taraftarium24.blogfree.net Open in urlscan Pro
195.201.63.185 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://taraftarium24.blogfree.net/?t=6273459
Submission: On May 05 via manual (May 5th 2021, 12:45:38 pm UTC) from TR

Summary HTTP 141 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 44 IPs in 10 countries across 32 domains to perform 141 HTTP transactions. The main IP is 195.201.63.185, located in Germany and belongs to HETZNER-AS, DE. The main domain is taraftarium24.blogfree.net.
TLS certificate: Issued by R3 on March 12th 2021. Valid for: 3 months.

This is the only time taraftarium24.blogfree.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	195.201.63.185 195.201.63.185	24940 (HETZNER-AS) (HETZNER-AS)
23	95.216.245.43 95.216.245.43	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4	95.217.108.170 95.217.108.170	24940 (HETZNER-AS) (HETZNER-AS)
11	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	81.88.48.90 81.88.48.90	39729 (REGISTER-AS) (REGISTER-AS)
1	104.109.85.134 104.109.85.134	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2 2	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
2	81.88.48.83 81.88.48.83	39729 (REGISTER-AS) (REGISTER-AS)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	185.86.138.16 185.86.138.16	201081 (SMARTADSE...) (SMARTADSERVER)
2 7	20.73.120.41 20.73.120.41	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.237.122 104.111.237.122	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
6	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
5 5	35.156.245.144 35.156.245.144	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:206... 2600:9000:206f:b200:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	52.29.48.214 52.29.48.214	16509 (AMAZON-02) (AMAZON-02)
3 4	52.56.111.113 52.56.111.113	16509 (AMAZON-02) (AMAZON-02)
1 5	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 2	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 2	52.95.124.165 52.95.124.165	16509 (AMAZON-02) (AMAZON-02)
1	18.184.87.203 18.184.87.203	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4004:81f::2003	15169 (GOOGLE) (GOOGLE)
1	18.157.50.45 18.157.50.45	16509 (AMAZON-02) (AMAZON-02)
2	52.28.108.235 52.28.108.235	16509 (AMAZON-02) (AMAZON-02)
1	52.48.131.173 52.48.131.173	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
4	35.156.201.148 35.156.201.148	16509 (AMAZON-02) (AMAZON-02)
1	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
1	35.186.238.175 35.186.238.175	15169 (GOOGLE) (GOOGLE)
141	44

1 195.201.63.185 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: forumcommunity.net

taraftarium24.blogfree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 95.216.245.43 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.43.245.216.95.clients.your-server.de

img.forumfree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.forumfree.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
skin.forumfree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.217.108.170 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.170.108.217.95.clients.your-server.de

uploads.blogfree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
upload.forumfree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mod.forumfree.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nb.forumfree.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 81.88.48.90 (Italy)

ASN39729 (REGISTER-AS, IT)

optimized-by.4wnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.85.134 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-85-134.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.178 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.88.48.83 (Italy)

ASN39729 (REGISTER-AS, IT)

adsr.4wnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

js.omg.neodatagroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 20.73.120.41 (Amsterdam, Netherlands) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tra.neodatagroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trz.neodatagroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.neodatagroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.omg.neodatagroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video-ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.237.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-122.deploy.static.akamaitechnologies.com

cdn.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.242.197 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.156.245.144 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.238 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:b200:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.48.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.56.111.113 (London, United Kingdom) 3 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.236 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.124.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.87.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81f::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.50.45 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.108.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.131.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

acds.prod.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.201.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

trk.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.238.175 (Kansas City, United States)

ASN15169 (GOOGLE, US)

it-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	forumfree.net img.forumfree.net upload.forumfree.net skin.forumfree.net	257 KB
17	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	139 KB
15	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	540 KB
14	google.com www.google.com adservice.google.com	33 KB
13	4wnetwork.com optimized-by.4wnetwork.com adsr.4wnetwork.com	101 KB
11	rubiconproject.com 2 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com video-ads.rubiconproject.com optimized-by.rubiconproject.com	44 KB
8	neodatagroup.com 2 redirects js.omg.neodatagroup.com tra.neodatagroup.com trz.neodatagroup.com tracker.neodatagroup.com d.omg.neodatagroup.com	35 KB
7	vidible.tv acds.prod.vidible.tv cdn-ssl.vidible.tv trk.vidible.tv	111 KB
6	agkn.com 3 redirects js.agkn.com d.agkn.com aa.agkn.com	6 KB
6	googleapis.com fonts.googleapis.com imasdk.googleapis.com	721 KB
5	mathtag.com 1 redirects pixel.mathtag.com	3 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	forumfree.it cdn.forumfree.it mod.forumfree.it nb.forumfree.it	228 KB
4	adform.net 3 redirects c1.adform.net dmp.adform.net adx.adform.net	2 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
4	doubleclick.net 3 redirects cm.g.doubleclick.net pubads.g.doubleclick.net	1 KB
3	moatads.com z.moatads.com px.moatads.com	45 KB
2	advertising.com ads.adaptv.advertising.com	2 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com	1 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	754 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	mookie1.com cdn.mookie1.com it-gmtdmp.mookie1.com	4 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	blogfree.net taraftarium24.blogfree.net uploads.blogfree.net	36 KB
1	spotxchange.com search.spotxchange.com	1 KB
1	360yield.com ice.360yield.com	446 B
1	googlesyndication.com pagead2.googlesyndication.com	12 KB
1	2mdn.net s0.2mdn.net	17 KB
1	idealmedia.io cm.idealmedia.io	556 B
1	lentainform.com cm.lentainform.com	621 B
1	smartadserver.com prg.smartadserver.com	1 KB
1	addthis.com s7.addthis.com	114 KB
141	32

