f0e966be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 740
x-cache: HIT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2a5-5cc80436a2edb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CyWVkpH4ZyN%2Bhj%2BYgvgwDlai6jKpHmumxUy%2FJFf2JiaajjZzfIbMIwhWFrmoFJaKaEkUI8HTGsikPGf7H8xQWA84EbqVfuKkYQiUNFPj1%2Fxq3lNfHt2qLtWDF4ND%2FxMA2vU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfaee8c412b-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 8

GET
H2 200 main-home.min.css
file.daktilo.com/themes/enerjik/assets/main/ 178 KB
34 KB 74ms
36ms Stylesheet
text/css 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/enerjik/assets/main/main-home.min.css?m=1632226142

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5dee60a7fe01659342fe73a809397d4ca37a516ff64f8ac718f1f3a666f673b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 740
x-cache: HIT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2c935-5cc80436a3e7b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49TbS1v2v%2BQMKC%2F6SHOLaQEW%2FkyLiwzk1ixt248h1BQCGU3THVzULqPYLtJJV2B8h08LXZ28%2BHnAdX4JVfJ3kS9nMxp8MUehb9LtWy9r51sLwsIkPZAh8deZwz8rO60OJvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfaee90412b-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 8

GET
H2 200 custom-enerjik.1630503954.css
file.daktilo.com/sites/805/assets/ 11 KB
3 KB 118ms
80ms Stylesheet
text/css 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/sites/805/assets/custom-enerjik.1630503954.css

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a000d7b52013285300c93c06b9c521bbca07876311bdba9c74865e7eac09411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
cf-polished: origSize=15093
x-cache: HIT
x-cache-hits: 288
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Wed, 01 Sep 2021 13:45:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3af5-5caef4903c65e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVGf5a52lvlyOvo16bAFIMi8kipeUn0shhGTHLFAEvMQtJkB%2BYkCEyVuZ5f7HBA7%2BzQZoAh5ofIXDiEte8tRBNo72bo3EJLls0VGjJ54lU3KTOm3kkZNnDCu5owuZeVO0Yg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfaee8e412b-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
cf-bgj: minify

GET
H2 200 style_css
www.dirilispostasi.com/ 19 KB
5 KB 78ms
77ms Stylesheet
text/css 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dirilispostasi.com/style_css

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bf12425484fc8bb8c84eb400148ab1496c29e000099c32399b454fc19c4aaa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Mon, 01 Nov 2021 22:38:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FxFpBfUDKt6pbWNNfSYqdDBje3JDNXfZfB28L84sEmGiOXI4ku3aV9G9ll3pWpyDODHCEzApABKJg8rgNePZWB8JgzWI1ROAAFmOcnu7m6ZcjxYfo3sz8Lwk8ZmmAOBh768tIBGHpoi"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=60, public
x-ratelimit-limit: 300
cf-ray: 6a7c5cfaadbe412b-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 65

GET
H2 200 imsakiye.css
www.dirilispostasi.com/themes/default/assets/ 2 KB
1 KB 76ms
75ms Stylesheet
text/css 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dirilispostasi.com/themes/default/assets/imsakiye.css?r=2

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82d1541718d111ca3cedfa19d71ce915d67627411b25f8aada61b29d83efdc6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3502
x-cache: HIT
x-cache-hits: 6
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"dae-5cc804368b7d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkaxnEBXmcHNiBsZnnmjfcglqnSOXL%2BfGTGaLe9JUkxFUl9XZjvaFEx5iDe5FD0S92kLhBmxKgeIwwtKyALetYT1kyh7EbmT14bHcpW%2FJwLQNN44y%2BzvCxc%2FNDmBNLiiSqn5dRjIl4jx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 6a7c5cfaadc2412b-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
cf-bgj: minify

GET
H2 200 invisible.js Show response
www.dirilispostasi.com/cdn-cgi/challenge-platform/h/b/scripts/ 41 KB
15 KB 61ms
59ms Script
text/javascript 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dirilispostasi.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by: Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e38c80324ccc60f3e3c245d863b60c98b847fddf976a8d8a8af072d34385c0fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ON4rGuLlJGlZnHtbAT0St0Qtg6S%2Fj%2FBCsY7y%2BjLSyAYntNL8IuyDNi1ihcZrPAUEqUcnNY7dRMNZ70M2fVU%2BBfxJHCOdmo6T9NY1McxOWe2waS2yY5y9w1KaVoeuj%2F6wP5p8BQzy7HTi"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6a7c5cfabdd8412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 masaustu.png
static.daktilo.com/sites/805/uploads/2021/01/31/large/ 4 KB
4 KB 139ms
97ms Image
image/webp 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.daktilo.com/sites/805/uploads/2021/01/31/large/masaustu.png

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

881fa6557273870b40229cb66f41074c5f403bb3a429fa2a3dacce3138e194e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
cf-polished: origFmt=png, origSize=11730
x-cache: HIT
x-cache-hits: 291
content-disposition: inline; filename="masaustu.webp"
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3894
x-xss-protection: 1
last-modified: Sat, 30 Jan 2021 22:14:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2dd2-5ba2572077e41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTfZ0SBoJA0%2Bcaw9aL%2B4n%2Fa%2FKFM4f6VsbAZ3bEJG%2Bm0mvOEPM4N3eHIHZpquxvjRn%2FAKJLrwslAznj4%2Bt5GyYF%2F%2FT0DJ44dtOz6YQS3jchpRmCYZtlloYfBkwqdvWBI5Ar8h9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfaed8a27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
cf-bgj: imgq:100,h2pri

GET
H2 200 mobil.png
static.daktilo.com/sites/805/uploads/2021/01/31/large/ 4 KB
5 KB 118ms
76ms Image
image/webp 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.daktilo.com/sites/805/uploads/2021/01/31/large/mobil.png

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

881fa6557273870b40229cb66f41074c5f403bb3a429fa2a3dacce3138e194e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
cf-polished: origFmt=png, origSize=11730
x-cache: HIT
x-cache-hits: 294
content-disposition: inline; filename="mobil.webp"
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3894
x-xss-protection: 1
last-modified: Sat, 30 Jan 2021 22:14:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2dd2-5ba25720839c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9xicJeTaX%2Bpxc%2F0kansFoPn9HOzN1XaNag05qGjzvongLncV51DVGCUE8OkOUgKkhY43do2J4u21aRq6m9xMBF%2BexYV0i9u0zQkjoau36ZXlSkBwMwZNRe0mSF315EOhKc%2BMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfafd8b27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
cf-bgj: imgq:100,h2pri

GET
H2 200 ihracat.jpg
static.daktilo.com/sites/805/uploads/2021/11/02/large/ 78 KB
78 KB 144ms
102ms Image
image/jpeg 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.daktilo.com/sites/805/uploads/2021/11/02/large/ihracat.jpg

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cade94456a7074110d8ebae763596cfdb021d73c155ab6f62cfd970bf981b2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: MISS
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 79587
x-xss-protection: 1
last-modified: Tue, 02 Nov 2021 09:13:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "136e3-5cfcab35f830f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3e6b1qYNQbcL6A1F3guBtbGb%2FST1%2BVOWdflOeE3yOY2b1Deq7yM5%2B5rOFxS3YyKMbaJPzHXJ%2FJsuW5TdlztRED4JQWP5vOlQHwKWcTpw233lSF4GO0FEPB5ZpxW1GOXy%2FobGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfafd8e27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 0

GET
H2 200 mask-16-9.png
file.daktilo.com/themes/enerjik/assets/img/ 40 B
951 B 62ms
29ms Image
image/webp 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://file.daktilo.com/themes/enerjik/assets/img/mask-16-9.png

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3823ce03c0b78ef3ea0090a9a2188b75c624b02511d511e1d0431a94bb7503ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
age: 1255
cf-polished: origFmt=png, origSize=100
x-cache: HIT
x-cache-hits: 1102
content-disposition: inline; filename="mask-16-9.webp"
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 40
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
etag: "64-5cc80436a2edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qhr2XvYJb03tk0nl34IUe9PWFrWTGqWReDUWyX03uxQ2l5jvkmb5hRt4Qr3nF8fn0do9PwyJCLih6kaGQfi%2BJUqAPK7Z%2BZHYkimER6C1EtTHfjuRTk6EQ47wgYetwfLkP64%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
vary: Accept
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfaee99412b-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
cf-bgj: imgq:100,h2pri

GET
H3 200 bos.png
file.daktilo.com/themes/enerjik/assets/img/ 34 B
815 B 50ms
32ms Image
image/webp 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://file.daktilo.com/themes/enerjik/assets/img/bos.png

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
age: 1255
cf-polished: origFmt=png, origSize=95
x-cache: HIT
x-cache-hits: 1091
content-disposition: inline; filename="bos.webp"
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
etag: "5f-5cc80436a2edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvXOaew2%2FUOMhVhifDlFClr7tBdInHOpUS6iI5GIeYLulKSVKbZbLcWRFJYqxGhvBSyfPwZxHfUuDiSmOo5AQPOPf09XgM0bKri1cGP%2BXNakIDVymVwOI6nJ8RBhM%2BGdhuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
vary: Accept
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfb3e5a411a-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
cf-bgj: imgq:100,h2pri

GET
H2 200 tak-1635843619.jpg
static.daktilo.com/sites/805/uploads/2021/11/02/large/ 39 KB
40 KB 131ms
90ms Image
image/jpeg 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.daktilo.com/sites/805/uploads/2021/11/02/large/tak-1635843619.jpg

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad1857dab3b3a6df8f23e0cd12e432fff263a32018179508adcd35435cade9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: MISS
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 40086
x-xss-protection: 1
last-modified: Tue, 02 Nov 2021 09:00:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "9c96-5cfca85de571b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QGTfgL5fAH1tkXdkkIFUGytgpdBplWtLtzBUzhhYg4sbbsTJ5QmX%2FrIop7XOvPfkXoiZazdgyquoWeyyIUllRogogS788%2BibkWMWUCQTachlDskNAVk6w%2F5D%2Fc92PwYKaeS3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfafd9027b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 0

GET
H2 200 1280x720d.jpg
static.dirilispostasi.com/sites/805/uploads/2021/10/20/large/ 29 KB
29 KB 103ms
89ms Image
image/jpeg 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dirilispostasi.com/sites/805/uploads/2021/10/20/large/1280x720d.jpg

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2cf0b008fafdc10d9c2ea0d65e6d08ff736b7f62ad1eba4c26b4b784885975e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: MISS
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29339
x-xss-protection: 1
last-modified: Wed, 20 Oct 2021 10:54:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "729b-5cec69ac6b8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1I6cbCCH8DRzfGGnWSlXxlZQ5hpfQGIlwcbdZEODlEd%2FvCjLulR8Y3KAYGgdvrvu0Iq7H5Z1W1ZgQLjYviY0PHmbyxvabn6ywn9F99gxuZWW6k5czi8PGzkpbvKYxJf3a8IaWM9awEqRreZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cface14412b-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 0

GET
H2 200 anne.jpg
static.daktilo.com/sites/805/uploads/2021/11/02/large/ 29 KB
29 KB 125ms
83ms Image
image/jpeg 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.daktilo.com/sites/805/uploads/2021/11/02/large/anne.jpg

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdf67765c60015829cb24b0ff8c4d3bea9b7a975aeec000509c51da255220423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: MISS
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29479
x-xss-protection: 1
last-modified: Tue, 02 Nov 2021 05:17:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "7327-5cfc76849a851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVbtsEiErNcUAp4nDyBoFczbl7blTULWerCyalrdtB1MpiSiu0SEn4OsoEK%2BRNPrJB8CVXJ2JyVRZkf8GDLvg1L9xzlABgZBCilfNIsQ5vBZ05o5qgYwVc35l9QZPnjhZVg1lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfafd8c27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 0

GET
H2 200 stanbul-galata-universitesi-54-ogretim-uyesi-aliyor-bik-1635295476.jpeg
static.dirilispostasi.com/sites/805/uploads/2021/10/27/large/ 74 KB
74 KB 113ms
99ms Image
image/jpeg 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dirilispostasi.com/sites/805/uploads/2021/10/27/large/stanbul-galata-universitesi-54-ogretim-uyesi-aliyor-bik-1635295476.jpeg

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c17caac6b626fb46723be0d7b0fadaae4267cbb073476a5cea8513224ac983a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: MISS
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75332
x-xss-protection: 1
last-modified: Wed, 27 Oct 2021 00:44:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "12644-5cf4ae5f712a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oH3ai%2FI4DRF%2BQVayfIiSuQvXJxfZM8nNYutHnMY%2BBYrxXclV%2BvWvq4A8kNYE7CJ34vxPlDDoq4ZLl1%2FjIG%2FL1FCdKkzO%2B6kt3mAgswuj0VAxqc8adhN7Wkoz7LgYgvFrCHPVKBdf%2F1vXbxyf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cface18412b-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 0

GET
H2 200 dirilis-postasi-whatsapp-ihbar-hatti%20(1).jpg
static.daktilo.com/sites/805/uploads/2021/09/11/large/ 46 KB
47 KB 155ms
114ms Image
image/jpeg 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.daktilo.com/sites/805/uploads/2021/09/11/large/dirilis-postasi-whatsapp-ihbar-hatti%20(1).jpg

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa55c36f3e35d437f85beba6567525bfad38980b5458136d8482dbc0056ad8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: MISS
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47512
x-xss-protection: 1
last-modified: Sat, 11 Sep 2021 01:44:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b998-5cbae5fc53f26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X70t7rzPtvRR%2Bm2tDLqQhNRWQ%2F5ueGkU7IaxPmfB%2FSkFczEcdvK%2Fid49pUuFx4D8yrFzq%2FSyCQfI%2BcmziOrJsiCC2sK%2FiQwW%2FtSkgFnX4%2BhnCfci7c%2Fzb02%2FOsc%2BSEUlB7fN%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfafd8f27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 0

GET
H2 200 melo-1635844153.jpg
static.daktilo.com/sites/805/uploads/2021/11/02/large/ 54 KB
55 KB 106ms
103ms Image
image/jpeg 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.daktilo.com/sites/805/uploads/2021/11/02/large/melo-1635844153.jpg

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ac09cfe965e34c508b679e78aa959a9cb6428e433854f1b9ac8235cd5c13fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: MISS
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 55699
x-xss-protection: 1
last-modified: Tue, 02 Nov 2021 09:09:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d993-5cfcaa5b43693"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjdRybtJiBTwfoNE8m05PrrhJ01moEiDN%2B720NHjWaWhtWaO%2B%2B77Zx%2B8bXW8eBdBKENhNtuBnXF5mhZw2M%2Bsja57UK1bF7vagvhm8Ynpaz8EGCzLrnfdBoTZjuZp6z0us0YtnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfb1dca27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 0

GET
H2 200 aydin-1635842900.jpg
static.daktilo.com/sites/805/uploads/2021/11/02/large/ 51 KB
51 KB 96ms
93ms Image
image/jpeg 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.daktilo.com/sites/805/uploads/2021/11/02/large/aydin-1635842900.jpg

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42be02f17cb64f4dd2d61f31745259c3337eb0bd5e6a21e49e6dc1b01e680acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: MISS
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 51745
x-xss-protection: 1
last-modified: Tue, 02 Nov 2021 08:48:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ca21-5cfca5b0462e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BIFkE5Y2PI1RbsBcmrxMiG7EtT81y3ZZIpza0uY0iJ1yP6YW7D5SeGYnrp19ub3xJ2vP8jKUAWAh7JUT8wkS1aENTUOxuMY77zB0bYZoygxR7l4hbxS4WICz7RuySHX3esRcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfb1dce27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 0

GET
H3 200 ilan.1632226142.svg
file.daktilo.com/themes/enerjik/assets/img/ 6 KB
3 KB 47ms
29ms Image
image/svg+xml 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://file.daktilo.com/themes/enerjik/assets/img/ilan.1632226142.svg

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4a44608a4cf8dfd8c83b7513034a4a79b3c0f48d24fab02ee0c93fc6157289f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 739
x-cache: HIT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1732-5cc80436a2edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6N0CEdJIOpF5kg6t1xNpZOo59qSTVCp4QpLgE6yD%2F%2F0WqYTwzUgKwYOHxTa3CTbjhxObun9ce95x0wrlc7jn7AYyKWFFtidptVM3v5eg%2Bc8ItK07HRn%2FX5CQZImDr49K5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfb3e57411a-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 8