	Domain	Requested by
19	img.forumfree.net	taraftarium24.blogfree.net img.forumfree.net
11	optimized-by.4wnetwork.com	taraftarium24.blogfree.net optimized-by.4wnetwork.com
8	cm.mgid.com	jsc.mgid.com taraftarium24.blogfree.net
7	adservice.google.com	imasdk.googleapis.com
7	www.gstatic.com	www.google.com www.gstatic.com
7	www.google.com	taraftarium24.blogfree.net www.gstatic.com www.google.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	pixel.mathtag.com	1 redirects d.agkn.com js.omg.neodatagroup.com taraftarium24.blogfree.net
5	x.bidswitch.net	5 redirects
4	trk.vidible.tv
4	aa.agkn.com	3 redirects d.agkn.com
4	imasdk.googleapis.com	optimized-by.4wnetwork.com imasdk.googleapis.com
4	match.adsrvr.org	4 redirects
4	eus.rubiconproject.com	prg.smartadserver.com cm.mgid.com eus.rubiconproject.com
3	cm.g.doubleclick.net	3 redirects
3	s-img.mgid.com	taraftarium24.blogfree.net
3	cdn.mgid.com	taraftarium24.blogfree.net
3	cdn.forumfree.it	taraftarium24.blogfree.net
2	cdn-ssl.vidible.tv	acds.prod.vidible.tv cdn-ssl.vidible.tv
2	ads.adaptv.advertising.com	imasdk.googleapis.com cdn-ssl.vidible.tv
2	csi.gstatic.com	imasdk.googleapis.com
2	video-ads.rubiconproject.com	imasdk.googleapis.com
2	aax-eu.amazon-adsystem.com	1 redirects taraftarium24.blogfree.net
2	tracker.neodatagroup.com	taraftarium24.blogfree.net
2	trz.neodatagroup.com	1 redirects js.omg.neodatagroup.com
2	z.moatads.com	s7.addthis.com cdn-ssl.vidible.tv
2	token.rubiconproject.com	eus.rubiconproject.com
2	rtb-usw.mfadsrvr.com	2 redirects
2	c1.adform.net	2 redirects
2	creativecdn.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	tra.neodatagroup.com	1 redirects taraftarium24.blogfree.net
2	adsr.4wnetwork.com	taraftarium24.blogfree.net imasdk.googleapis.com
2	secure.adnxs.com	2 redirects
2	fonts.googleapis.com	taraftarium24.blogfree.net
1	it-gmtdmp.mookie1.com
1	search.spotxchange.com	imasdk.googleapis.com
1	px.moatads.com
1	acds.prod.vidible.tv	imasdk.googleapis.com
1	optimized-by.rubiconproject.com	video-ads.rubiconproject.com
1	ice.360yield.com	imasdk.googleapis.com
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	adx.adform.net	imasdk.googleapis.com
1	d.omg.neodatagroup.com	taraftarium24.blogfree.net
1	dmp.adform.net	1 redirects
1	pagead2.googlesyndication.com	srcdoc
1	s0.2mdn.net	imasdk.googleapis.com
1	d.agkn.com	js.agkn.com
1	js.agkn.com	optimized-by.4wnetwork.com
1	cm.idealmedia.io	taraftarium24.blogfree.net
1	cm.lentainform.com	taraftarium24.blogfree.net
1	cdn.mookie1.com	optimized-by.4wnetwork.com
1	servicer.mgid.com	jsc.mgid.com
1	prg.smartadserver.com	optimized-by.4wnetwork.com
1	js.omg.neodatagroup.com	optimized-by.4wnetwork.com
1	c.mgid.com	jsc.mgid.com
1	skin.forumfree.net	taraftarium24.blogfree.net
1	s7.addthis.com	taraftarium24.blogfree.net
1	nb.forumfree.it	taraftarium24.blogfree.net
1	jsc.mgid.com	taraftarium24.blogfree.net
1	mod.forumfree.it	taraftarium24.blogfree.net
1	upload.forumfree.net	taraftarium24.blogfree.net
1	uploads.blogfree.net	taraftarium24.blogfree.net
1	taraftarium24.blogfree.net
141	64

This site contains links to these domains. Also see Links.

Domain
www.blogfree.net
accounts.blogfree.net
msg.blogfree.net
www.forumfree.it
play.google.com
top.blogfree.net
supporto.forumfree.it
tinyurl.com
widgets.mgid.com
www.mgid.com
herbeauty.co
index.blogfree.net
www.4wmarketplace.com

Subject Issuer	Validity	Valid
blogfree.net R3	`2021-03-12` - `2021-06-10`	3 months	crt.sh
forumfree.net R3	`2021-03-13` - `2021-06-11`	3 months	crt.sh
forumfree.it R3	`2021-03-13` - `2021-06-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
*.4wnetwork.com Go Daddy Secure Certificate Authority - G2	`2020-08-14` - `2021-10-12`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni1c7d5gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-02-04` - `2022-02-08`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
neodatagroup.com R3	`2021-03-08` - `2021-06-06`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
cdn.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-01` - `2022-04-01`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
d.omg.neodatagroup.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-01-14`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
acds.prod.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-01-26` - `2021-07-20`	6 months	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2020-12-19` - `2021-06-15`	6 months	crt.sh
trk.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-02-09` - `2021-08-03`	6 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://taraftarium24.blogfree.net/?t=6273459
Frame ID: 7D8B2CF60113F988E2360B98749D56F1
Requests: 100 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: EE603C3F6C48256EEE26B0600C2A15B8
Requests: 3 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cd=1&cbuster=1620218718731184742196
Frame ID: 142B52589DC23691105BEA8265FFD3B1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 2F32DE7027F557BA160DCBABDD87A61E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYId8UAAAAAJXVcQyaaoWPpqqnW9NA7WRRs39a&co=aHR0cHM6Ly90YXJhZnRhcml1bTI0LmJsb2dmcmVlLm5ldDo0NDM.&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=xzqhhqefomu4
Frame ID: 0D9676D73DA05BC47C66BDCF9C64DEF1
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYId8UAAAAAJXVcQyaaoWPpqqnW9NA7WRRs39a&co=aHR0cHM6Ly90YXJhZnRhcml1bTI0LmJsb2dmcmVlLm5ldDo0NDM.&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=16ej47kjxb05
Frame ID: 196F673A3F6ED38179A9046093E66573
Requests: 8 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=485204166&gdpr=&gdpr_consent=&ref=&bpid=4wit&c=%7B%22bpid%22%3A%224wit%22%2C%22loc%22%3A%22https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: A25B917573650B48E5090F0A254CB7F6
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 51A53EF3276352B5DD70BB47998E015E
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 69CAE7F6157916B3A9B832D987DEDEB5
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 7956DFBDD2E3F3B9A6C16F13AD134D48
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: F77CA1A2970F8BD3D062488CC53E337E
Requests: 9 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: E1DA9E3B0F1E75336D5B599305510F00
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

141
Requests

99 %
HTTPS

27 %
IPv6

32
Domains

64
Subdomains

44
IPs

10
Countries

2452 kB
Transfer

4918 kB
Size

17
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogfree.net/
Title:

Search URL Search Domain Scan URL

URL: https://accounts.blogfree.net/?act=Reg&cid=205573
Title: Register

Search URL Search Domain Scan URL

URL: https://msg.blogfree.net/?act=Search&CODE=getactive&c=205573
Title: Topics

Search URL Search Domain Scan URL

URL: https://www.forumfree.it/?act=newforum
Title: Create your forum

Search URL Search Domain Scan URL

URL: https://www.blogfree.net/?act=newblog
Title: Create your blog

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.forumfree.mobile
Title: Android App

Search URL Search Domain Scan URL

URL: https://msg.blogfree.net/?act=Search&CODE=lastarticles&c=1
Title: Last posts

Search URL Search Domain Scan URL

URL: https://top.blogfree.net/
Title: News

Search URL Search Domain Scan URL

URL: https://www.blogfree.net/?act=topforum
Title: Top Forum

Search URL Search Domain Scan URL

URL: https://www.blogfree.net/?act=topblog
Title: Top Blog

Search URL Search Domain Scan URL

URL: https://www.blogfree.net/?wiki
Title:

Search URL Search Domain Scan URL

URL: https://supporto.forumfree.it/
Title: Support Forum

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yjmd9ckl
Title: https://tinyurl.com/yjmd9ckl

Search URL Search Domain Scan URL

URL: https://tinyurl.com/1e0jdu0q
Title: https://tinyurl.com/1e0jdu0q

Search URL Search Domain Scan URL

URL: https://www.blogfree.net/?wiki=BBCode

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=taraftarium24.blogfree.net&utm_medium=referral&utm_campaign=widgets&utm_content=1108090
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://herbeauty.co/beauty/everything-you-need-to-know-about-the-atkins-diet/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/lifestyle/18-ways-to-get-rid-of-hiccups/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/entertainment/12-iconic-roles-played-by-different-actresses/

Search URL Search Domain Scan URL

URL: https://index.blogfree.net/
Title: Categories

Search URL Search Domain Scan URL

URL: https://www.4wmarketplace.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://secure.adnxs.com/getuid?https://adsr.4wnetwork.com/pixel.html?type=js&xuid=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fadsr.4wnetwork.com%2Fpixel.html%3Ftype%3Djs%26xuid%3D%24UID HTTP 302
https://adsr.4wnetwork.com/pixel.html?type=js&xuid=7308047255340001917

Request Chain 50

https://tra.neodatagroup.com/cm?sid=1009&pv=next&eid=6092935e9d8a82.43299922&rnd=841929810 HTTP 302
https://tra.neodatagroup.com/cm?sid=1009&pv=next&eid=6092935e9d8a82.43299922&rnd=841929810&neoid=2f2791f549405dd

Request Chain 51

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 58

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDQ1aVRCSFhqdko1&muidn=l45iTBHXjvJ5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDQ1aVRCSFhqdko1&muidn=l45iTBHXjvJ5&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=l45iTBHXjvJ5&google_ula={guid},5&google_gid=CAESEKIPaTZuEi2kK5PMhshR1ko&google_cver=1

Request Chain 61

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=55fe1682-b161-4ca6-833f-83e0d0f81360&ttl=1622810718

Request Chain 62

https://x.bidswitch.net/sync?dsp_id=303&user_id=l45iTBHXjvJ5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l45iTBHXjvJ5 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=2833ffef-0620-41bc-9a20-8e83a1235d43&gdpr=&gdpr_consent=&us_privacy=

Request Chain 63

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=OwZYEivoMQHbDcsdh1q1&pi=mgid&tc=1

Request Chain 64

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=7540292589574127688&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=2833ffef-0620-41bc-9a20-8e83a1235d43&gdpr=&gdpr_consent=&us_privacy=