GET
H3 200 mask-yazar.1632226142.png
file.daktilo.com/themes/enerjik/assets/img/ 42 B
829 B 103ms
84ms Image
image/webp 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://file.daktilo.com/themes/enerjik/assets/img/mask-yazar.1632226142.png

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dec4fa6ed5dbbf55104ab4110219596c1ab4e24e93fc6d555274259755cf365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
cf-polished: origFmt=png, origSize=114
x-cache: HIT
x-cache-hits: 711
content-disposition: inline; filename="mask-yazar.webp"
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "72-5cc80436a2edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSymjvngtOy7ZaajuTlhzZkuTyEsO3mvSuMgYWg5idXq2dWW0SIPUD0bYBNGrvZTjp4X3GWHlvNjHA%2B%2BARqiD4Gl1iGubcWBkzRNAp1c1j3ktipTF66z6itQ4B7%2BqkGAnso%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfb3e5d411a-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
cf-bgj: imgq:100,h2pri

GET
H2 200 dunyada-tek-savas-atlari-muzesi-sivasta-aciliyor-1635844666.jpg
static.daktilo.com/sites/805/uploads/2021/11/02/large/ 60 KB
60 KB 139ms
136ms Image
image/jpeg 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.daktilo.com/sites/805/uploads/2021/11/02/large/dunyada-tek-savas-atlari-muzesi-sivasta-aciliyor-1635844666.jpg

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dd180f87ad8874dd022a7404080cf330a4e7528bb33e1c463e4445821ece64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: MISS
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 61356
x-xss-protection: 1
last-modified: Tue, 02 Nov 2021 09:17:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "efac-5cfcac43ef635"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2B%2BUiuK%2Fs0P3%2B9QA8XyKDnBBegVeb9HVht4tfYFDJGZ3A3AgS7Ab39%2FMDcI%2FJkmUJkJ39ubEnTa84SlYZwulg8EAtl5YpiQbYmtJr11hWUVNUPuAxxi70bYxGelUcM6Kkg1bqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfb1dd027b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 0

GET
H3 200 mask-dik.1632226142.png
file.daktilo.com/themes/enerjik/assets/img/ 44 B
829 B 102ms
84ms Image
image/webp 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://file.daktilo.com/themes/enerjik/assets/img/mask-dik.1632226142.png

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82ae827c1f62fef600a4a278f2ad6e853eff41c8bc30138183069dc22ebc3a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
cf-polished: origFmt=png, origSize=122
x-cache: HIT
x-cache-hits: 111
content-disposition: inline; filename="mask-dik.webp"
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "7a-5cc80436a2edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCM6vmrREpqhgdTuPvZi6kjclf5NwDljBeNHqeS7mo%2FVRvrcvWSklvo0xsNjCoJT9G28XxsCUAHUnqpVKfJ1xWCrdt0ErHXketkv3WT2i%2Flzgv6jsXopjE2qKPBIU912%2Ftk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfb3e5c411a-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
cf-bgj: imgq:100,h2pri

GET
H2 200 icon.min.css
file.daktilo.com/themes/default/assets/icon/ 65 KB
12 KB 54ms
34ms Stylesheet
text/css 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1632226142

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1690df79e4c5b68aa12c2659f6c8ae520a388c69aa8c1d062951c8f872a82717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2471
x-cache: HIT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1023f-5cc8043683ad8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSYAhULwnk9luNycGjFb4IxBD35RQWr2jmwYk%2FiE7qEnmqOVDyfiSbBp%2FfVKA4%2BZk11YZudKKm1LoVTo1Ek0TCxa0boibSpzAeGWQyv%2BxIC50afsjd0TQ51YQB5w4FoKaHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfaee96412b-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 17

GET
H3 200 icon-theme.min.css
file.daktilo.com/themes/enerjik/assets/icon/ 877 B
1 KB 48ms
29ms Stylesheet
text/css 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/enerjik/assets/icon/icon-theme.min.css?m=1632226142

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d931ebcabebf4e36b0e361f058a5e60305ba8cc2c0fb34e331d9b62e6eb91038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2471
x-cache: HIT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"36d-5cc80436a1f3b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edz2H4O6I5Fv0sDBbKPYswdvnPxnQXMAx4T8uJ4SualVhVpjgZgMywpNJDvOcfn1bkTP56xlPr4smLC83US73gjrqHqTgvZZY7IZtt%2FGvwJ8aMHmFD7uoYHDwOtmbTII6po%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfb3e5b411a-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 37

GET
H2 200 rocket-loader.min.js Show response
www.dirilispostasi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 19ms
19ms Script
application/javascript 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dirilispostasi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 12:26:29 GMT
server: cloudflare
etag: W/"616eb975-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkfq9bBftNClqWY1recfe8qH2D5J8WIuOC70B66XNf%2FlxfxUAkAKOCDAJDJd79dkIev1HXxpG6Vyfm8chAuANNTeICCM7NfMg7O45PmBaInB4jk5kJaiji6Q3Pm24m3LWMAg2A1omzgk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a7c5cfabdf7412b-PRG
vary: Accept-Encoding
expires: Thu, 04 Nov 2021 09:33:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 39ms
17ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1632226142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://file.daktilo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:49:09 GMT
server: ESF
date: Tue, 02 Nov 2021 09:33:46 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 02 Nov 2021 09:33:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
656 B 40ms
18ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,900&subset=latin-ext

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1632226142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

b2b246c4e0273f5b16b399dc86f475784750e5c5ec3f6420ec6ef8e5ce8abf11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://file.daktilo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 09:09:27 GMT
server: ESF
date: Tue, 02 Nov 2021 09:33:46 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 02 Nov 2021 09:33:46 GMT

GET
H3 200 all-of-defer.js Show response
file.daktilo.com/themes/default/assets/ 94 KB
35 KB 32ms
32ms Script
application/javascript 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a03d3a806546e1937db6524c19e1f7d7526d703e8b4c383578bd92bb4cb4af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2470
cf-polished: origSize=96472
x-cache: HIT
x-cache-hits: 38
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"178d8-5cc8043673136-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JqPkIExyOsLbz5EUQIJat3mn%2FO%2F%2BVG1yCEaYM4sUck23s8xXixGYwhQhDDPeyU2OHZ6XeMeGyqpj%2BVtX3eBRNkruA5g1XkuD7l9frgMS3wKm%2F3d1yUxo7xwEGiSxZ%2BBoZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfb6ec9411a-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
36 KB 61ms
27ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-68569869-1

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9c8a21034f51d8201272a01bb5d2d3c8a145c2af81c666b485fe01c7eda0f0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35872
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Nov 2021 09:33:46 GMT

GET
H2 200 BildirtSDKfiles.js Show response
cdn2.bildirt.com/ 74 KB
24 KB 46ms
18ms Script
application/javascript 104.21.54.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.bildirt.com/BildirtSDKfiles.js
Requested by: Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.54.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 11aee507ab8b3c466a74a9448c5ba338d01f6e975b1416877ea538cc8a4a024c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6556
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 18:28:08 GMT
server: cloudflare
etag: W/"604a6138-12729"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYFDGfAZ13aWuNFemWnDepUNFfBKsv6y9nJ4XCswuzbJiGr9u10lA1zPqugEV27H6IMAQ3uy5piECrlsut80MnL8EsgoCwROgHYY4VNGqiP%2FvkL4EaSpL%2FPg1008%2B8Itj4Jm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6a7c5cfb99a8d6f1-FRA

GET
H2 200 dirilispostasi.js Show response
adxbid.info/ 292 KB
87 KB 98ms
56ms Script
application/javascript 172.67.168.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/dirilispostasi.js
Requested by: Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.168.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc25c0d97b10b29eb787f94219f68edb0260b17f6ab04d352036d6d6986adbd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 14 Oct 2021 11:17:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bic2LunMS6kcPewi%2BMh5nCMfuQ4eTm5EPtRNX7pL9hcIBttN%2F5D2tS0xmZPWok9COiJRpzwVU7Qjsd6dJMv8AS%2BAZqOPHKq02cNqNbuMe5z7uoam%2BlZYb68iQhyiQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a7c5cfbafa7278c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 49ms
22ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

0cf3a5008961349ee05b79d0c049571b8d62dae4be1b30e8a2c126d3451b42a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1031 / 400 of 1000 / last-modified: 1635842433"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27160
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 02 Nov 2021 09:33:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 42ms
20ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 22:46:25 GMT
x-content-type-options: nosniff
age: 384441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 22:46:25 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ 19 KB
19 KB 35ms
24ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

32872225c70cc59428eea5fa412b86aa82e4f73ac5fa20fbe34ee1702ba270aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 04:54:03 GMT
x-content-type-options: nosniff
age: 362383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19792
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:22:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 04:54:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 19ms
8ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:01 GMT
x-content-type-options: nosniff
age: 14505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Nov 2022 05:32:01 GMT

GET
H3 200 ss-pika.woff2
file.daktilo.com/themes/default/assets/icon/pika/ 56 KB
56 KB 107ms
92ms Font
application/font-woff2 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/default/assets/icon/pika/ss-pika.woff2

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6112ba1ac1bc81a61072c7e5283c14eadf82df9d160a14b47815efb03cd97181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1632226142
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56904
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "de48-5cc8043684a78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Azuek3DvlCYadv5ff8VM9O%2Fu9xnJCq2KJkcbJ0IuboQWTYTq2PutrPX3FLexTaVoe1DE2%2Bb4e5VutkDx9sjGIt3GadlOhnH1PXUyuwR4YWLggzGn9ce7lm1vPW60bnVTric%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfbad89f9d6-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 413

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 33ms
22ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 403049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 17:36:17 GMT

GET
H3 200 ss-standard.woff2
file.daktilo.com/themes/default/assets/icon/standard/ 12 KB
13 KB 136ms
122ms Font
application/font-woff2 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/default/assets/icon/standard/ss-standard.woff2

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84f28a147c3083b02d80fc6414943eb9bb09078f80dfcc4cb186984bd48de6a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1632226142
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12332
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "302c-5cc8043685a18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7D1fNkQIr664B7Wy%2BT3Nfr8qNOCHGJwrZlZxEymkcgBfKDTC6ee01Ma9X4yTuS5M%2B69WzGKHTX41d6WZ77NXydB2kVNimE3ICzR6wF2YkFetqf%2FUlw%2Fc7zFJBAg06fgqKA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfbad8ff9d6-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 383

GET
H3 200 ss-social-circle.woff2
file.daktilo.com/themes/default/assets/icon/social/ 6 KB
7 KB 122ms
107ms Font
application/font-woff2 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/default/assets/icon/social/ss-social-circle.woff2

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8a04ffe61a6832af353accfb7017356ff61250608fe8a009a185618ab2341f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1632226142
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: HIT
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6268
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "187c-5cc8043684a78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NverRe0hWYBNyb2CVRWst6XBrXWWFIfswFugMNVWlkw6dySv89xyOOjizC0HzEeNEP1jQyO%2BaOHLKWgLzB1ntWEUDppGPhFwPStH2vuJ8pG9Hkgm27gnGmq1T4NYXPYk5Os%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfbad8cf9d6-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1529

GET
H2 200 u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v25/ 18 KB
18 KB 25ms
16ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

f00deb4d11fa67f46444168d9384c708dcc1d6ee3b1d756329f4b1656a4857d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 13:46:55 GMT
x-content-type-options: nosniff
age: 330411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18776
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 13:46:55 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v25/ 20 KB
20 KB 34ms
26ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 16:48:27 GMT
x-content-type-options: nosniff
age: 405919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 16:48:27 GMT

GET
H3 200 clan-black.woff2
file.daktilo.com/themes/enerjik/assets/font/clan-black/ 515 B
1 KB 96ms
82ms Font
text/html 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/enerjik/assets/font/clan-black/clan-black.woff2

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5770c07dcdf5d9cdbd185c432d005a141e25d1c40d244e980aa532f8e0268cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1632226142
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: HIT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 02 Nov 2021 09:33:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znO6GHn%2BGwpAI0%2Bz%2FXuvKj5UBoSPYdk%2FODjXuFNTJ2E4LFjz6EHLuLON3kg2%2F9DjVCCq6eHBddDDNhuim1X%2Bt9PzJDTT0kq6XnNbRtIm2qfCkDJK9ckBdw%2BbD%2FLMPjKhoA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfbad92f9d6-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 466

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 29ms
21ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 05:35:04 GMT
x-content-type-options: nosniff
age: 446322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 05:35:04 GMT

GET
H3 200 weather.woff2
file.daktilo.com/themes/default/assets/icon/weather/ 44 KB
44 KB 153ms
139ms Font
application/font-woff2 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/default/assets/icon/weather/weather.woff2

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1632226142
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: HIT
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44720
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "aeb0-5cc80436869b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIthnvFwuP%2B6rtIC4wRfNjnbFMxKXjQMubFDzMIEIt8m1aPgM272VD5W1G3hYNRPXOSoUzxJEWVEZyCCperuKslVmoqhBRmYrggf6xOYxm%2Bsad%2FzaTYGLLfYdLd5UeAYZSM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfbad93f9d6-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 774

GET
H3 200 ss-gizmo.woff2
file.daktilo.com/themes/default/assets/icon/gizmo/ 35 KB
36 KB 119ms
108ms Font
application/font-woff2 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/default/assets/icon/gizmo/ss-gizmo.woff2

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1e68817dd28f4deed45c0454c7959072d0217ceca38384e27db851024de7a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1632226142
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36068
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8ce4-5cc8043683ad8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoWt5JuzoBNMCxXtepD2OetvGeuHB9qvUkH3itr5bd%2BMfMbT%2BdEYPxPKG1kDt0MmicEdHZGyOGyKezpR2FlndcrmVRXpICnxCVylY6EV0K0Odi7aTDO5R%2FolF7h0fiGaWCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfbad90f9d6-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 407

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 11 KB
12 KB 13ms
7ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 01:52:58 GMT
x-content-type-options: nosniff
age: 373248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 01:52:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 21ms
15ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:58:25 GMT
x-content-type-options: nosniff
age: 347721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 08:58:25 GMT

GET
H3 200 ss-social-regular.woff2
file.daktilo.com/themes/default/assets/icon/social/ 7 KB
8 KB 149ms
138ms Font
application/font-woff2 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/default/assets/icon/social/ss-social-regular.woff2

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

870dbf40335b39544282ec53531ca7e2ab743d993532564a9bdc9a1525033658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1632226142
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7632
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1dd0-5cc8043685a18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auU2MacL%2BX%2BLQobEHmA66D1tfhnrpxfg4p%2FVon%2BWb%2FO4kb70oc8dprhXIJBbb0husJE1H%2FSruIk4hoMruP02WDaJuzVuOAWktVoFyfIWl6Zn5JmmStY30qhrXquFrCufG48%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfbad91f9d6-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 380

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZVsf6lvg.woff2
fonts.gstatic.com/s/merriweather/v25/ 18 KB
18 KB 27ms
26ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52_wFZVsf6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

a9c13ba4ee6c21affcb0f73c3626d624b415c6cdb7324fe66debe892d1ba56db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 13:40:20 GMT
x-content-type-options: nosniff
age: 503606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18388
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:22:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Oct 2022 13:40:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 24ms
24ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 01:47:56 GMT
x-content-type-options: nosniff
age: 373550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11836
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 01:47:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 29ms
12ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

f2ce8b09ebd9244a50af55a930614aef2ae1c39e96a5275a80af8523c5404ea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:49:53 GMT
x-content-type-options: nosniff
age: 492233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11784
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Oct 2022 16:49:53 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 25ms
10ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 09:43:56 GMT
x-content-type-options: nosniff
age: 431390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11860
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 09:43:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 20ms
8ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

b448446e0e9bcadc01d54b55d28469282d21d55e98fab894c289192ba62b0478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 22:11:22 GMT
x-content-type-options: nosniff
age: 386544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11812
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 22:11:22 GMT

GET
H3 200 clan-black.woff
file.daktilo.com/themes/enerjik/assets/font/clan-black/ 515 B
1020 B 88ms
88ms Font
text/html 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/enerjik/assets/font/clan-black/clan-black.woff

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5770c07dcdf5d9cdbd185c432d005a141e25d1c40d244e980aa532f8e0268cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1632226142
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: HIT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 02 Nov 2021 09:33:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVwacldszsvOQ8MZ2%2F406K5TZs6ukofFrtvjyooMjsNQSaE%2FjTFWK1uAHI75XlAQAd1sPhNueUHLA3Pp8IhTbzN32lIXF1KEDQ%2F4zB8Y%2B1kLcQDsctPAAgcveTAwEgq1gfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfc4e7af9d6-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 457

GET
H3 200 clan-black.ttf
file.daktilo.com/themes/enerjik/assets/font/clan-black/ 21 KB
22 KB 95ms
95ms Font
application/x-font-ttf 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/enerjik/assets/font/clan-black/clan-black.ttf

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37f74cce0e13cd5c682ec490ad3acd9edcca50a6f4230f143ee50f39265cd3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1632226142
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
x-cache: HIT
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21688
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "54b8-5cc80436a0f9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSo0fxd9Yu1h%2F9dJIUrup875Nvk1sCdpFqD0P2eoSXPCdEabDpqHZCUwvZmFukncIjrpjp3oXIIe2CzdkEFTS5z%2B%2Fb%2F0%2FLZQ8I0xGOeEa%2FAD%2F%2BeHtAl%2BLsdWHh%2FWVSartwM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cfcdf4ef9d6-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 422

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 36ms
9ms Script
application/javascript 143.204.98.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-34.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 16298780
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: bwAj9jOeKMdERRFCOW2IU8j54p4l8BdH0pyqKChkSHUFkVIxAMYQFA==

GET
H3 200 pubads_impl_2021102801.js Show response
securepubads.g.doubleclick.net/gpt/ 350 KB
118 KB 46ms
25ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120786
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 02 Nov 2021 09:33:46 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 106 B
121 B 31ms
17ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dirilispostasi.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f1d247ab10257646ac4ea9aa1f9c3f80689e29a6db3e3c4ef77489789c59237f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Tue, 02 Nov 2021 09:33:46 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 60ms
19ms Preflight 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.dirilispostasi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 02 Nov 2021 09:33:46 GMT
content-length: 0
cache-control: private
access-control-allow-origin: https://www.dirilispostasi.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age: 86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
195 B 56ms
22ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.16.0&cb=97869471386
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dirilispostasi.com
date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
413 B 115ms
77ms XHR
text/plain 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:46 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.dirilispostasi.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
184 B 48ms
16ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dirilispostasi.com
date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 471 B
777 B 697ms
119ms XHR
application/json 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: 48b3624e2efd42093333ad8726f17f327bd0700c311102e2ebba727323842224

Request headers

Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:47 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.dirilispostasi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 471
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
527 B 87ms
29ms XHR
application/json 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.16.0
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 0b9195ec1dc5166f2479d1a99bee946d82ba8c598b6956768bd87d5baee169f5

Request headers

Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 02 Nov 2021 09:33:46 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.dirilispostasi.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 236 B
1 KB 146ms
74ms XHR
application/json 213.19.162.61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1810320&size_id=10&rp_schain=1.0,1!dirilispostasi.com,1994310,1,,,&rf=https%3A%2F%2Fwww.dirilispostasi.com%2F&tk_flint=pbjs_lite_v5.16.0&x_source.tid=5d21aeec-8b35-4331-8ddb-f867fba70b45&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8953333662990237
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 888c948c04758f9c12dfb349742432a079c2d43437fba3995a25d67ec1e36605

Request headers

Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 09:33:46 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dirilispostasi.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 236
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 236 B
1 KB 137ms
60ms XHR
application/json 213.19.162.61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1810320&size_id=10&rp_schain=1.0,1!dirilispostasi.com,1994310,1,,,&rf=https%3A%2F%2Fwww.dirilispostasi.com%2F&tk_flint=pbjs_lite_v5.16.0&x_source.tid=1e6377a5-2808-439e-bdf0-63b8442242d7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.00999204612100324
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5558f5c4e4a5329b7e54650eeb2bbed81face6995ef34330699ea3afc182d79f

Request headers

Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 09:33:46 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dirilispostasi.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 236
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 147ms
68ms XHR
application/json 213.19.162.61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1810320&size_id=57&rp_schain=1.0,1!dirilispostasi.com,1994310,1,,,&rf=https%3A%2F%2Fwww.dirilispostasi.com%2F&tk_flint=pbjs_lite_v5.16.0&x_source.tid=f92a8a19-287d-4d57-a317-d0cad7b1ba13&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8646927154162849
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: bf8769b24b731813089629141326e76ba98d8be46bca2c32f9d57fd7f87607bc

Request headers

Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 09:33:46 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dirilispostasi.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 235 B
1 KB 216ms
113ms XHR
application/json 213.19.162.61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1810320&size_id=9&rp_schain=1.0,1!dirilispostasi.com,1994310,1,,,&rf=https%3A%2F%2Fwww.dirilispostasi.com%2F&tk_flint=pbjs_lite_v5.16.0&x_source.tid=b2b7d6b6-1ad2-4978-8981-c84318042928&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6841880609077575
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: addafed55440417387efe20a34c33d11986c189c3e3b9b372c741906bd8b3ddf

Request headers

Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 09:33:46 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dirilispostasi.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 235
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
164 B 44ms
14ms XHR
text/plain 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1635845626537&src=pbjs
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dirilispostasi.com
date: Tue, 02 Nov 2021 09:33:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H3 200 Config-sw.js Show response
cdn2.bildirt.com/ 6 KB
2 KB 52ms
35ms Fetch
application/json 104.21.54.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.bildirt.com/Config-sw.js?uygulamaid=7893-5826-3808-6352-7968-7
Requested by: Host: cdn2.bildirt.com
URL: https://cdn2.bildirt.com/BildirtSDKfiles.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.54.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33, PleskLin
Resource Hash: 6496c21ab9a060bc214dc3f26c2351428e8ca5a6f17ea28aaeeaf5cc6c439f16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33, PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZyjv0gc6IE2DxRG7YV6zPf8A1CKxqwwUoS0S0zsdMQAmgem4NfyecBOHdoANtuIcpygQ7LkGNDBrvo8WpEjWKt3VAjmjQ%2BFMf9Kjb0fG7rje3lrJ4eoy%2F6n3RIuFABgplaB"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset: UTF-8
access-control-allow-origin: *
cf-ray: 6a7c5cfe0ac81f19-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ 3 KB
2 KB 23ms
6ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

5a1728d103615f24959aef10e6c07852e69a9de48154ab7969e5b4bdc45c49a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: qRd7sVegcaRMgPT0b/v9OQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 7/YEj3mJf43iStx1R7bBKcOUO313D/LLPhIQ+KECuc1qVHNtctiaWUZaJjV/K2TGEFNJh4p9eNQdPgDh7sAm8Q==
x-fb-trip-id: 686109401
x-fb-content-md5: 183f4e5ed3368c44dddf7a52b6a2458e
x-frame-options: DENY
date: Tue, 02 Nov 2021 09:33:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6017b788d15d5ce7ea407a89e9d6ac01"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 02 Nov 2021 09:42:10 GMT

GET
H3 200 all-on-defer.js Show response
file.daktilo.com/themes/default/assets/ 47 KB
13 KB 27ms
26ms Script
application/javascript 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/default/assets/all-on-defer.js?m=1632226142

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99f85bb1561780bb367bb8f4aa78c54d69343a78f4663e1c5bc3ade9e113cdbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1744
cf-polished: origSize=47954
x-cache: HIT
x-cache-hits: 36
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"bb52-5cc8043673136-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAeVGd4baZPK3%2BhBAu1SpTieFKsQlJEZdJMdZKcfbRBiQnoyAAu1WbMO07RaaQTq4%2B5VuywoLjUIv178359uG7J6Ur1f2km7xn7e%2FcZ958dmAdHwRhroVA5QmBptA5%2B159I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfe0b2e411a-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
cf-bgj: minify

GET
H3 200 jquery.visible.min.js Show response
file.daktilo.com/themes/default/assets/libs/ 829 B
1 KB 28ms
27ms Script
application/javascript 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/default/assets/libs/jquery.visible.min.js?m=1632226142

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50f6e7ec759bf6204125f85f9b45e9af4095db7483d0a2662b69fb3ceb4d866b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 738
x-cache: HIT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"33d-5cc804368c779-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNfV8P2abERIDMLfkQ2C2d3H2CdrepsUJ5LblFF4lWAGieU33ZK5z4vcNzt1GnSCBWDbjh94ysOl%2BcncApYN0slaPtsXl%2BfnJ5gb1ROCq%2FNsMiRjA%2FW%2BWu04Y%2BcqLWAo2Wc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfe0b32411a-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 19

GET
H3 200 main.js Show response
file.daktilo.com/themes/default/assets/ 42 KB
13 KB 28ms
27ms Script
application/javascript 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/default/assets/main.js?m=1632226142

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

792f67bffc9b185a4692aae847d00b0da9ce0e7bf15e5ec8b06e30d3d4dca14d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1744
cf-polished: origSize=69689
x-cache: HIT
x-cache-hits: 37
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"11039-5cc804368e6b9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPXeWyAk%2BzDcPK1zqjmO%2BtjiE7YcZyBhDsKtTKhlZdVpbjheOfoPCcXbbJ50cMJTpAlXcffUcoExYauZY7qe%2FUIjU6LVJ2EOtirrV7Q4WdM%2FmBmPWOVA8Dx7j9%2BlWSieeVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfe0b33411a-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
cf-bgj: minify

GET
H3 200 main-theme.js Show response
file.daktilo.com/themes/enerjik/assets/ 4 KB
2 KB 25ms
24ms Script
application/javascript 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.daktilo.com/themes/enerjik/assets/main-theme.js?m=1632226142

Requested by

Host: www.dirilispostasi.com
URL: https://www.dirilispostasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d965a96f60e99f7d752540182395d3a2d73113d25bffe01abc4415273d7338d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1744
x-cache: HIT
x-cache-hits: 39
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e31-5cc80436a2edb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vY6NJKJ%2FVKWhKNh7VpPRoD2bIEsqp5TBmxHg0AgIZXi%2FNU3b06wGlsCYBEwoHF%2FzCnznpqn%2Btwb8qf7qCQDNPuz1%2BD7hbX6jiZRkrKEy2Y%2FjOVcgM%2BbpB3kCQYzbFiaC6fY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a7c5cfe0b35411a-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 51ms
14ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-68569869-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 5592
date: Tue, 02 Nov 2021 08:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 02 Nov 2021 10:00:34 GMT

GET
H3 200 profile.png
www.dirilispostasi.com/users/15464/ 49 KB
50 KB 129ms
129ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15464/profile.png?r=e939c70866e74e3d64fb13e3ecd99ed5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e47770b0d2b319163a7f0d742568f1457aa0c4051c6f7150399831a656b237b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50246
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:05:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c446-5ba4f3ad5ece6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mY99WxB5DV%2BKnWnv9Lkkxn7hEAUpcko9z4EpgaV2ALRCruH9eZHrP0DFwCmnFqbdKWUyOWZlvIpEhe1wd%2BpeRIUJkgnQ2zW2R9Rho0xNBmkiRtWvbydYFZCHuAgafrqVoVQ%2BpTc7MRgM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfe2b4927b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15413/ 60 KB
60 KB 144ms
143ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15413/profile.png?r=56b3ecc0c2f3ba07fe40833d6c46c9ab

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02028400f9459a6c0b8cbb3078f8a28b52bc507c546b4410a9f246d630ef0fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 61243
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:11:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ef3b-5ba4f4ec2d4cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6Ngjm5hCtPMTYfmlfWgBhtmuLLsRwR2s8hZWYdmma5U1mZa2o8aQ6x2PTsGXbB7ZoXbYTbc3IcuMgNdw0PbXgZGgaPfNghCoE8N8CHDdudsJZFxpeggxwG2VwJ0G7tkwIoX5GbALOc8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfe2b4a27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.jpg
www.dirilispostasi.com/users/17884/ 14 KB
15 KB 96ms
95ms Image
image/jpeg 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/17884/profile.jpg?r=1fa1ac22c1c66562ffc0a629dd84f423

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c76f06ea95766ce0f9668a9a1c1cd0a8997f90d22d5954561be31fec5fedc158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14234
x-xss-protection: 1
last-modified: Mon, 05 Jul 2021 16:31:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "379a-5c662d7edbd08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLv%2BhOw9GcJDLNBc7ez0SxeZuxFVziHUuQbvSrVZuwDgo8B0FC8pd5JF4VUpeDlAPYkbi0%2Bhsu62vzS3ski9I2XXFxrupRuAkIvAz%2FQ3fRH9mDkW0ark%2BUDFreLDsgl%2BqQd18ws5%2F3cM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfe2b4d27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.jpg
www.dirilispostasi.com/users/15418/ 11 KB
11 KB 80ms
78ms Image
image/jpeg 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15418/profile.jpg?r=5a9febaac4b9a608f3528df95a757f59

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1bb5797d9b787b5eb6dcfb2f86aad70f4971a989f0567fa38e61e8f0bdae678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10834
x-xss-protection: 1
last-modified: Sun, 31 Jan 2021 18:35:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2a52-5ba367fdaa298"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQQffq6eSt2tgSkQXTcZHUxdDZadgIibgCrEsP4W1RH8CoCPK8Pg00rlci%2FHZC8hRf1biXyDGScvVc%2FhwigtsVhmKW23Fvuq8%2BMjdfJUCG8nE33HO9PVE9GKyE0%2FeZSjZXCjlm3XzTzv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfe2b5227b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15462/ 56 KB
56 KB 144ms
143ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15462/profile.png?r=5a9febaac4b9a608f3528df95a757f59

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b8fac4d734250d5499f26ae86ce1f66db96233f00fa15dd8ec9ffeef640de6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56931
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:14:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "de63-5ba4f5b0ac688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSKTtXTBqEib6WVA2aJIu%2BTN%2FgheQFRKrvL2Z1gMO9y4u7lnGTwL3inasuPTtLAR5CtsLMiV6fPQr%2FQFoEUy9unBdSHFO7EupRrXn71FGb46hpqMN%2BLJmwCV4sS8WCabwhCz9TPzcakH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfe2b5427b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15445/ 49 KB
50 KB 160ms
159ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15445/profile.png?r=b60a5da6ec5270412c5a93cdc9ec0803

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb18c90f79e9bb67d5a0051a7a907ee094925d96176749d3d2916b1d36f621b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50264
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:35:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c458-5ba4fa77ba8f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ce7hpaeXaKzPHDh0ExUbaj%2F2Q%2BOXj6dAHPSI55vC1oghqeQzhOjAh45JiA85%2FLsZuoWDaKUFHTPi4cH2ki3WDUTh3xnG4gMG5wXbeJTDFrwAqqjJ34MdxkfNUOXfxy8Rg4Yif3uVMyS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfe2b5727b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15409/ 52 KB
53 KB 161ms
160ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15409/profile.png?r=420eea7e5964a58457ee7049c614c7d4

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce376d1b9da80ea635b9cfb0b6991d1196a80843b24d3a60076be10f96d92b87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53358
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:31:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d06e-5ba4f97f4b324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqET85Q4dP8%2BjO%2FJkPopDKWtu%2FpIt0zgN0ZdjgCGIAqLJ9yuF2fBzu1%2BnEi89Zrvq74a207joriyxolAU8UWIJoVwhq0H8xmfBcntFV8kUiGfEghMDmCJQ93E9BFk2wtr62bH6HElCLV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfe2b5927b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15417/ 55 KB
55 KB 110ms
109ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15417/profile.png?r=42d98e6c980925c942029f9e1906f617