Request Chain 66

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=5bd589b1-9290-4e0d-bba8-a0ea32c98a30

Request Chain 101

https://aa.agkn.com/adscores/g.pixel?sid=9212293468&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adadvisor&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=55fe1682-b161-4ca6-833f-83e0d0f81360

Request Chain 102

https://aa.agkn.com/adscores/g.pixel?sid=9212293438 HTTP 302
https://pixel.mathtag.com/sync/img?redir=https://aa.agkn.com/adscores/g.pixel%3Fsid%3D9312292258%26mt%3D%5BMM_UUID%5D HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9312292258&mt=d1336092-935f-4a00-8338-60a0748a1b5c HTTP 302
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=267480603777004792984

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1011&rt=img&rnd=32488901595 HTTP 302
https://tracker.neodatagroup.com/cm?pv=dbm&sid=1011&rt=img&rnd=32488901595&google_gid=CAESEAdHKXib6m1OtSdUxVDZtRI&google_cver=1

Request Chain 110

https://match.adsrvr.org/track/cmf/generic?ttd_pid=neodata&ttd_tpi=1 HTTP 302
https://tracker.neodatagroup.com/cm?eid=55fe1682-b161-4ca6-833f-83e0d0f81360&pv=TDD&sid=1011&rt=img&rnd=1622810719

Request Chain 111

https://dmp.adform.net/serving/cookie/match?party=1056&rt=img&rnd=32488901595 HTTP 302
https://d.omg.neodatagroup.com/cm?eid=7540292589574127688&pv=adform&sid=1011&rt=img

Request Chain 116

https://trz.neodatagroup.com/cm?eid=2f2791f549405dd&pv=AMAZON&sid=1&rd=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Dd0592a87-ff14-499d-9eda-8641b59e11c0%26id%3D2f2791f549405dd HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=d0592a87-ff14-499d-9eda-8641b59e11c0&id=2f2791f549405dd HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=d0592a87-ff14-499d-9eda-8641b59e11c0&id=2f2791f549405dd&dcc=t

141 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
taraftarium24.blogfree.net/ 103 KB
33 KB 153ms
36ms Document
text/html 195.201.63.185
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.63.185 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: forumcommunity.net
Software: Apache /
Resource Hash: b8b03cea53d1ea314553bb1b72c22ee5d1dae5724040bd02ee69d3b86ac92ee5

Request headers

Host: taraftarium24.blogfree.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:17 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Set-Cookie: session_id=8c254ed371dd2fb2e2152b609f43b8d0; path=/; domain=.blogfree.net;SameSite=None; secure; httponly cat=205573; expires=Thu, 05-May-2022 12:45:17 GMT; Max-Age=31536000; path=/; domain=.blogfree.net;SameSite=None; secure login-from=https%253A%252F%252Ftaraftarium24.blogfree.net%252F%253Ft%253D6273459; expires=Thu, 05-May-2022 12:45:17 GMT; Max-Age=31536000; path=/; domain=.blogfree.net;SameSite=None; secure pop1=1; expires=Wed, 05-May-2021 13:45:17 GMT; Max-Age=3600; path=/; domain=.blogfree.net cpop=1; expires=Thu, 05-May-2022 12:45:17 GMT; Max-Age=31536000; path=/; domain=.blogfree.net;SameSite=None; secure
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32342
Connection: close
Content-Type: text/html; charset=windows-1252

GET
H2 200 jq.js Show response
img.forumfree.net/src/ 92 KB
33 KB 188ms
81ms Script
application/javascript 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://img.forumfree.net/src/jq.js
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: dfc1f483fa420d54784871a635f349df9b8f4ceb807c63d664e5c81fa1305b22

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: gzip
last-modified: Sat, 22 Aug 2015 10:10:54 GMT
server: Apache
etag: "16e74-51de399858780-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33103
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 jqt.js Show response
img.forumfree.net/src/ 3 KB
1 KB 157ms
50ms Script
application/javascript 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://img.forumfree.net/src/jqt.js
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: fe5fd6cadb6e646f75c8e03830cdb8c11f8c4e6d773633cf4e38e10181560e09

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: gzip
last-modified: Sat, 22 Aug 2015 10:10:51 GMT
server: Apache
etag: "af4-51de39957c0c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1303
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 handlebars.js Show response
cdn.forumfree.it/libs/handlebars/ 78 KB
24 KB 177ms
61ms Script
application/javascript 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forumfree.it/libs/handlebars/handlebars.js
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: bac4ea004d72c2f74cb64b16cdd796cc3ef932c7c937487453bcb636d64bdcdd

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: gzip
last-modified: Sun, 15 Nov 2020 15:20:33 GMT
server: Apache
etag: "13981-5b426cd8a6811-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24168
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 font-awesome.min.css
img.forumfree.net/fontawesome/ 30 KB
7 KB 160ms
53ms Stylesheet
text/css 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://img.forumfree.net/fontawesome/font-awesome.min.css
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: 0c9ede87e0786c38b7347e7b3acd595d81b72483a0cc46081cb6b3b73b3fabec

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: gzip
last-modified: Wed, 19 Sep 2018 13:56:36 GMT
server: Apache
etag: "79c6-57639c6518d00-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7092
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 modal.css
cdn.forumfree.it/libs/jquery.modal/ 3 KB
2 KB 165ms
50ms Stylesheet
text/css 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forumfree.it/libs/jquery.modal/modal.css
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: cdeb7371a550d8cee6270f71eb85376733612fa7db7cb66f89bab1f2995dc094