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b53acf968b8c20c679009796dc1ba040f1c99a21971ba10132e72447560d39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56018
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:34:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "dad2-5ba4fa2281913"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7OlPZv992YKFCG6ebq%2BKM8vLWJlDGt0gjg44G%2Ft6jyux467FjvdgkHZ6HvbZTU6tBfWzF5eFAbgbCcUpCMzJkaZBuy9bXrFI6x36s9ccoNA52VPGpzc0aWsdtbOIq9lFAvksYXGFAy5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfe2b5a27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.jpg
www.dirilispostasi.com/users/16132/ 15 KB
15 KB 174ms
173ms Image
image/jpeg 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/16132/profile.jpg?r=42d98e6c980925c942029f9e1906f617

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5db6085b7a168d5a119ef2aefd5a16fb05ff1221ebac9502fe1c3a1653b112ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15140
x-xss-protection: 1
last-modified: Mon, 18 Oct 2021 15:05:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "3b24-5cea1e1757f42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNr80FVq5VbnUhhgdrchZGQkPy9KgtfCda1G45NbJJDtqG9CCsPpBTF4MGAYItpFAQnm1ZwTVG2fvv60IVPnaeB73ryZEsYlqSKka3%2BN3ZAjht72MXdUAia4gSnyjzzuDCl%2Bq0WDaxWQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfe2b5b27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 36ms
7ms Image
image/gif 143.204.98.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Haber%20-%20Son%20Dakika%20Haberleri%20-%20Haberler%20-%20Dirili%C5%9F%20Postas%C4%B1&time=1635845626581&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.dirilispostasi.com%2F&random_number=11780041471&sess_cookie=b1523de417cdfff5ad5e7cecfd0&sess_cookie_flag=1&user_cookie=b1523de417cdfff5ad5e7cecfd0&user_cookie_flag=1&dynamic=true&domain=dirilispostasi.com&account=j5d9s1Fx9f207i&jsv=20130128&user_lang=en-US
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-84.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 05:06:50 GMT
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 16016
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: LY1a2JZhVMn2qQPg8sVGCApl21ctCqIdx3mDyHO7HkLfrhSatbV8xQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 522ms
167ms Image
text/plain 54.68.24.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.24.0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-24-0.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:47 GMT
server: Server

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ 271 KB
76 KB 16ms
7ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=a52239d5a4db3fe8d5b62d7c5e76a78c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

c9fcb8c60299a0f1f19a807cea24adb48bfdba18538ea0572f05b94909117183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.dirilispostasi.com/
Origin: https://www.dirilispostasi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LD9FPx5pmb5jPIe1H+iJag==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 78200
x-fb-rlafr: 0
x-fb-debug: rk6DlJPSxFmLqZV9WeYF3aGw92COnzd1TTVSqTE9pocab41yNUs1CyN9p/wC//qYFChXO8P1Uigv73LjM6SWPw==
x-fb-content-md5: 2c811cef7d7c0b7f3e583b3fda90177f
x-frame-options: DENY
date: Tue, 02 Nov 2021 09:33:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7a9b476827d9664587a102c4ecd2d61f"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 02 Nov 2022 08:40:39 GMT

GET
H3 200 bell.png
cdn2.bildirt.com/images/ 1 KB
2 KB 30ms
21ms Image
image/png 104.21.54.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.bildirt.com/images/bell.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.54.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 23d968342a52b86e5f3bba69ab439e051c1447c1ea8655135c2e014bb8c6c887

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4987
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1155
last-modified: Mon, 03 Feb 2020 19:33:59 GMT
server: cloudflare
etag: "5e3875a7-483"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjj4gTdCJexiJJ4zws73vXlCcZbFIs5jNB6R%2B8lTYM7OXvlw%2BxZ3WZi6Dr%2BwS5Z8rli7HsiSuNcDOPlSGA%2BhyKHWqM81HrCVjR%2FcrGod7YJDUyn7I0Dj%2BRsCXdrAASBgQcjd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a7c5cfe5982d6fd-FRA

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 22ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1135248930245114&ev=fb_page_view&dl=https%3A%2F%2Fwww.dirilispostasi.com%2F&rl=&if=false&ts=1635845626645&at=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 02 Nov 2021 09:33:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 41ms
20ms XHR
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=784600516&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dirilispostasi.com%2F&ul=en-us&de=UTF-8&dt=Haber%20-%20Son%20Dakika%20Haberleri%20-%20Haberler%20-%20Dirili%C5%9F%20Postas%C4%B1&sd=undefined-bit&sr=undefinedxundefined&vp=1600x1200&je=0&_u=YEBAAQABAAAAAC~&jid=120881749&gjid=1277906635&cid=1138391424.1635845627&tid=UA-68569869-1&_gid=254866413.1635845627&_r=1&gtm=2ouar0&z=652826547

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dirilispostasi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 profile.jpg
www.dirilispostasi.com/users/15418/ 11 KB
11 KB 89ms
89ms Image
image/jpeg 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15418/profile.jpg?r=5a9febaac4b9a608f3528df95a757f59

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1bb5797d9b787b5eb6dcfb2f86aad70f4971a989f0567fa38e61e8f0bdae678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10834
x-xss-protection: 1
last-modified: Sun, 31 Jan 2021 18:35:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2a52-5ba367fdaa298"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2POn5iswyOIybzwQj9Pmnd6Op%2FNQLDo7SCLw9L2w2C7CjmLWabgAlBuRCKHk7QYN2%2BW1OEepCBfw1paeZHgMDevLkkVOqY63ylTMN3OvzIREvZyxWCfeAdrdfVrqTHdkfb3lJxSi72IB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfebc2b27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.jpg
www.dirilispostasi.com/users/17884/ 14 KB
15 KB 63ms
63ms Image
image/jpeg 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/17884/profile.jpg?r=1fa1ac22c1c66562ffc0a629dd84f423

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c76f06ea95766ce0f9668a9a1c1cd0a8997f90d22d5954561be31fec5fedc158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14234
x-xss-protection: 1
last-modified: Mon, 05 Jul 2021 16:31:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "379a-5c662d7edbd08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Vje0wqBgAIQ0Jp91flvBWUaidHYVcvfUJ7RZRgUTIiaouj4QNPz7fhmK5784IIDGGJMUinZbyNxlRRKnM4yWgYYVcMEXVW%2FfY2sWz4OVyMGBsmKgOECQdzJ%2FWRjwr7faJ8vcbmKpuZG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfedc7027b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
445 B 44ms
14ms XHR
text/plain 74.125.206.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-68569869-1&cid=1138391424.1635845627&jid=120881749&gjid=1277906635&_gid=254866413.1635845627&_u=YEBAAQAAAAAAAC~&z=1063750632

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 02 Nov 2021 09:33:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.dirilispostasi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 advertchannels Show response
www.dirilispostasi.com/service/ 7 KB
1 KB 74ms
74ms XHR
application/json 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dirilispostasi.com/service/advertchannels?channels%5B0%5D%5Bslug%5D=yan-l&channels%5B0%5D%5Bset%5D%5Bvalues%5D%5Bunit%5D=true&channels%5B1%5D%5Bslug%5D=yan-r&channels%5B1%5D%5Bset%5D%5Bvalues%5D%5Bunit%5D=true&channels%5B2%5D%5Bslug%5D=ana-e-5&channels%5B2%5D%5Bset%5D=false&channels%5B3%5D%5Bslug%5D=ana-17&channels%5B3%5D%5Bset%5D=false&channels%5B4%5D%5Bslug%5D=ana-16&channels%5B4%5D%5Bset%5D=false&channels%5B5%5D%5Bslug%5D=ana-14&channels%5B5%5D%5Bset%5D=false&channels%5B6%5D%5Bslug%5D=ana-18&channels%5B6%5D%5Bset%5D=false&channels%5B7%5D%5Bslug%5D=code&channels%5B7%5D%5Bset%5D=false&is_mobile=false

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b678ece14665fdba161a0b4f85e7e9e418a933dad47bd037689f2864aeaaf39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Referer: https://www.dirilispostasi.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: reklamlar
x-cache: HIT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 60.000
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Tue, 02 Nov 2021 09:33:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Y3nZWiEciJathzwNG8mGGmNTP3XnwvGEHg%2F0G4cMVCGqsbTMZOK8fH8ym9seYODofI%2B7GfFaxOqQXSP7x%2FuXHSNuYum3KD8tslcTGoxdbSCecNxO714iiU%2FlgD%2FJqnyDJO0ax%2BSwtWp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=60, public
x-ratelimit-limit: 300
cf-ray: 6a7c5cfefc9027b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 3

GET
H3 200 vnew.png
file.daktilo.com/themes/enerjik/assets/main/img/stick/ 642 B
1 KB 88ms
87ms Image
image/webp 104.26.2.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://file.daktilo.com/themes/enerjik/assets/main/img/stick/vnew.png

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/enerjik/assets/main/main-home.min.css?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.2.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

339271ce58381e7ecae6e2473e94c67f654d6937b91b06eadf0491f71b6f8988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://file.daktilo.com/themes/enerjik/assets/main/main-home.min.css?m=1632226142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: asset
cf-polished: origFmt=png, origSize=2537
x-cache: HIT
x-cache-hits: 458
content-disposition: inline; filename="vnew.webp"
vttl: 1296000.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 642
x-xss-protection: 1
last-modified: Tue, 21 Sep 2021 12:09:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "9e9-5cc80436a3e7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a04TQ3j8Nx2HwIFi%2BQ6vDKeEQVyGQMO7SMY8poThuQ1xXmuIH7e0DCCnL%2BYLzjQhooHAdiKCZ5KHYoFcfGvcT1jdS%2BH6TLW1Ugfu6pM04X0FChmLuqJu8li166fOhaH6PT0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a7c5cff2d20411a-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK visitors Show response
statistics.daktilo.com/stats/ 35 B
301 B 41ms
11ms XHR
application/json 157.90.162.130
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://statistics.daktilo.com/stats/visitors?site_id=805
Requested by: Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.162.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: statistics.daktilo.com
Software: nginx/1.14.2 / Express
Resource Hash: 4cb560f981f79a604d992adba3c8b6b25696c5cfae2766aafb9545c9eaa9c91f

Request headers

Accept: */*
Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 09:33:46 GMT
ETag: W/"23-5WBhSdDhnkFlOR5D4fmOheTs1bw"
Server: nginx/1.14.2
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 35

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 74ms
52ms Image
image/gif 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-68569869-1&cid=1138391424.1635845627&jid=120881749&_u=YEBAAQAAAAAAAC~&z=1883445253

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 profile.png
www.dirilispostasi.com/users/15464/ 49 KB
50 KB 38ms
38ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15464/profile.png?r=e939c70866e74e3d64fb13e3ecd99ed5

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e47770b0d2b319163a7f0d742568f1457aa0c4051c6f7150399831a656b237b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50246
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:05:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c446-5ba4f3ad5ece6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJsA0hyAElC97Uoyet3m0Z4xb9w519xhfArQl%2FkMMHjxe1vIms3%2BPGb2nKh18swxSKh3picsTO%2B4269FKK3kYKiaoRfyKvcczD1P4tioHXIfQFjsBw0hVZPU9gVSL3HiDdcza8ZMy02q"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cffbdc627b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15413/ 60 KB
60 KB 23ms
23ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15413/profile.png?r=56b3ecc0c2f3ba07fe40833d6c46c9ab

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02028400f9459a6c0b8cbb3078f8a28b52bc507c546b4410a9f246d630ef0fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 61243
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:11:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ef3b-5ba4f4ec2d4cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJ1DApBepUeBbOlWEcTAa445%2FZMOdwwm3BV6S9%2F80xI28YH%2F8Ynx6ovgK4uXW6klbDLntSYbdnJPxvOi5dsHZo2Oq7%2F9PfQ5WIbVDuZAqESviUZd4VTCsL5IvZikWlUxzPfXEeqClXWg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cffbdc827b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15462/ 56 KB
56 KB 24ms
23ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15462/profile.png?r=5a9febaac4b9a608f3528df95a757f59

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b8fac4d734250d5499f26ae86ce1f66db96233f00fa15dd8ec9ffeef640de6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56931
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:14:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "de63-5ba4f5b0ac688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqN3C3ImXt8iCbdZlsmB4hbb%2FBN5egeT6eZ9eVEbYl0FYmnlrUm0SGcm2uzigX6EyffpvGuZfD5HHfSElmRFik3meEej7amNTknay6XH1CFOSjMooNRimBZy2KlRtvBDjMV2eYqp1lG%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cffbdc927b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15445/ 49 KB
50 KB 26ms
25ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15445/profile.png?r=b60a5da6ec5270412c5a93cdc9ec0803

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb18c90f79e9bb67d5a0051a7a907ee094925d96176749d3d2916b1d36f621b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50264
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:35:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c458-5ba4fa77ba8f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12QQ5ooM419kZDdksjLxWQXQjACzdKE6lf%2BTBqmUkClbwyxEjxQ2XTxpf7HgjNY%2FHQ0DdIrjvaJQebuFiM%2BivWZCKZXiAxXkOeoySGTeVEkRRhsZ7POfj%2Bvro0aMXeGDYCuAohvjbVUl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cffbdca27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15409/ 52 KB
53 KB 21ms
21ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15409/profile.png?r=420eea7e5964a58457ee7049c614c7d4

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce376d1b9da80ea635b9cfb0b6991d1196a80843b24d3a60076be10f96d92b87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53358
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:31:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d06e-5ba4f97f4b324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rfg1a%2FqlAJVP1%2BohLAoaRwwuWbZ8tnrfqcGAopU4kGLsAwdqXR%2F5bcIFGXOubCTk5ttDH2dJ2YB1law6jku5Tprt4jIdMf0neHj%2Bq0fOOr3Xfd5DrQogEXYAY6js7kAavSn74XxqlH0R"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cffbdcb27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

POST
H/1.1 200
OK adverts Show response
statistics.daktilo.com/stats/ 15 B
280 B 29ms
10ms XHR
application/json 157.90.162.130
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://statistics.daktilo.com/stats/adverts
Requested by: Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.162.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: statistics.daktilo.com
Software: nginx/1.14.2 / Express
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept: */*
Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 02 Nov 2021 09:33:46 GMT
ETag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
Server: nginx/1.14.2
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 15

GET
H3 200 profile.png
www.dirilispostasi.com/users/15428/ 60 KB
60 KB 98ms
98ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15428/profile.png?r=ba9b3b1bc7c11a2ce7aea0e75239fe75

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73b9d17bca34ee42e0ab48ccdcd2f781661154faafcb0062e0960be2932e69f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 61135
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:37:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "eecf-5ba4facf03e29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbtsIi%2F5QB3NvaLa5vGFsZEDCAuZyZRHyjd8HFy5wH0SpZPZ25EI6zG3h%2BzUlIZYCr0KvGjwJTAolv1jbxybOIpaTWqC2K7%2B6OzgltxLMFP%2Bdz4k%2FM8UtaE5TlawTTQvQH47X2xSoBJU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cffbdce27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 0

GET
H3 200 istanbul Show response
www.dirilispostasi.com/namaz-vakti/ 64 B
738 B 74ms
72ms XHR
application/json 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dirilispostasi.com/namaz-vakti/istanbul?action=province_change

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d504f7b9ae939a0b5345ed47aeb39a589edaaa6bc34249de226bc80ddbaf2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Referer: https://www.dirilispostasi.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
mod: namaz
x-cache: HIT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
vttl: 60.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 02 Nov 2021 09:33:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCLcjztfADOGnuE95BgAN51v72G%2FVHylteieCPaifbfkYf70pX%2BnzFQFkGZOR4ogHgNnOm53bsoKyV6ZUf%2FaLGk%2BEZ4p%2BPY%2B7vSLeAWOG%2BNN2xzNP7bI9P1Q3KYd7BkIWGOEKgzt1ezI"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6a7c5cffedfe27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 12

GET
H3 200 profile.png
www.dirilispostasi.com/users/15417/ 55 KB
55 KB 27ms
27ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15417/profile.png?r=42d98e6c980925c942029f9e1906f617

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b53acf968b8c20c679009796dc1ba040f1c99a21971ba10132e72447560d39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56018
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:34:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "dad2-5ba4fa2281913"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiBpP522PfeSpjEONNzkDo%2BkKc0azWgVv84rxcK4WVg8%2BRrXio0wBuL%2F0BcXKM6idIiu2J5aKjYodA60s2F4QCMGItFy0QmEBqGTXv%2Bqcm24PTA2FtnKqMlrS34%2BUVmGBz8c5a0bYIIE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cffee1527b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.jpg
www.dirilispostasi.com/users/16132/ 15 KB
15 KB 23ms
22ms Image
image/jpeg 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/16132/profile.jpg?r=42d98e6c980925c942029f9e1906f617

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5db6085b7a168d5a119ef2aefd5a16fb05ff1221ebac9502fe1c3a1653b112ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15140
x-xss-protection: 1
last-modified: Mon, 18 Oct 2021 15:05:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "3b24-5cea1e1757f42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2Bx1O6P9F7XVyZu7TiAEpScYLM2SWXmDzZV5ec5c%2BPcwkz3a67M7WecHBREcPnOxh43884XsQY8%2B3A6LqPLPaQK7VM2xj4Rv1h6KEmkwhsfMtZfgQfzS3A8SylFkIE8MLMUBHpsGfbj6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cffee1827b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15413/ 60 KB
60 KB 24ms
24ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15413/profile.png?r=56b3ecc0c2f3ba07fe40833d6c46c9ab

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02028400f9459a6c0b8cbb3078f8a28b52bc507c546b4410a9f246d630ef0fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 61243
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:11:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ef3b-5ba4f4ec2d4cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbWTUtou0wvxVoiAe82llgwee4LQQrERr2beW5TuxvPH8Ja2S8FQYBFE2%2FxG9rfR1n4pzruaqPf%2BnKms2s9ZzQXsqY5UZMCSGrfnMAw5%2Bpo9tEdSrZTlgzXswLF5TgFklko%2BKD%2FPqNL2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfffe2627b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15462/ 56 KB
56 KB 23ms
22ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15462/profile.png?r=5a9febaac4b9a608f3528df95a757f59

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b8fac4d734250d5499f26ae86ce1f66db96233f00fa15dd8ec9ffeef640de6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56931
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:14:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "de63-5ba4f5b0ac688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeRvLe9sYG9ePVvVpGade6%2Fhuzgwhig0D%2B%2F6y%2Fb%2B7H1TGXJqF0KIP6w%2Brcz7%2FjMu1r%2BdG7iFwz58W0bnO0%2BmcyG9g1L5CJHO6xeCboktow47ka2uSJHFGzpWf7PWxOOvKJkisgsSyqHc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfffe2727b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15464/ 49 KB
50 KB 26ms
25ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15464/profile.png?r=e939c70866e74e3d64fb13e3ecd99ed5

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e47770b0d2b319163a7f0d742568f1457aa0c4051c6f7150399831a656b237b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50246
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:05:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c446-5ba4f3ad5ece6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hh6dTCzTG7MGxrI3A3aRFovydzQYNZmv00BnjM7zN7KKARKwScyV7JOmAr9p15A550ZCVXeT2NZXytkJfcCog3fHdXP3wAhdXfFATdiWfhgjUB3nnQd9P%2FWJTfTfI6R%2BQAYqScxT0msa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfffe2827b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15445/ 49 KB
50 KB 34ms
34ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15445/profile.png?r=b60a5da6ec5270412c5a93cdc9ec0803

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb18c90f79e9bb67d5a0051a7a907ee094925d96176749d3d2916b1d36f621b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50264
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:35:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c458-5ba4fa77ba8f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9V3mZV0hm%2F4RYVw%2BIG%2BPUU3bZcu3TisUETx1VFnBxYJMmdI3g%2F8v0aSFuXoUNy2bXovpdwCBiRGPMPCrNgBlL%2B%2B05wHjkZWRpRJU%2Bm6W74UKV0hX0tv1ZrZjKRtxO0eMg71kQvwZ4GR%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfffe2927b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15409/ 52 KB
53 KB 28ms
28ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15409/profile.png?r=420eea7e5964a58457ee7049c614c7d4

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce376d1b9da80ea635b9cfb0b6991d1196a80843b24d3a60076be10f96d92b87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53358
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:31:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d06e-5ba4f97f4b324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUuDy9oxJ4uUHzZYGSCzyi8hSMDbnx1IXQbejjMOnJsZSMWeE58FTIlvT%2BLpOXSVbI9%2FXSGlx6hwQc47uVDAn%2BpEY6v8GI6FTYAft9RvNJPX5fxaqUeH8OpWd2lZCjRUWRvqZsZnQOSk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5cfffe2a27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15428/ 60 KB
60 KB 24ms
24ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15428/profile.png?r=ba9b3b1bc7c11a2ce7aea0e75239fe75

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73b9d17bca34ee42e0ab48ccdcd2f781661154faafcb0062e0960be2932e69f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:46 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: MISS
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 61135
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:37:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "eecf-5ba4facf03e29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nM0JXTgbm9ZwiukGWooyxHlDJu3vFpbKzyWqHqDTZXTpnyiX4pMtvH%2Bp2RWsPL6BXdhD8UCG6jX6kx%2Ffwtv70bTo4W5Q5QPyGHGaC1uszHCKP3QbWya2QMEZHf33wm5XMDhJKODMAqMF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5d005eda27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
15ms Script
application/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dirilispostasi.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Nov 2021 09:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
447 B 89ms
89ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3819621186607283&correlator=1219790657531974&output=ldjh&impl=fifs&eid=31063280%2C44752541%2C44748552&vrg=2021102801&ptt=17&sc=1&sfv=1-0-38&ecs=20211102&iu_parts=21843168689%2Cadxp_dirilispostasi_billboard%2Cadxp_dirilispotasi_rectangle_1%2Cadxp_dirilispotasi_rectangle_2%2Cadxp_dirilispotasi_rectangle_3%2Cadxp_dirilispotasi_side_1%2Cadxp_dirilispotasi_side_2%2Cadxp_dirilispotasi_160x600_1%2Cadxp_dirilispotasi_160x600_2%2Cadxp_dirilispostasi_1050x150%2Cadx_tam_sayfa%2Cadxp_dirilispostasi_sticky&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11&prev_iu_szs=970x250%7C728x90%7C320x100%7C320x50%7C970x90%2C300x250%7C320x50%7C468x60%7C336x280%7C320x100%2C336x280%7C320x50%7C300x250%7C468x60%7C320x100%2C468x60%7C300x250%7C320x100%7C336x280%7C320x50%2C320x50%7C320x100%7C300x600%7C300x250%7C336x280%2C300x600%7C320x50%7C300x250%7C320x100%7C336x280%2C160x600%2C160x600%2C1050x150%7C336x280%7C320x50%7C320x100%7C970x90%7C970x250%7C300x250%2C320x480%7C300x250%2C300x250%7C320x50%7C336x280%7C320x100&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635845625&dt=1635845627253&dlt=1635845625999&idt=593&frm=20&biw=1600&bih=1200&oid=2&adxs=313%2C-9%2C-9%2C-9%2C-9%2C650%2C-9%2C0%2C-9%2C-9%2C-9&adys=160%2C-9%2C-9%2C-9%2C-9%2C3794%2C-9%2C160%2C-9%2C-9%2C-9&adks=3830187700%2C3559959487%2C831631108%2C366978671%2C3229080878%2C258012678%2C3809590579%2C1907389725%2C2617471469%2C381283211%2C4125244948&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&ifi=1&u_his=2&u_sd=1&flash=0&url=https%3A%2F%2Fwww.dirilispostasi.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=974x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x250%7C0x-1%7C300x600%7C0x-1%7C0x-1%7C0x-1&msz=974x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x0%7C0x-1%7C160x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1138391424.1635845627&ga_sid=1635845627&ga_hid=784600516&ga_fc=true&fws=4%2C2%2C2%2C2%2C2%2C4%2C2%2C4%2C2%2C2%2C2&ohw=1600%2C0%2C0%2C0%2C0%2C1600%2C0%2C300%2C0%2C0%2C0&btvi=0%7C-1%7C-1%7C-1%7C-1%7C1%7C-1%7C0%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c3d0397b0d3fc615e614e79928948e1e3d939d6ce04c76990c029a5d18c99dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 417
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dirilispostasi.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 65ms
30ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

88262900acfae9706f3c553a10d01618c831101a13b0732e6fe320a89347f868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Nov 2021 09:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9277
x-xss-protection: 0

GET
H2 200 container.html Show response
f8316f82c44bf0ade3e28aab794d6b80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B63 6 KB
4 KB 72ms
21ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8316f82c44bf0ade3e28aab794d6b80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 02 Nov 2021 09:33:47 GMT
expires: Wed, 02 Nov 2022 09:33:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 86ms
50ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 02 Nov 2021 09:33:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 86DF 12 KB
5 KB 23ms
7ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 02 Nov 2021 08:45:34 GMT
expires: Wed, 02 Nov 2022 08:45:34 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2893
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AB24 783 B
536 B 54ms
24ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

2f7cab390c3bc03c41f85c17745468a81cbc99f8ef3773067c1f5fae0507a929

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mdQvqAxpKN4KdA9RMEAVYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 02 Nov 2021 09:33:47 GMT
date: Tue, 02 Nov 2021 09:33:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-mdQvqAxpKN4KdA9RMEAVYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js Show response
pagead2.googlesyndication.com/bg/ Frame 86DF 35 KB
13 KB 21ms
6ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 06:51:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13394
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 02 Nov 2022 06:51:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AB24 0
0 49ms
49ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102801&jk=3819621186607283&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102801&jk=3819621186607283&bg=!VValVhLNAAZzbWp4c207ACkAdvg8Wtavz0OzKAbCurP-c87Ux2L6JnM7EldoOpy8Be6gb9lmYCd14gIAAAB2UgAAAApoAQeZAsXxt94H88rUwU_aJ9TkODqH0EQCOSFNjM6AUyVTvkYieQ6LVtFimlHich0QQPi43NlpQYQJp0dgMobEujwUv92CSJxM9gSvi0PBbP7c5IB5stKW1NFw_6H-VCFbVKTPfqIrzhHJhbEPjjsZoyrqxWhpo9rTZ9FbIV_a_k1IZ53I3rAFLdrGKr05w7g73tQ0I4qQpzoc1nY2RmkOLMK8OsNbKr0XPOQA2KKCMvIph4u56FrxaktkXD5HWdRHs3vDwkewng382nxTToprquGRjWQsbbyn_-JN_R-RmOSDpWwXMCwHYQ0Y9umShL8mE4Vs6lIYx8mSWsOxYf4wgW9LyC-vfj_fVxHoFvCYwLVQG-4rjp_E_f4IQgMnLsZk7J_M_P4wELkFOKXl9296XjK4GHCznxwl7ivR4WpkjDM3HV3JOhFlCGHYQlQ0bZJb_mzmaRxk9uw9MqRvJCVZ-f9_cWIKn7JLomH1hxQrGPD5ZhQPA4l3yKYHujir0aTC_8p-egfNjwyyjjzp3qvBaOZ9sWpP1eIyDhzG92uwONYiU3ARs7xTikfmjigkuzmUt8dq3JWPVBjnEQz74YynJ7rdJRkZUaNQ8LIw_7Mh9mTLSK8ufpeUwx3lc5EHL9IgPC6KMMpuBfIB3e39jQD-oyKY3ABmpoS8VnnE4Tz2cYsjSwyaUYMI8eJeGQNrviiog1j3z8V8pLksVGlgsqFy0IePzTGzDXBV-FAJ9Ymi8C8ePoPnYjD3CXQPvqhT47VPGp5QhVXn-1EXOMegwHmKxtiHAQuOhGBxDsTt9GRZNioKXrwLDzMZKU44QYUFO4z1fA0F2BRoYr0jylLy3dwAGAvpIfZYUeUbY3auMj6_vpcJu-2t5VOcXTJ-CxIDayilCc9S38cc2XDcj2HXt59wfNXb_We4t64pxAx8phv__KnbZD6tu8PcFJIr

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK graphql Show response
s333.adxpremium.services/ 84 B
533 B 28ms
28ms XHR
application/json 152.228.222.122
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s333.adxpremium.services/graphql
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3189334.ip-152-228-222.eu
Software: /
Resource Hash: 5aed2e8823485a006191e09f072ca593850e58a644d8e725342aef9b6e900c79

Request headers

Referer: https://www.dirilispostasi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 02 Nov 2021 09:33:49 GMT
access-control-allow-methods: HEAD, GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-GraphQL-Event-Stream
x-graphql-event-stream: /graphql/stream
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
content-length: 84

OPTIONS
H/1.1 200
OK graphql
s333.adxpremium.services/ Frame 0
0 56ms
18ms Preflight 152.228.222.122
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s333.adxpremium.services/graphql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3189334.ip-152-228-222.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.dirilispostasi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, POST
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-expose-headers: X-GraphQL-Event-Stream
x-graphql-event-stream: /graphql/stream
date: Tue, 02 Nov 2021 09:33:49 GMT
content-length: 0

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 52ms
16ms Script
text/javascript 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:49 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 03 Nov 2021 09:33:49 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C369 11 KB
5 KB 53ms
16ms Document
text/html 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dirilispostasi.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1983
date: Tue, 02 Nov 2021 09:33:48 GMT
content-length: 4683

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 56ms
28ms XHR
text/javascript 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:49 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 12:34:24 GMT
server: nginx
etag: W/"615af4d0-1535c"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 03 Nov 2021 09:33:49 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame C369 454 B
543 B 16ms
15ms Fetch
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=dirilispostasi.com&sn=ChromeSyncframe&so=0&topUrl=www.dirilispostasi.com&cw=1&lsw=1

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dirilispostasi.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8a867a0e595f08c701d3b730e1379678bdb0b7f7d902ed11868ed92d94193bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dirilispostasi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 02 Nov 2021 09:33:49 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2771
expires: 0

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 613E 926 B
1 KB 74ms
26ms Document
text/html 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/

Response headers

Date: Tue, 02 Nov 2021 09:33:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: laqJbDuIGlSAX+KKZy+mA6CFBrepQUtwSp/SOIfalxdh+pAkLyL6Vfe//LFE8KkRiBppv2x5g5E=
x-amz-request-id: NAFTZRY5HTVEKWW2
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 5883
Expires: Tue, 02 Nov 2021 09:34:50 GMT
Cache-Control: public, max-age=60
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6a7c5d155e502774-PRG
Content-Encoding: gzip

GET
H/1.1 200
OK load-cookie.html Show response
user-sync.adxpremium.services/ Frame 3AEB 8 KB
9 KB 44ms
11ms Document
text/html 178.63.58.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.58.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: tambora
Software: /
Resource Hash: 7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 8606
Content-Type: text/html; charset=utf-8
Expires: 0
Last-Modified: Fri, 26 Feb 2021 09:17:16 GMT
Pragma: no-cache
Vary: Origin
Date: Tue, 02 Nov 2021 09:33:50 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D420 281 B
554 B 37ms
6ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: adxbid.info
URL: https://adxbid.info/dirilispostasi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 02 Nov 2021 09:33:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D420 31 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: cc0f9251eae1dc02876457b1320242979849a2054bc5b8f719f867004673ac3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 09:33:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 15:57:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=20782
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9399
Expires: Tue, 02 Nov 2021 15:20:12 GMT

GET
H3 200 profile.png
www.dirilispostasi.com/users/15510/ 62 KB
63 KB 98ms
98ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15510/profile.png?r=94dbf3224e7369ab36eb65886be4b5f2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d8b6afd58485b3cb0f0e2c75dd24079d48c0351cec251e785e9e36d3e7b53ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 63602
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:28:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "f872-5ba4f8db12077"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G877%2BFI88ZPSX4r8YYkvQKy5ogP%2FR62v1PbbkJXuCZb6WpDSSQcR7O8n4H9CODQeBzVDAOkaJOoFResqtggLDcaESjDFm5z1YUYDiG4KK7pf6jLSNJPtnD4ErroS89BO9%2Fdkbff0hlXh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5d156aef27b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15501/ 50 KB
50 KB 92ms
92ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15501/profile.png?r=94dbf3224e7369ab36eb65886be4b5f2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46153b91cc66cfe6fb21fef98feb45f19db8d3569448c27781b03073cdeef798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50729
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 01:00:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c629-5ba4ffebe16c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnLOOj5aXZN0%2FeoQeaQE96LqXQBxSiEUiZfYwigOaK3BrEvuENWy8tJYim%2BOMk23rOQSuWnEuPTnWT5vrXn%2BG5bcF%2Fx6hbm4QbIKO2GuHBuBnzpSTXc9RSQqCReNpjRV%2FJWfkCaye%2F7C"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5d156af027b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