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: gzip
last-modified: Mon, 16 Nov 2020 11:45:25 GMT
server: Apache
etag: "c8b-5b437ea0592cd-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1788
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 modal.js Show response
cdn.forumfree.it/libs/jquery.modal/ 6 KB
2 KB 165ms
50ms Script
application/javascript 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forumfree.it/libs/jquery.modal/modal.js?v=2
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: 79adb06156981edf970906f4b58de08a62fad5dc27fff7dcfeaa63451ada1193

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: gzip
last-modified: Mon, 16 Nov 2020 13:46:29 GMT
server: Apache
etag: "1613-5b4399af4e4cf-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1811
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
728 B 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeYId8UAAAAAJXVcQyaaoWPpqqnW9NA7WRRs39a

Requested by

Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8f9dde39bcd499f9f82c524934422a6e4b5095ed9322cf9b5a3aa350c4d1140

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 12:45:17 GMT

GET
H2 200 google_logo_vector.svg
img.forumfree.net/vectors/ 689 B
762 B 53ms
49ms Image
image/svg+xml 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/vectors/google_logo_vector.svg
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: 9d3631b5ddd7e057f2167921ac1b79fe3c879cc7e62f9ec5b6ebbfa076b57cb9

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Fri, 21 Aug 2020 01:33:05 GMT
server: Apache
etag: "2b1-5ad5937f1f302"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 689
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 fb_logo_vector.svg
img.forumfree.net/vectors/ 689 B
762 B 53ms
50ms Image
image/svg+xml 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/vectors/fb_logo_vector.svg
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: 2e19d2ed78689cb27c7e929541d959764bae4c7d339ee14e035ba67bc717cbd1

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Fri, 21 Aug 2020 01:33:00 GMT
server: Apache
etag: "2b1-5ad5937a384b6"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 689
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 telegram_logo_vector.svg
img.forumfree.net/vectors/ 3 KB
3 KB 53ms
49ms Image
image/svg+xml 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/vectors/telegram_logo_vector.svg
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: 2af9233a7b19c47ec4dd98a5148c70ace25dbe405d43c37757fe90d041cfeaf2

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Fri, 21 Aug 2020 01:33:22 GMT
server: Apache
etag: "d72-5ad5938f1b053"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3442
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H/1.1 200
OK av-1263769.jpg
uploads.blogfree.net/ 3 KB
3 KB 181ms
48ms Image
image/jpeg 95.217.108.170
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.blogfree.net/av-1263769.jpg
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.108.170 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.170.108.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 0adddbdeacf0673d14c722a363d6837adda043669eafb5a09cc8bff0d365cb3c

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:18 GMT
Last-Modified: Sat, 24 Apr 2021 17:56:07 GMT
Server: Apache
ETag: "aaf-5c0bba078640c"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Content-Length: 2735
Expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 loads.gif
img.forumfree.net/index_file/ 90 KB
91 KB 54ms
51ms Image
image/gif 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/index_file/loads.gif
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: 6cf9fed1f050b9b04b0e7c03f057371067643d4305ec435828a6b5691279d602

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Thu, 12 Nov 2009 13:25:47 GMT
server: Apache
etag: "1685e-4782c7b28acc0"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 92254
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 bb_center.gif
img.forumfree.net/index_file/ 65 B
144 B 52ms
48ms Image
image/gif 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/index_file/bb_center.gif
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: 3ea062b831fa79154f29111db7dacea9022312a74999f48f2683e7e4593e584c

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Sun, 30 Sep 2007 01:46:21 GMT
server: Apache
etag: "41-43b507c9e1540"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 65
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 smile.svg
img.forumfree.net/html/emoticons/new/ 1 KB
2 KB 54ms
51ms Image
image/svg+xml 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/html/emoticons/new/smile.svg
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: ccc11bdcf2f2bb08bdaa93ec93c9b89ac844eba6d2742d22f72d6d91e415b54c

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Sat, 14 Mar 2020 21:44:36 GMT
server: Apache
etag: "5fe-5a0d77e019900"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1534
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 flame.svg
img.forumfree.net/html/emoticons/new/ 3 KB
3 KB 54ms
51ms Image
image/svg+xml 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/html/emoticons/new/flame.svg
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: b8a2bd0a81fb9403de15cf78d9b4e57b3c6ab1673c687d9e02b46638fa8ec2a7

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Sat, 14 Mar 2020 23:57:35 GMT
server: Apache
etag: "ba2-5a0d9599779c0"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2978
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 w_1_icon.png
upload.forumfree.net/admin/ 573 B
726 B 182ms
48ms Image
image/png 95.217.108.170
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upload.forumfree.net/admin/w_1_icon.png
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.108.170 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.170.108.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 050efb075f3ac50ad08d76b7e6575cc345808fd1a36502c4c77c7a1ee7910ac9

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Wed, 12 Aug 2020 16:05:37 GMT
server: Apache
etag: "23d-5acb05bcb19f3"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 573
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 help.png
img.forumfree.net/index_file/ 787 B
867 B 52ms
49ms Image
image/png 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/index_file/help.png
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: 1b0237283fc07322014ae71214d23f7b37d93ec34d7ffc3a223c1beb9b24c959

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Sun, 03 Jul 2011 06:06:11 GMT
server: Apache
etag: "313-4a7240c211ac0"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 787
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 preview.png
img.forumfree.net/index_file/ 659 B
732 B 54ms
51ms Image
image/png 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/index_file/preview.png
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: fbeb557ed3adb88cb4959afa9fa10a9f973efa2578545aac5ba212ebc73f7522

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Sun, 03 Jul 2011 06:06:13 GMT
server: Apache
etag: "293-4a7240c3f9f40"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 659
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 full.png
img.forumfree.net/index_file/ 603 B
652 B 54ms
51ms Image
image/png 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/index_file/full.png
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: c81c35f7ebce8ed7c2aaf47c987bbff0e1b817e7f67c533539f1400795cf748a

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Sun, 03 Jul 2011 06:06:11 GMT
server: Apache
etag: "25b-4a7240c211ac0"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 603
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 post_cron8.js Show response
mod.forumfree.it/kakashi/ 198 KB
200 KB 162ms
49ms Script
application/javascript 95.217.108.170
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.forumfree.it/kakashi/post_cron8.js?v43
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.108.170 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.170.108.217.95.clients.your-server.de
Software: Apache /
Resource Hash: a18e673aad197607e62f08c8c618bfd799f4ac030385bc35508a21f4c2b6a35a

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Fri, 25 Dec 2020 20:46:14 GMT
server: Apache
etag: "31833-5b75003f07b72"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 202803
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 forumfree.it.719965.js Show response
jsc.mgid.com/f/o/ 278 KB
69 KB 92ms
56ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/forumfree.it.719965.js
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38ea399f40d366fe7bde2a04f366f868e330162bc66ffe9297f3dbd7f155a35b

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 1905
cf-polished: origSize=284826
last-modified: Fri, 23 Apr 2021 19:50:08 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CXNGH48B1QGYJ1WT
x-amz-id-2: dkP9oBirLnCvepwKQXPOEcUtoTlBFaE/r7Z5PfNz9mnj/9+mTLsxLYxktpFMzjyRtuDQMj9J0bI=
cf-bgj: minify
server: cloudflare
etag: W/"2d749db11b8ac01e89acdbeaaa8c8c8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 09de28c00e0000a8972d8f0000000001
cf-ray: 64aa10acef87a897-CDG
expires: Wed, 05 May 2021 15:45:18 GMT

GET
H2 200 moreorlessmaterial.js Show response
nb.forumfree.it/supporto/ 1 KB
727 B 167ms
48ms Script
application/javascript 95.217.108.170
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nb.forumfree.it/supporto/moreorlessmaterial.js
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.108.170 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.170.108.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 8b1551c4eae74dcd8eb23a751b27365c5eb71fa48dda0ab1d14f6f96ec4842df

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: gzip
last-modified: Mon, 03 Aug 2015 09:26:35 GMT
server: Apache
etag: "4a1-51c64c40c48c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=60
accept-ranges: bytes
content-length: 547
expires: Wed, 05 May 2021 12:46:18 GMT

GET
H/1.1 200
OK simply_loader.js Show response
optimized-by.4wnetwork.com/ 5 KB
2 KB 196ms
47ms Script
application/javascript 81.88.48.90
REGISTER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.4wnetwork.com/simply_loader.js?4wvideo=true
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.48.90 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software: nginx / PHP/5.6.29-0+deb8u1
Resource Hash: 6b4f6fc313de646e2e6b3cc67faa8f908a68d3a0852601a07b672d09cfe33ff2

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:18 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.6.29-0+deb8u1
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 77ms
26ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

aad2b6d960df65a46563c335ca5dbf6f4da009ef0c0e3c6728d7c3173958349f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 05 May 2021 12:45:18 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ 335 KB
131 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeYId8UAAAAAJXVcQyaaoWPpqqnW9NA7WRRs39a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://taraftarium24.blogfree.net
Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2456
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134200
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 May 2022 12:04:22 GMT

GET
H2 200 bck-03.jpg
img.forumfree.net/index_file/ 29 KB
29 KB 88ms
87ms Image
image/jpeg 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/index_file/bck-03.jpg
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: b636070da04b0bb4088418783006421f638b18cbe55e5ab1f2ecb999edf5cc3d

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Sat, 02 Dec 2017 12:31:17 GMT
server: Apache
etag: "743e-55f5aa961af40"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 29758
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 bf.png
img.forumfree.net/index_file/ 2 KB
2 KB 88ms
87ms Image
image/png 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/index_file/bf.png
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: 76d1ddd14c4d32fcc4d193531add5880de5016dfe6ffe8e1aa3a56a878840c16

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Sun, 30 Dec 2012 11:05:50 GMT
server: Apache
etag: "91f-4d20fe11d9f80"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2335
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 bf-icon.png
skin.forumfree.net/social/ 724 B
797 B 86ms
71ms Image
image/png 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://skin.forumfree.net/social/bf-icon.png
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: 6f3531a812431a1af69491fa1d62776a9793468ae152cc0c2ead142d5403d9ef

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Sat, 27 Jun 2015 20:52:14 GMT
server: Apache
etag: "2d4-5198607febb80"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 724
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 icon_rss.png
img.forumfree.net/index_file/ 658 B
731 B 85ms
84ms Image
image/png 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/index_file/icon_rss.png
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: 8a8ed20b87bf1c9b28d7692df23bcffcef31457cbe653e2dd794e890b5dfc842

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Sun, 03 Jul 2011 06:15:24 GMT
server: Apache
etag: "292-4a7242d173700"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 658
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 icon_members.png
img.forumfree.net/style_images/52/ 741 B
814 B 85ms
84ms Image
image/png 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/style_images/52/icon_members.png
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: 27a31183bf236e3d60f6cf71948dac650ab7323246ba7fdb6f72a7d2a422c652