POST
H/1.1 200
OK cookie_sync Show response
user-sync.adxpremium.services/ Frame 3AEB 2 KB
2 KB 10ms
10ms XHR
application/json 178.63.58.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/cookie_sync
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.58.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: tambora
Software: /
Resource Hash: 0bf94d4b43943e737a7ce6f8dc922a6a51fb0dd0b49dfaab1f3cded516e5b278

Request headers

Referer: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 09:33:50 GMT
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://user-sync.adxpremium.services
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 1838
Expires: 0

GET
H/1.1

200
OK

setuid
rtb.adxpremium.services/ Frame 3AEB
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=5FEC4B7E-00BE-4619-A907-C423ED15D8EA&rurl=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadmixer%26uid%3D%24%24visitor_cookie%24%24
https://rtb.adxpremium.services/setuid?bidder=admixer&uid=97682341382146508fe90527d01c2a92

0
598 B

76ms
76ms

Image
text/plain

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adxpremium.services/setuid?bidder=admixer&uid=97682341382146508fe90527d01c2a92
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://user-sync.adxpremium.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Date: Tue, 02 Nov 2021 09:33:50 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://rtb.adxpremium.services/setuid?bidder=admixer&uid=97682341382146508fe90527d01c2a92
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H3 200 profile.png
www.dirilispostasi.com/users/15501/ 50 KB
50 KB 22ms
22ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15501/profile.png?r=94dbf3224e7369ab36eb65886be4b5f2

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46153b91cc66cfe6fb21fef98feb45f19db8d3569448c27781b03073cdeef798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50729
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 01:00:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c629-5ba4ffebe16c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OFcsjXakrMWLhVsgrVg1nieVejR9UkkSh%2F13%2Fbvmo9vqUJvuH%2FE%2FtxyoI2T9UThZPLM0k4w6ypiDDDTW2nrcXJOzMER8hJaqbMkim40ZSOykvrvMCQcoD%2F%2FR1aW9U7H%2BjdjhlZAjlwJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5d15fc0227b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H3 200 profile.png
www.dirilispostasi.com/users/15510/ 62 KB
63 KB 25ms
25ms Image
image/png 104.21.81.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dirilispostasi.com/users/15510/profile.png?r=94dbf3224e7369ab36eb65886be4b5f2

Requested by

Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.155 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d8b6afd58485b3cb0f0e2c75dd24079d48c0351cec251e785e9e36d3e7b53ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dirilispostasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: HIT
vttl: 3600.000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 63602
x-xss-protection: 1
last-modified: Tue, 02 Feb 2021 00:28:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "f872-5ba4f8db12077"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DK7hnv4g1YrgEIo6gNzFDHFfmJgZxuikOMTuU7YyNzauEqJ%2FeAP2PcvMzElGBm1uvgU8iMofQcFRfhDVoXAf%2FVDZIim5divbSasKs15ZejZpASDW3Pioz9L5YibfQ2zG9Tkpx%2FDGi0fa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6a7c5d160c1227b4-PRG
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits: 1

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame D420
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YYEF-gABepTuXwBR
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYEF-gABepTuXwBR&_test=YYEF-gABepTuXwBR

0
239 B

674ms
168ms

Image
image/gif

8.39.36.141

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYEF-gABepTuXwBR&_test=YYEF-gABepTuXwBR
Protocol: HTTP/1.1
Server: 8.39.36.141 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635845631.552367,VS0,VE0
x-served-by: cache-fra19180-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYEF-gABepTuXwBR&_test=YYEF-gABepTuXwBR
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame D420
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/lYD6J6WFjauxG8AG7yac_8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1470818885593306330

0
239 B

677ms
169ms

Image
image/gif

8.39.36.141

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1470818885593306330
Protocol: HTTP/1.1
Server: 8.39.36.141 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

date: Tue, 02 Nov 2021 09:33:50 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1470818885593306330
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D420
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZIVzhaUlItMTktRFNESw==

170 B
502 B

18ms
18ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZIVzhaUlItMTktRFNESw==

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZIVzhaUlItMTktRFNESw==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame D420 70 B
265 B 105ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame D420
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGIcJKcmkYilFji1QeIacUA&google_cver=1

0
239 B

653ms
161ms

Image
image/gif

8.39.36.141

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGIcJKcmkYilFji1QeIacUA&google_cver=1
Protocol: HTTP/1.1
Server: 8.39.36.141 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGIcJKcmkYilFji1QeIacUA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame D420
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9f5d6181-05fe-4b00-a8c7-d45f03f3d083

0
239 B

651ms
160ms

Image
image/gif

8.39.36.141

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9f5d6181-05fe-4b00-a8c7-d45f03f3d083
Protocol: HTTP/1.1
Server: 8.39.36.141 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 09:33:50 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x16 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9f5d6181-05fe-4b00-a8c7-d45f03f3d083
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 02 Nov 2021 09:33:49 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame D420 0
0 38ms
14ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D420
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTQ0ZDIyZjBmNWYzNDdjYWM1YzJiZjNjY2U2Y2NkYmE2ODVlZWJjMA

170 B
232 B

17ms
17ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTQ0ZDIyZjBmNWYzNDdjYWM1YzJiZjNjY2U2Y2NkYmE2ODVlZWJjMA

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTQ0ZDIyZjBmNWYzNDdjYWM1YzJiZjNjY2U2Y2NkYmE2ODVlZWJjMA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame EB00 2 KB
1 KB 104ms
20ms Document
text/html 185.239.174.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=601760
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.174.234 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: a6575ee168446bf49fa76cbffcaec9821b75c9032105e54ed37a711741ae80d3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://user-sync.adxpremium.services/

Response headers

Server: VertaMedia 1.0
Date: Tue, 02 Nov 2021 09:33:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 836
Access-Control-Allow-Origin: https://user-sync.adxpremium.services
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H2 204 d
ic.tynt.com/r/ Frame 3CE4 0
0 340ms
109ms Document
text/plain 67.202.105.32

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/

Response headers

server: nginx/1.16.1
date: Tue, 02 Nov 2021 09:33:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 4F47 2 KB
1 KB 20ms
20ms Document
text/html 185.239.174.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=651796
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.174.234 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 282891b3961bb82bfa9850b4b003d09b309c4ac8250ee56592172c165047373a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/sync.html?aid=601760

Response headers

Server: VertaMedia 1.0
Date: Tue, 02 Nov 2021 09:33:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 792
Access-Control-Allow-Origin: https://s.adtelligent.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame EB00
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=9be2bca6-c03a-4fa2-abaa-887f6efebd9d

0
407 B

733ms
283ms

Image
text/plain

62.149.0.72

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=9be2bca6-c03a-4fa2-abaa-887f6efebd9d
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: HTTP/1.1
Server: 62.149.0.72 -, , ASN (),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 09:33:50 GMT
Server: VertaMedia 1.0
Etag: 09ce6ed942648654
Content-Length: 0

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=9be2bca6-c03a-4fa2-abaa-887f6efebd9d
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: g01nic2fnn820lgtbavm9a8efcehsisk

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame EB00
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4355608036038888155

0
390 B

748ms
283ms

Image
text/plain

62.149.0.72

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4355608036038888155
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: HTTP/1.1
Server: 62.149.0.72 -, , ASN (),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 09:33:50 GMT
Server: VertaMedia 1.0
Etag: 09ce6ed942648654
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 09:33:50 GMT
X-Proxy-Origin: 216.131.114.193; 216.131.114.193; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 298ceb60-760e-4354-b7a7-1c126a327d4e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4355608036038888155
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

setuid
rtb.adxpremium.services/ Frame EB00
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=09ce6ed942648654

0
714 B

56ms
56ms

Image
text/plain

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=09ce6ed942648654
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Location: https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=09ce6ed942648654
Date: Tue, 02 Nov 2021 09:33:50 GMT
Server: VertaMedia 1.0
Etag: 09ce6ed942648654
Content-Length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9EF4 14 KB
5 KB 38ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=55183
expires: Wed, 03 Nov 2021 00:53:33 GMT
date: Tue, 02 Nov 2021 09:33:50 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9CCE
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
https://eus.rubiconproject.com/usync.html?p=17184-d

281 B
554 B

7ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 02 Nov 2021 09:33:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17184-d
Date: Tue, 02 Nov 2021 09:33:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 4F47
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YYEF-vBe4ibicEmsz5sxIAAA%261154

0
400 B

676ms
279ms

Image
text/plain

62.149.0.72

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YYEF-vBe4ibicEmsz5sxIAAA%261154
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Server: 62.149.0.72 -, , ASN (),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 09:33:50 GMT
Server: VertaMedia 1.0
Etag: 09ce6ed942648654
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 09:33:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YYEF-vBe4ibicEmsz5sxIAAA%261154
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Tue, 02 Nov 2021 09:33:50 GMT

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame 4F47 43 B
323 B 505ms
35ms Image
image/gif 62.149.0.72

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?redir=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 -, , ASN (),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 09:33:50 GMT
Server: VertaMedia 1.0
Etag: 09ce6ed942648654
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9CCE 31 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: cc0f9251eae1dc02876457b1320242979849a2054bc5b8f719f867004673ac3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 09:33:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 15:57:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=20782
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9399
Expires: Tue, 02 Nov 2021 15:20:12 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9EF4 5 KB
6 KB 56ms
13ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1891793&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 50fbe7e63ad914d53bd58833cb045761340bbcb80d638a59bf80537fbd8a08c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:48 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 9CCE 0
239 B 638ms
162ms Image
image/gif 8.39.36.141

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.141 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 6445
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=6CF22D03-EB5C-4A6E-828A-919FC5C88B75
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6CF22D03-EB5C-4A6E-828A-919FC5C88B75

35 B
476 B

17ms
17ms

Document
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6CF22D03-EB5C-4A6E-828A-919FC5C88B75

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 09:33:50 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Tue, 02 Nov 2021 09:33:50 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6CF22D03-EB5C-4A6E-828A-919FC5C88B75
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6B45
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6907008484512410888

42 B
210 B

14ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6907008484512410888
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 09:33:49 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug002:0:369
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6907008484512410888
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3B44
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
111 B

32ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 09:33:50 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug017:0:494
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

date: Tue, 02 Nov 2021 09:33:50 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: Tue, 02 Nov 2021 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2549170

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F908
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7025903482167097497

42 B
385 B

39ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7025903482167097497
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 09:33:50 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug014:0:377
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Tue, 02 Nov 2021 09:33:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7025903482167097497

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 47FF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYEF-gABepTuXwBR&gdpr=0&gdpr_consent=

1 B
237 B

73ms
18ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYEF-gABepTuXwBR&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 09:33:50 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: lhrpug020:0:429
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYEF-gABepTuXwBR&gdpr=0&gdpr_consent=
accept-ranges: bytes
date: Tue, 02 Nov 2021 09:33:50 GMT
via: 1.1 varnish
x-served-by: cache-fra19180-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1635845631.713273,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame D60C
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCNk5FN0RBZ3dBQUROWER0b0NJdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB6NE7DAgwAADNXDtoCIw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAB6NE7DAgwAADNXDtoCIw&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB6NE7DAgwAADNXDtoCIw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...

43 B
163 B

86ms
16ms

Document
image/gif

185.86.137.110

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB6NE7DAgwAADNXDtoCIw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 02 Nov 2021 09:33:51 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Tue, 02 Nov 2021 09:33:51 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB6NE7DAgwAADNXDtoCIw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5212
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
243 B

31ms
17ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 09:33:50 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug018:2:231
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Tue, 02 Nov 2021 09:33:50 GMT
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9B57
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8597210411
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8597210411
https://sync.1rx.io/usersync/tradedesk/c5d92ccb-809b-450c-9f97-3ae42741fa79
https://sync.targeting.unrulymedia.com/csync/RX-1747fa27-a3cb-48d9-b00d-4f9f14d35e8b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1747fa27-a3cb-48d9-b00d-4f9f14d35e8b-003

42 B
308 B

17ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1747fa27-a3cb-48d9-b00d-4f9f14d35e8b-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 09:33:51 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug007:0:444
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Tue, 02 Nov 2021 09:33:51 GMT
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1747fa27-a3cb-48d9-b00d-4f9f14d35e8b-003
etag: RX1747fa27a3cb48d9b00d4f9f14d35e8b003

GET
H2 404 dpe Show response
ad4m.at/ad/ Frame 146B 15 B
915 B 77ms
30ms Document
text/plain 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a7c5d184d5b2778-PRG

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B362
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=UMFdhe7GkMfhaKGWmp4cXv8d

42 B
111 B

30ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=UMFdhe7GkMfhaKGWmp4cXv8d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 09:33:50 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug008:0:1439
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Tue, 02 Nov 2021 09:33:50 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=UMFdhe7GkMfhaKGWmp4cXv8d
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame E836 43 B
408 B 113ms
25ms Document
image/gif 72.251.241.196
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Tue, 02 Nov 2021 09:33:50 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-5
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4054
Redirect Chain

https://core.iprom.net/cookiesync
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:282120941244716

42 B
110 B

17ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:282120941244716
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 09:33:50 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug020:0:468
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Vary: Accept-Encoding
X-adserver-worker: komodo-8d2a012d0885@version_1.341
Connection: close
X-server-arch: v2
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:282120941244716
Content-Type: text/html; charset=utf-8
Content-Length: 287
X-core-time: 0ms
Date: Tue, 02 Nov 2021 09:33:50 GMT

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame CFEF 0
44 B 435ms
95ms Document
text/plain 169.197.150.8

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 -, , ASN (),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Tue, 02 Nov 2021 09:33:50 GMT
server: b

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 668C
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1bf0d0e7-1a8b-4b58-8bc4-40586cc34719-tuct87a8b7e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
54 B

25ms
16ms

Document
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1bf0d0e7-1a8b-4b58-8bc4-40586cc34719-tuct87a8b7e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Tue, 02 Nov 2021 09:33:50 GMT
via: 1.1 varnish
x-served-by: cache-hhn4057-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1635845631.766589,VS0,VE11
content-length: 0

Redirect headers

server: nginx
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1bf0d0e7-1a8b-4b58-8bc4-40586cc34719-tuct87a8b7e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Tue, 02 Nov 2021 09:33:50 GMT
via: 1.1 varnish
x-served-by: cache-hhn4057-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1635845631.740046,VS0,VE8
x-vcl-time-ms: 8
content-length: 0

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame E667 0
407 B 618ms
283ms Document
text/plain 62.149.0.72

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=6CF22D03-EB5C-4A6E-828A-919FC5C88B75
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 -, , ASN (),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Server: VertaMedia 1.0
Date: Tue, 02 Nov 2021 09:33:50 GMT
Content-Length: 0
Etag: 1b3052161a06b077

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9EF4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bPItA-tcSm6CipGfxciLdQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

10ms
7ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=55183
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Wed, 03 Nov 2021 00:53:33 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9f5d6181-05fe-4b00-a8c7-d45f03f3d083

0
260 B

77ms
17ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9f5d6181-05fe-4b00-a8c7-d45f03f3d083
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 02 Nov 2021 09:33:50 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x5 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9f5d6181-05fe-4b00-a8c7-d45f03f3d083
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 02 Nov 2021 09:33:49 GMT

GET
H/1.1

200
OK

33141
tags.bluekai.com/site/ Frame 9EF4
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=6CF22D03-EB5C-4A6E-828A-919FC5C88B75
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b2984f1e605a3ed4d5f0e43fb51c7e73
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=678743cbd28b04a1

62 B
304 B

393ms
157ms

Image
image/gif

104.111.215.191

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=678743cbd28b04a1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Server: 104.111.215.191 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 09:33:51 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=678743cbd28b04a1
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkNGMjJEMDMtRUI1Qy00QTZFLTgyOEEtOTE5RkM1Qzg4Qjc1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
187 B

45ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:345
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA-225urQ8y4RlLTqP57gDc&google_cver=1

42 B
361 B

48ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA-225urQ8y4RlLTqP57gDc&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
cache-control: no-store, no-cache, private
x-lat: amspug011:0:2077
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA-225urQ8y4RlLTqP57gDc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 9EF4 43 B
612 B 53ms
12ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 01 Nov 2021 09:33:50 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9f5d6181-05fe-4b00-a8c7-d45f03f3d083&gdpr=0&gdpr_consent=

42 B
341 B

33ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9f5d6181-05fe-4b00-a8c7-d45f03f3d083&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug022:0:504
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 02 Nov 2021 09:33:50 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x9 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9f5d6181-05fe-4b00-a8c7-d45f03f3d083&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 02 Nov 2021 09:33:49 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cb0152cf-2098-4929-aeb8-197baf46b2cd

42 B
292 B

18ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cb0152cf-2098-4929-aeb8-197baf46b2cd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:958
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cb0152cf-2098-4929-aeb8-197baf46b2cd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8506709660684975894

42 B
234 B

17ms
16ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8506709660684975894
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:426
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8506709660684975894
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4355608036038888155&gdpr=0&gdpr_consent=

42 B
520 B

58ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4355608036038888155&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:49 GMT
cache-control: no-store, no-cache, private
x-lat: amspug010:0:425
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 09:33:50 GMT
X-Proxy-Origin: 216.131.114.193; 216.131.114.193; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: db917987-a5f1-4154-aac2-f16c6827d181
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4355608036038888155&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EBD15BYUq7ALQ6_mFUTg5BNFqOILGPvsRxnctkLI

42 B
273 B

26ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EBD15BYUq7ALQ6_mFUTg5BNFqOILGPvsRxnctkLI
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:49 GMT
cache-control: no-store, no-cache, private
x-lat: amspug017:0:401
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EBD15BYUq7ALQ6_mFUTg5BNFqOILGPvsRxnctkLI
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6CF22D03-EB5C-4A6E-828A-919FC5C88B75&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Mi0SDjpE2uUPhcfceKSerkw4g.GH5Ww-~A&gdpr=0&gdpr_consent=

0
48 B

40ms
17ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Mi0SDjpE2uUPhcfceKSerkw4g.GH5Ww-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 02 Nov 2021 09:33:50 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Mi0SDjpE2uUPhcfceKSerkw4g.GH5Ww-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 6CF22D03-EB5C-4A6E-828A-919FC5C88B75
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9EF4 43 B
875 B 35ms
34ms Image
image/gif 52.18.234.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/6CF22D03-EB5C-4A6E-828A-919FC5C88B75?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.234.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-234-75.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=489ee382-0604-447b-93b2-7932e9258f7b
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk2c696f4f-a858-4b1f-a4e3-e2f7b3083a4f&expires=7&user_group=5&ssp=pubmatic&bsw_param=489ee382-0604-447b-93b2-7932e9258f7b
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=489ee382-0604-447b-93b2-7932e9258f7b&gdpr=&gdpr_consent=&gdpr_pd=

1 B
181 B

17ms
17ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=489ee382-0604-447b-93b2-7932e9258f7b&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:51 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:635
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=489ee382-0604-447b-93b2-7932e9258f7b&gdpr=&gdpr_consent=&gdpr_pd=
Date: Tue, 02 Nov 2021 09:33:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2669381476336386478&gdpr=0&gdpr_consent=&us_privacy=

1 B
169 B

18ms
17ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2669381476336386478&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:454
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2669381476336386478&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 9EF4 0
104 B 67ms
23ms Image
text/plain 89.207.16.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6CF22D03-EB5C-4A6E-828A-919FC5C88B75&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.137 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams03-usadmm.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=45c10386-9b23-40d8-83a8-a29eb9707e10-618105ff-5553&gdpr=0&gdpr_consent=

42 B
232 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=45c10386-9b23-40d8-83a8-a29eb9707e10-618105ff-5553&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:49 GMT
cache-control: no-store, no-cache, private
x-lat: amspug005:0:450
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:50 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=45c10386-9b23-40d8-83a8-a29eb9707e10-618105ff-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:437600c9-9b52-4f5b-be6c-7e0afc17b990&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

18ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:437600c9-9b52-4f5b-be6c-7e0afc17b990&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:510
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:437600c9-9b52-4f5b-be6c-7e0afc17b990&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Tue, 02 Nov 2021 09:33:50 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9EF4
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4355608036038888155

42 B
187 B

17ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4355608036038888155
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:51 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:269
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 09:33:51 GMT
X-Proxy-Origin: 216.131.114.193; 216.131.114.193; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 511e8744-7ef9-46de-865f-1546bf284529
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4355608036038888155
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame 9EF4 35 B
238 B 286ms
30ms Image
image/gif 54.228.52.99

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.52.99 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:51 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 57BF 1 KB
935 B 74ms
38ms Document
text/html 172.67.8.174

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.8.174 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://user-sync.adxpremium.services/

Response headers

date: Tue, 02 Nov 2021 09:33:51 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a7c5d1e08c3f9de-PRG
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 2D3E 0
0 41ms
32ms Document
text/plain 172.67.8.174

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.8.174 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.connectad.io/

Response headers

date: Tue, 02 Nov 2021 09:33:51 GMT
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a7c5d1e6936f9de-PRG

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0460 14 KB
5 KB 11ms
11ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://user-sync.adxpremium.services/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=55182
expires: Wed, 03 Nov 2021 00:53:33 GMT
date: Tue, 02 Nov 2021 09:33:51 GMT
vary: Accept-Encoding

GET
H/1.1 204
No Content merge
ce.lijit.com/ Frame 3AEB 0
492 B 83ms
31ms Image
text/plain 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=247505&3pid=247505&us_privacy=&gdpr=1&gdpr_consent=&location=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%5BSOVRNID%5D%0A
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://user-sync.adxpremium.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 09:33:51 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 06acb78a4245d8ec Show response
ads.us.e-planning.net/uspd/1/ Frame 1DA9 13 B
92 B 56ms
15ms Document
text/html 46.249.52.248

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/06acb78a4245d8ec?ruidm=1&du=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://user-sync.adxpremium.services/

Response headers

server: openresty
date: Tue, 02 Nov 2021 09:33:51 GMT
content-type: text/html
content-length: 13
x-sid: AMS-745

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D1B9 281 B
554 B 13ms
12ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://user-sync.adxpremium.services/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 02 Nov 2021 09:33:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D1B9 31 KB
10 KB 23ms
22ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: cc0f9251eae1dc02876457b1320242979849a2054bc5b8f719f867004673ac3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 09:33:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 15:57:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=20780
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9399
Expires: Tue, 02 Nov 2021 15:20:12 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame D1B9 0
239 B 164ms
163ms Image
image/gif 8.39.36.141

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.141 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

GET
H/1.1

200
OK

setuid
rtb.adxpremium.services/ Frame 3AEB
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=1&gdpr_consent=&uid=3966584620220902299

0
822 B

39ms
39ms

Image
text/plain

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=1&gdpr_consent=&uid=3966584620220902299
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://user-sync.adxpremium.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 09:33:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=1&gdpr_consent=&uid=3966584620220902299
date: Tue, 02 Nov 2021 09:33:52 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 9EF4 0
260 B 57ms
14ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:33:51 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

70 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bildirt.com/	1970-01-19 22:24:07	Name: __cf_bm Value: NcNU52RQx9dGoDypNdgaHl4NB3bu4eL.nZY.tAmBIWM-1635845626-0-AfWhtMYhq1s/IyN5KVcmu7JPsVqLk1opGiMnfV2uNuI2iBvAn5LK3UAuJDrDEHtOOShSYZnklVezVaN1ngir70Y=
.dirilispostasi.com/	1970-01-19 22:24:07	Name: __asc Value: b1523de417cdfff5ad5e7cecfd0
.dirilispostasi.com/	1970-01-20 07:11:08	Name: __auc Value: b1523de417cdfff5ad5e7cecfd0
.lijit.com/	1970-01-20 07:09:41	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
.www.dirilispostasi.com/	1970-01-20 15:55:17	Name: _ga Value: GA1.3.1138391424.1635845627
.www.dirilispostasi.com/	1970-01-19 22:25:32	Name: _gid Value: GA1.3.254866413.1635845627
.www.dirilispostasi.com/	1970-01-19 22:24:05	Name: _gat_gtag_UA_68569869_1 Value: 1
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVU0xwYaQOmrhRqqeZLqNjo/KQRqovVOnYX6pF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6pEKddU6r/VKLaWVv/VO/a+hEPPQ==
.rubiconproject.com/	1970-01-20 07:09:41	Name: khaos Value: KVHW8ZRR-19-DSDK
.rubiconproject.com/	1970-01-20 07:09:41	Name: audit Value: 1\|SDziDG3X/EjincDLAXykeB887VTbg5qtQ6+jxy+j5/bHCzLvXYfjao24+wD5EEDXhf2J/f6H8r5ymPvo8pleP9oy+mh9GtMOAFMci+Bwpm4=
www.dirilispostasi.com/	1970-01-19 23:50:29	Name: info-datapolicy Value: true
.dirilispostasi.com/	1970-01-20 07:45:41	Name: __gads Value: ID=1115252518876964-22dbd16c09cb0053:T=1635845627:S=ALNI_Ma3HS8PeWnqhSUZ6KT1B_VFrd_zDw
.criteo.com/	1970-01-20 07:45:41	Name: uid Value: 5ea69e2c-2e9e-4021-83ba-ba6657115b0d
.dirilispostasi.com/	1970-01-20 07:45:41	Name: cto_bundle Value: 65ltXV9GUDElMkZRdWNSanc3Vk05bkp5ZXk4MFVoYm5RM0lLNnVPUGtLWUxzWWpDMzBweDZ4d2JhVE8xOE9pTkxDTUh0b3ZxOEZyR2FjdEZTcmpBS1VjdU9SbDZLU1FmZEs1bUVXJTJCWHdlV2EwaUR4RXVuUzh2emFBQSUyQlRNanpGYnF3Q3pLYVZOaklHRGV6RzVYJTJCR01VYlZvJTJGSnFlRjVWYUJxNUpVZGp2cE9rVDZ6czJVJTNE
.admixer.net/	1970-01-20 15:55:17	Name: am-uid Value: 97682341382146508fe90527d01c2a92
rtb.adxpremium.services/	1970-01-20 00:33:41	Name: SSCookie Value: 1
.adxpremium.services/	1970-01-20 00:33:41	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZG1peGVyIjp7InVpZCI6Ijk3NjgyMzQxMzgyMTQ2NTA4ZmU5MDUyN2QwMWMyYTkyIiwiZXhwaXJlcyI6IjIwMjEtMTEtMTZUMTA6MzM6NTAuMzk1OTQ4NTI4KzAxOjAwIn19LCJiZGF5IjoiMjAyMS0xMS0wMlQxMDozMzo1MC4zOTU5NDIwNzcrMDE6MDAifQ==
.doubleclick.net/	1970-01-20 15:55:17	Name: IDE Value: AHWqTUkuLDKlFd3Lv113WkNaCFEDN5q6q7fuMfU2xSOyRH_4yGzlTwbx4xwNTzgFXT8
.mathtag.com/	1970-01-20 07:50:00	Name: uuid Value: 9f5d6181-05fe-4b00-a8c7-d45f03f3d083
.everesttech.net/	1970-01-20 07:09:41	Name: everest_g_v2 Value: g_surferid~YYEF-gABepTuXwBR
.adnxs.com/	1970-01-20 00:33:41	Name: uuid2 Value: 4355608036038888155
.openx.net/	1970-01-20 07:09:41	Name: i Value: 71900c30-d022-43bc-9af0-80828b824ced\|1635845630
.casalemedia.com/	1970-01-20 07:09:41	Name: CMID Value: YYEF-vBe4ibicEmsz5sxIAAA
.casalemedia.com/	1970-01-20 00:33:41	Name: CMPS Value: 3204
.ads.pubmatic.com/	1970-01-19 22:25:32	Name: KCCH Value: YES
.casalemedia.com/	1970-01-20 00:33:41	Name: CMPRO Value: 1154
.casalemedia.com/	1970-01-19 22:25:32	Name: CMST Value: YYEF-mGBBf4A
.pubmatic.com/	1970-01-20 00:33:41	Name: KADUSERCOOKIE Value: 6CF22D03-EB5C-4A6E-828A-919FC5C88B75
.pubmatic.com/	1970-01-20 00:33:41	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 22:25:32	Name: pi Value: 156813:2
.pubmatic.com/	1970-01-20 00:33:41	Name: DPSync3 Value: 1637020800%3A201_197_219%7C1635897600%3A174
.pubmatic.com/	1970-01-20 00:33:41	Name: SyncRTB3 Value: 1636416000%3A2_223_15%7C1638403200%3A203%7C1636675200%3A63%7C1637020800%3A88_222_161_8_166_204_230_3_56_81_13_165_238_220_21_99_7_54_71_189_55_231_22_234%7C1637107200%3A35
.adfarm1.adition.com/	1970-01-20 00:33:41	Name: UserID1 Value: 7025903482167097497
.taboola.com/	1970-01-20 07:09:41	Name: t_gid Value: 1bf0d0e7-1a8b-4b58-8bc4-40586cc34719-tuct87a8b7e
.adform.net/	1970-01-19 23:07:17	Name: C Value: 1
.bidswitch.net/	1970-01-20 07:09:41	Name: tuuid Value: 489ee382-0604-447b-93b2-7932e9258f7b
.bidswitch.net/	1970-01-20 07:09:41	Name: c Value: 1635845630
.bidswitch.net/	1970-01-20 07:09:41	Name: tuuid_lu Value: 1635845630
.erne.co/	1970-01-20 07:09:41	Name: u Value: UMFdhe7GkMfhaKGWmp4cXv8d
.quantserve.com/	1970-01-20 00:33:41	Name: d Value: ELQBCwHQJPijAA
.quantserve.com/	1970-01-20 07:54:20	Name: mc Value: 618105fe-bb33e-15de7-969a8
.simpli.fi/	1970-01-20 07:11:08	Name: suid Value: D6A1CB0FA1E149C1B4BFFE2D94AFBC0C
.analytics.yahoo.com/	1970-01-20 07:11:08	Name: IDSYNC Value: 18z8~21ax
.yahoo.com/	1970-01-20 07:10:03	Name: A3 Value: d=AQABBP4FgWECEKPCGKqdnB7Sd9MNt5vGrNkFEgEBAQFXgmGKYQAAAAAA_eMAAA&S=AQAAAqRrxuKVBvlDnnsuWwfIm-A
.onaudience.com/	1970-01-20 07:09:41	Name: cookie Value: a6067408a9065edd
.onaudience.com/	1970-01-19 22:25:32	Name: done_redirects104 Value: 1
.adform.net/	1970-01-19 23:50:29	Name: uid Value: 3966584620220902299
.de17a.com/	1970-01-20 07:02:29	Name: guid2 Value: 1.6907008484512410888
.turn.com/	1970-01-20 02:43:17	Name: uid Value: 2669381476336386478
.pubmatic.com/	1970-01-19 23:07:17	Name: KRTBCOOKIE_1101 Value: 23040-7025903482167097497
.pubmatic.com/	1970-01-20 00:33:41	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 00:33:41	Name: KRTBCOOKIE_218 Value: 4056-YYEF-gABepTuXwBR&KRTB&22978-YYEF-gABepTuXwBR&KRTB&23194-YYEF-gABepTuXwBR&KRTB&23209-YYEF-gABepTuXwBR
.pubmatic.com/	1970-01-20 07:09:41	Name: KRTBCOOKIE_27 Value: 16735-uid:9f5d6181-05fe-4b00-a8c7-d45f03f3d083&KRTB&16736-uid:9f5d6181-05fe-4b00-a8c7-d45f03f3d083&KRTB&23019-uid:9f5d6181-05fe-4b00-a8c7-d45f03f3d083&KRTB&23114-uid:9f5d6181-05fe-4b00-a8c7-d45f03f3d083
.pubmatic.com/	1970-01-19 23:07:17	Name: KRTBCOOKIE_391 Value: 22924-8506709660684975894&KRTB&23263-8506709660684975894
.pubmatic.com/	1970-01-20 00:33:41	Name: KRTBCOOKIE_57 Value: 22776-4355608036038888155
.pubmatic.com/	1970-01-20 00:33:41	Name: KRTBCOOKIE_153 Value: 19420-EBD15BYUq7ALQ6_mFUTg5BNFqOILGPvsRxnctkLI&KRTB&22979-EBD15BYUq7ALQ6_mFUTg5BNFqOILGPvsRxnctkLI
.pubmatic.com/	1970-01-20 00:33:41	Name: KRTBCOOKIE_80 Value: 22987-CAESEA-225urQ8y4RlLTqP57gDc&KRTB&16514-CAESEA-225urQ8y4RlLTqP57gDc&KRTB&23025-CAESEA-225urQ8y4RlLTqP57gDc
.pubmatic.com/	1970-01-19 23:07:17	Name: SPugT Value: 1635845629
.pubmatic.com/	1970-01-19 23:07:17	Name: KRTBCOOKIE_22 Value: 14911-2669381476336386478
.pubmatic.com/	1970-01-19 23:07:17	Name: KRTBCOOKIE_336 Value: 5844-6907008484512410888
.iprom.net/	1970-01-20 02:43:17	Name: UID Value: 282120941244716
.adsrvr.org/	1970-01-20 07:09:41	Name: TDID Value: c5d92ccb-809b-450c-9f97-3ae42741fa79
.adsrvr.org/	1970-01-20 07:09:41	Name: TDCPM Value: CAEYBSABKAIyCwje6OrB0_uOOhAFOAE.
.pubmatic.com/	1970-01-20 00:33:41	Name: KRTBCOOKIE_377 Value: 6810-cb0152cf-2098-4929-aeb8-197baf46b2cd&KRTB&22918-cb0152cf-2098-4929-aeb8-197baf46b2cd&KRTB&23031-cb0152cf-2098-4929-aeb8-197baf46b2cd
.pubmatic.com/	1970-01-19 23:07:17	Name: PugT Value: 1635845630
.adsby.bidtheatre.com/	1970-01-19 22:34:10	Name: __kuid Value: 437600c9-9b52-4f5b-be6c-7e0afc17b990.405059630
.1rx.io/	1970-01-20 07:09:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1747fa27-a3cb-48d9-b00d-4f9f14d35e8b-003%22%7D
.bidr.io/	1970-01-20 07:52:39	Name: bito Value: AAB6NE7DAgwAADNXDtoCIw
.bidr.io/	1970-01-20 07:52:39	Name: bitoIsSecure Value: ok
ads.playground.xyz/	1970-01-19 22:34:01	Name: connect.sid Value: s%3AmY8oQFbOk3sUywfIYf8_LcwfsoyLQx-5.5SLd3R%2FpXgZ9gKGMTrEN%2FWGLQCCjPuY8mQJYfLir9yQ

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.dirilispostasi.com/ Message: Failed to decode downloaded font: https://file.daktilo.com/themes/enerjik/assets/font/clan-black/clan-black.woff2
other	warning	URL: https://www.dirilispostasi.com/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.dirilispostasi.com/ Message: Failed to decode downloaded font: https://file.daktilo.com/themes/enerjik/assets/font/clan-black/clan-black.woff
other	warning	URL: https://www.dirilispostasi.com/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.dirilispostasi.com/ Message: Failed to decode downloaded font: https://file.daktilo.com/themes/enerjik/assets/font/clan-black/clan-black.woff2
other	warning	URL: https://www.dirilispostasi.com/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.dirilispostasi.com/ Message: Failed to decode downloaded font: https://file.daktilo.com/themes/enerjik/assets/font/clan-black/clan-black.woff
other	warning	URL: https://www.dirilispostasi.com/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142 Message: Failed to decode downloaded font: https://file.daktilo.com/themes/enerjik/assets/font/clan-black/clan-black.woff2
other	warning	URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142 Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142 Message: Failed to decode downloaded font: https://file.daktilo.com/themes/enerjik/assets/font/clan-black/clan-black.woff
other	warning	URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1632226142 Message: OTS parsing error: invalid sfntVersion: 1008813135
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adx.adform.net
adxbid.info
ap.lijit.com
bh.contextweb.com
bidder.criteo.com
biddr.brealtime.com
c1.adform.net
cdn.connectad.io
cdn2.bildirt.com
ce.lijit.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
core.iprom.net
csync.loopme.me
d5p.de17a.com
dirilispostasi.com
dis.criteo.com
dsp.adfarm1.adition.com
eus.rubiconproject.com
event.clientgear.com
f8316f82c44bf0ade3e28aab794d6b80.safeframe.googlesyndication.com
fastlane.rubiconproject.com
file.daktilo.com
fonts.googleapis.com
fonts.gstatic.com
green.erne.co
gum.criteo.com
hb.emxdgt.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
pubmatic-match.dotomi.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.openx.net
s.adtelligent.com
s333.adxpremium.services
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
static.daktilo.com
static.dirilispostasi.com
statistics.daktilo.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.crwdcntrl.net
sync.mathtag.com
sync.targeting.unrulymedia.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
user-sync.adxpremium.services
www.dirilispostasi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
104.109.78.125
104.111.215.191
104.17.120.107
104.21.54.3
104.21.81.155
104.26.11.209
104.26.2.13
135.125.163.79
142.250.184.202
142.250.184.232
142.250.185.110
142.250.185.131
142.250.185.161
142.250.185.162
142.250.185.226
142.250.185.66
142.250.186.97
142.250.186.98
143.204.98.34
143.204.98.84
146.0.227.110
15.197.193.217
151.101.129.44
151.101.66.49
152.228.222.122
157.90.162.130
159.65.196.12
162.55.6.212
169.197.150.8
169.50.137.190
172.217.18.100
172.67.168.180
172.67.8.174
178.250.0.163
178.250.0.165
178.250.2.130
178.250.2.146
178.63.58.93
18.195.106.43
18.196.230.57
185.184.8.65
185.239.174.234
185.29.134.248
185.64.189.110
185.64.190.80
185.64.190.81
185.86.137.110
195.5.165.20
198.148.27.140
198.47.127.19
198.47.127.20
2.18.233.180
2.18.234.21
2.19.35.65
213.155.156.185
213.19.147.44
213.19.162.61
216.52.2.48
3.126.56.137
31.13.92.14
31.13.92.36
34.98.107.212
35.186.253.211
35.244.174.68
37.157.2.236
37.157.3.30
37.252.172.249
37.252.173.38
46.228.164.11
46.249.52.248
47.252.78.131
51.210.112.236
52.16.151.94
52.18.234.75
52.30.14.23
54.228.52.99
54.68.24.0
62.149.0.72
66.155.71.149
67.202.105.32
69.173.144.139
72.251.241.196
74.125.206.155
8.39.36.141
85.114.159.93
87.98.252.5
89.207.16.137
91.228.74.133
02028400f9459a6c0b8cbb3078f8a28b52bc507c546b4410a9f246d630ef0fa7
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9195ec1dc5166f2479d1a99bee946d82ba8c598b6956768bd87d5baee169f5
0bf94d4b43943e737a7ce6f8dc922a6a51fb0dd0b49dfaab1f3cded516e5b278
0cf3a5008961349ee05b79d0c049571b8d62dae4be1b30e8a2c126d3451b42a0
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11aee507ab8b3c466a74a9448c5ba338d01f6e975b1416877ea538cc8a4a024c
1690df79e4c5b68aa12c2659f6c8ae520a388c69aa8c1d062951c8f872a82717
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b53acf968b8c20c679009796dc1ba040f1c99a21971ba10132e72447560d39e
1b678ece14665fdba161a0b4f85e7e9e418a933dad47bd037689f2864aeaaf39
1bf12425484fc8bb8c84eb400148ab1496c29e000099c32399b454fc19c4aaa6
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23d968342a52b86e5f3bba69ab439e051c1447c1ea8655135c2e014bb8c6c887
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e
282891b3961bb82bfa9850b4b003d09b309c4ac8250ee56592172c165047373a
28ac09cfe965e34c508b679e78aa959a9cb6428e433854f1b9ac8235cd5c13fd
2b8fac4d734250d5499f26ae86ce1f66db96233f00fa15dd8ec9ffeef640de6f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa
2efdf04197bc7313ba31945803d26df637a9ad77f2d0404d02002cc2ac399316
2f7cab390c3bc03c41f85c17745468a81cbc99f8ef3773067c1f5fae0507a929
32872225c70cc59428eea5fa412b86aa82e4f73ac5fa20fbe34ee1702ba270aa
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
339271ce58381e7ecae6e2473e94c67f654d6937b91b06eadf0491f71b6f8988
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37f74cce0e13cd5c682ec490ad3acd9edcca50a6f4230f143ee50f39265cd3bd
3823ce03c0b78ef3ea0090a9a2188b75c624b02511d511e1d0431a94bb7503ca
3a000d7b52013285300c93c06b9c521bbca07876311bdba9c74865e7eac09411
3dd180f87ad8874dd022a7404080cf330a4e7528bb33e1c463e4445821ece64e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42be02f17cb64f4dd2d61f31745259c3337eb0bd5e6a21e49e6dc1b01e680acf
46153b91cc66cfe6fb21fef98feb45f19db8d3569448c27781b03073cdeef798
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b3624e2efd42093333ad8726f17f327bd0700c311102e2ebba727323842224
4cb560f981f79a604d992adba3c8b6b25696c5cfae2766aafb9545c9eaa9c91f
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50f6e7ec759bf6204125f85f9b45e9af4095db7483d0a2662b69fb3ceb4d866b
50fbe7e63ad914d53bd58833cb045761340bbcb80d638a59bf80537fbd8a08c4
5548e7bf67ad28b3313166b6b3ba8952f8affaba0d965588714e52a703c502d7
5558f5c4e4a5329b7e54650eeb2bbed81face6995ef34330699ea3afc182d79f
5a1728d103615f24959aef10e6c07852e69a9de48154ab7969e5b4bdc45c49a3
5aed2e8823485a006191e09f072ca593850e58a644d8e725342aef9b6e900c79
5db6085b7a168d5a119ef2aefd5a16fb05ff1221ebac9502fe1c3a1653b112ba
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6112ba1ac1bc81a61072c7e5283c14eadf82df9d160a14b47815efb03cd97181
6496c21ab9a060bc214dc3f26c2351428e8ca5a6f17ea28aaeeaf5cc6c439f16
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c17caac6b626fb46723be0d7b0fadaae4267cbb073476a5cea8513224ac983a
73b9d17bca34ee42e0ab48ccdcd2f781661154faafcb0062e0960be2932e69f2
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876
792f67bffc9b185a4692aae847d00b0da9ce0e7bf15e5ec8b06e30d3d4dca14d
82ae827c1f62fef600a4a278f2ad6e853eff41c8bc30138183069dc22ebc3a2e
82d1541718d111ca3cedfa19d71ce915d67627411b25f8aada61b29d83efdc6e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f28a147c3083b02d80fc6414943eb9bb09078f80dfcc4cb186984bd48de6a9
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
870dbf40335b39544282ec53531ca7e2ab743d993532564a9bdc9a1525033658
881fa6557273870b40229cb66f41074c5f403bb3a429fa2a3dacce3138e194e5
88262900acfae9706f3c553a10d01618c831101a13b0732e6fe320a89347f868
888c948c04758f9c12dfb349742432a079c2d43437fba3995a25d67ec1e36605
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a867a0e595f08c701d3b730e1379678bdb0b7f7d902ed11868ed92d94193bc4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8b6afd58485b3cb0f0e2c75dd24079d48c0351cec251e785e9e36d3e7b53ce
9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
99f85bb1561780bb367bb8f4aa78c54d69343a78f4663e1c5bc3ade9e113cdbd
9a03d3a806546e1937db6524c19e1f7d7526d703e8b4c383578bd92bb4cb4af9
9c8a21034f51d8201272a01bb5d2d3c8a145c2af81c666b485fe01c7eda0f0c7
9dec4fa6ed5dbbf55104ab4110219596c1ab4e24e93fc6d555274259755cf365
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6575ee168446bf49fa76cbffcaec9821b75c9032105e54ed37a711741ae80d3
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9c13ba4ee6c21affcb0f73c3626d624b415c6cdb7324fe66debe892d1ba56db
ad1857dab3b3a6df8f23e0cd12e432fff263a32018179508adcd35435cade9c0
addafed55440417387efe20a34c33d11986c189c3e3b9b372c741906bd8b3ddf
b2b246c4e0273f5b16b399dc86f475784750e5c5ec3f6420ec6ef8e5ce8abf11
b2cf0b008fafdc10d9c2ea0d65e6d08ff736b7f62ad1eba4c26b4b784885975e
b448446e0e9bcadc01d54b55d28469282d21d55e98fab894c289192ba62b0478
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc25c0d97b10b29eb787f94219f68edb0260b17f6ab04d352036d6d6986adbd5
bdf67765c60015829cb24b0ff8c4d3bea9b7a975aeec000509c51da255220423
bf8769b24b731813089629141326e76ba98d8be46bca2c32f9d57fd7f87607bc
c3d0397b0d3fc615e614e79928948e1e3d939d6ce04c76990c029a5d18c99dd7
c3d504f7b9ae939a0b5345ed47aeb39a589edaaa6bc34249de226bc80ddbaf2b
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
c4a44608a4cf8dfd8c83b7513034a4a79b3c0f48d24fab02ee0c93fc6157289f
c5770c07dcdf5d9cdbd185c432d005a141e25d1c40d244e980aa532f8e0268cf
c5dee60a7fe01659342fe73a809397d4ca37a516ff64f8ac718f1f3a666f673b
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c76f06ea95766ce0f9668a9a1c1cd0a8997f90d22d5954561be31fec5fedc158
c9fcb8c60299a0f1f19a807cea24adb48bfdba18538ea0572f05b94909117183
cade94456a7074110d8ebae763596cfdb021d73c155ab6f62cfd970bf981b2cc
cc0f9251eae1dc02876457b1320242979849a2054bc5b8f719f867004673ac3f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce376d1b9da80ea635b9cfb0b6991d1196a80843b24d3a60076be10f96d92b87
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba
d8a04ffe61a6832af353accfb7017356ff61250608fe8a009a185618ab2341f1
d931ebcabebf4e36b0e361f058a5e60305ba8cc2c0fb34e331d9b62e6eb91038
d965a96f60e99f7d752540182395d3a2d73113d25bffe01abc4415273d7338d3
db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e38c80324ccc60f3e3c245d863b60c98b847fddf976a8d8a8af072d34385c0fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47770b0d2b319163a7f0d742568f1457aa0c4051c6f7150399831a656b237b4
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
eb18c90f79e9bb67d5a0051a7a907ee094925d96176749d3d2916b1d36f621b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00deb4d11fa67f46444168d9384c708dcc1d6ee3b1d756329f4b1656a4857d8
f1bb5797d9b787b5eb6dcfb2f86aad70f4971a989f0567fa38e61e8f0bdae678
f1d247ab10257646ac4ea9aa1f9c3f80689e29a6db3e3c4ef77489789c59237f
f1e68817dd28f4deed45c0454c7959072d0217ceca38384e27db851024de7a35
f2ce8b09ebd9244a50af55a930614aef2ae1c39e96a5275a80af8523c5404ea5
f866a109e8db92ae71e373067c499aa1be704dfc8f33344d1ecf9b8f0e966be9
f97da891736b0d9d1b5666f39c9db226662e8ee06267c7965a14dca09d4c9b1d
fa55c36f3e35d437f85beba6567525bfad38980b5458136d8482dbc0056ad8cf
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.dirilispostasi.com Open in urlscan Pro 104.21.81.155 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

209 Requests

87 %HTTPS

0 %IPv6

65 Domains

96 Subdomains

60 IPs

11 Countries

3009 kBTransfer

4628 kBSize

70 Cookies

9 Outgoing links

Page URL History

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.dirilispostasi.com Open in urlscan Pro
104.21.81.155 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

87 %
HTTPS

0 %
IPv6

65
Domains

96
Subdomains

60
IPs

11
Countries

3009 kB
Transfer

4628 kB
Size

70
Cookies

209 HTTP transactions
0 data transactions