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Fri, 15 Jul 2011 08:34:31 GMT
server: Apache
etag: "2e5-4a81784b4d3c0"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 741
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 icon_help.png
img.forumfree.net/style_images/52/ 707 B
780 B 85ms
84ms Image
image/png 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.forumfree.net/style_images/52/icon_help.png
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: 4821d14560854417197a31f299d6192f5c873b7f351d9d6aae2a39dfacdd3e5e

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Sat, 22 Aug 2015 10:06:21 GMT
server: Apache
etag: "2c3-51de3893fe140"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 707
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 fontawesome-webfont.woff2
img.forumfree.net/fonts/ 77 KB
77 KB 150ms
48ms Font
font/woff2 95.216.245.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://img.forumfree.net/fonts/fontawesome-webfont.woff2
Requested by: Host: img.forumfree.net
URL: https://img.forumfree.net/fontawesome/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.245.43 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.245.216.95.clients.your-server.de
Software: Apache /
Resource Hash: e9aa8fd80224b3809e18bbeee38bcbb490699e03ad349dea0c9845ba276d157c

Request headers

Origin: https://taraftarium24.blogfree.net
Referer: https://img.forumfree.net/fontawesome/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
last-modified: Wed, 19 Sep 2018 13:56:53 GMT
server: Apache
etag: "13310-57639c754f340"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 78608
expires: Fri, 04 Jun 2021 12:45:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 May 2021 12:17:44 GMT
server: ESF
date: Wed, 05 May 2021 12:45:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 May 2021 12:45:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
642 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 May 2021 12:10:09 GMT
server: ESF
date: Wed, 05 May 2021 12:45:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 May 2021 12:45:18 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
410 B 136ms
127ms Script
text/plain 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1620218718504450035222&uniqId=0c281&childs=1108090&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459&lu=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459&pageView=1&site=453308&pvid=1793c8fa928ad92ce63&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/forumfree.it.719965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://taraftarium24.blogfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64aa10aec900a897-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09de28c13a0000a897532b5000000001

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 29ms
28ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 6475
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B9201827F81D32DC
x-amz-id-2: oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 09de28c13a0000a89746052000000001
cf-ray: 64aa10aeb8faa897-CDG
expires: Thu, 06 May 2021 12:45:18 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
812 B 38ms
37ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 6475
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1D76EA8A206ECCA7
x-amz-id-2: lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 09de28c1370000a8972b00c000000001
cf-ray: 64aa10aeb8fca897-CDG
expires: Thu, 06 May 2021 12:45:18 GMT

GET
H2 200 int_exchange_wages_ad.svg
cdn.mgid.com/images/mgid/ 1 KB
744 B 32ms
31ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/int_exchange_wages_ad.svg
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 6468
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: A6EC37B2A7BDE00B
x-amz-id-2: PwXuLK/xbxwm8Hf3CE9lBqGE5I1x8jZ+3dC6/axU5ZbcSWyTHkWZUyetDT5gQlgZpKn8sbHG1f0=
last-modified: Mon, 04 May 2020 12:16:53 GMT
server: cloudflare
etag: W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 09de28c1370000a89746051000000001
cf-ray: 64aa10aeb8f8a897-CDG
expires: Thu, 06 May 2021 12:45:18 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://taraftarium24.blogfree.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 508189
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:35:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://taraftarium24.blogfree.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 558106
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:43:32 GMT

GET
H/1.1 200
OK exaudi.php Show response
optimized-by.4wnetwork.com/ 359 B
947 B 49ms
48ms Script
application/javascript 81.88.48.90
REGISTER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.4wnetwork.com/exaudi.php
Requested by: Host: optimized-by.4wnetwork.com
URL: https://optimized-by.4wnetwork.com/simply_loader.js?4wvideo=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.48.90 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software: nginx / PHP/5.6.29-0+deb8u1
Resource Hash: 3f6758d7a8dbd6b8b93c93111fccee2a5ca51307b5ac29d3e3b9000d9c178fe6

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 05 May 2021 12:45:18 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.6.29-0+deb8u1
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK groupm.js Show response
optimized-by.4wnetwork.com/js/ 404 B
641 B 96ms
46ms Script
application/javascript 81.88.48.90
REGISTER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.4wnetwork.com/js/groupm.js
Requested by: Host: optimized-by.4wnetwork.com
URL: https://optimized-by.4wnetwork.com/simply_loader.js?4wvideo=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.48.90 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software: nginx /
Resource Hash: fdc25f117137a962cc2e4a122e7ab62d29ae301d6838b4edf137990e759bd3d8

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 05 May 2021 12:45:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Apr 2021 12:07:18 GMT
Server: nginx
ETag: W/"6082b876-194"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Connection: keep-alive
Expires: Thu, 06 May 2021 12:45:18 GMT

GET
H/1.1

200
OK

pixel.html Show response
adsr.4wnetwork.com/
Redirect Chain

https://secure.adnxs.com/getuid?https://adsr.4wnetwork.com/pixel.html?type=js&xuid=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fadsr.4wnetwork.com%2Fpixel.html%3Ftype%3Djs%26xuid%3D%24UID
https://adsr.4wnetwork.com/pixel.html?type=js&xuid=7308047255340001917

0
2 KB

192ms
59ms

Script
application/javascript

81.88.48.83
REGISTER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsr.4wnetwork.com/pixel.html?type=js&xuid=7308047255340001917
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.48.83 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:18 GMT
Server: nginx/1.10.3
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive

Redirect headers

Pragma: no-cache
Date: Wed, 05 May 2021 12:45:18 GMT
X-Proxy-Origin: 185.93.2.40; 185.93.2.40; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid: 5aa3e170-cb22-4a7a-bc38-be6633c28f1e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://adsr.4wnetwork.com/pixel.html?type=js&xuid=7308047255340001917
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK neustar.js Show response
optimized-by.4wnetwork.com/js/ 279 B
566 B 196ms
52ms Script
application/javascript 81.88.48.90
REGISTER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.4wnetwork.com/js/neustar.js
Requested by: Host: optimized-by.4wnetwork.com
URL: https://optimized-by.4wnetwork.com/simply_loader.js?4wvideo=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.48.90 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software: nginx /
Resource Hash: c2f0e1813262877b0e01347e14b0a741a6ef7834e67193c5c8a9de11fe071f1b

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Apr 2021 12:07:18 GMT
Server: nginx
ETag: W/"6082b876-117"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Connection: keep-alive
Expires: Thu, 06 May 2021 12:45:18 GMT

GET
H2 200 omg.js Show response
js.omg.neodatagroup.com/ 77 KB
27 KB 29ms
7ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://js.omg.neodatagroup.com/omg.js
Requested by: Host: optimized-by.4wnetwork.com
URL: https://optimized-by.4wnetwork.com/simply_loader.js?4wvideo=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE0) /
Resource Hash: f71baa5af0d781a33c33a7391eb888c51083c974a608b7d11a10f7fa6e68ef8f

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: gzip
content-md5: rIFzus5TWQI31Q561kb8WA==
age: 627
x-cache: HIT
content-length: 27639
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Apr 2021 21:04:49 GMT
server: ECAcc (frc/8FE0)
etag: "0x8D8FB9B1D06C82F+gzip"
vary: Accept-Encoding
content-type: text/javascript
x-ms-request-id: c575913c-a01e-00a3-06ab-41eb37000000
cache-control: max-age=1800
x-ms-version: 2014-02-14
expires: Wed, 05 May 2021 13:15:18 GMT

GET
H/1.1 200
OK ac Show response
prg.smartadserver.com/ 2 KB
1 KB 56ms
20ms Script
application/javascript 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/ac?pgid=1189087&insid=9280327&tmstp=6937227254&out=js
Requested by: Host: optimized-by.4wnetwork.com
URL: https://optimized-by.4wnetwork.com/simply_loader.js?4wvideo=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: b33dbf1c54ec38bb895f8d45424be11679419437c3cef858bded94ac12754c74

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 9280327
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK video_impression.js Show response
optimized-by.4wnetwork.com/js/ 4 KB
1 KB 144ms
47ms Script
application/javascript 81.88.48.90
REGISTER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.4wnetwork.com/js/video_impression.js?v=o2
Requested by: Host: optimized-by.4wnetwork.com
URL: https://optimized-by.4wnetwork.com/simply_loader.js?4wvideo=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.48.90 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software: nginx /
Resource Hash: b277a4f2a04be505dc123a234b3a6b73f85ed9a7669b3df3335540ab4233d3ee

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 05 May 2021 12:45:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Apr 2021 12:07:18 GMT
Server: nginx
ETag: W/"6082b876-1016"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Connection: keep-alive
Expires: Thu, 06 May 2021 12:45:18 GMT

GET
H/1.1 200
OK video_loader_new.min.js Show response
optimized-by.4wnetwork.com/js/ 77 KB
10 KB 195ms
53ms Script
application/javascript 81.88.48.90
REGISTER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.4wnetwork.com/js/video_loader_new.min.js
Requested by: Host: optimized-by.4wnetwork.com
URL: https://optimized-by.4wnetwork.com/simply_loader.js?4wvideo=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.48.90 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software: nginx /
Resource Hash: b623365a67a8f4c7afef1df1d8b65e2717c7e6d0771906d071e50e182e6d8ad4

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 05 May 2021 12:45:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Apr 2021 12:07:18 GMT
Server: nginx
ETag: W/"6082b876-1326a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Connection: keep-alive
Expires: Thu, 06 May 2021 12:45:18 GMT

GET
H2 200 1 Show response
servicer.mgid.com/719965/ 15 KB
4 KB 88ms
86ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/719965/1?pv=5&cbuster=1620218718624750044072&uniqId=0c281&childs=1108090&niet=4g&nisd=false&w=940&h=296&p3_w=303&p3_h=236&maxw_3=303&maxh_3=236&cols=3&ref=&cxurl=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459&lu=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459&pageView=1&pvid=1793c8fa9a183668a46&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/forumfree.it.719965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0aab1b042af66357b42508b129bcf0b242b6f6e492bb1ab23287929177c78aa

Request headers

Referer: https://taraftarium24.blogfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64aa10af7992a897-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09de28c1a90000a8974394f000000001

GET
H/1.1

200

cm
tra.neodatagroup.com/
Redirect Chain

https://tra.neodatagroup.com/cm?sid=1009&pv=next&eid=6092935e9d8a82.43299922&rnd=841929810
https://tra.neodatagroup.com/cm?sid=1009&pv=next&eid=6092935e9d8a82.43299922&rnd=841929810&neoid=2f2791f549405dd

232 B
232 B

110ms
110ms

Image
application/javascript

20.73.120.41
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tra.neodatagroup.com/cm?sid=1009&pv=next&eid=6092935e9d8a82.43299922&rnd=841929810&neoid=2f2791f549405dd
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.73.120.41 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 May 2021 12:45:18 GMT
Connection: keep-alive
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

Access-Control-Allow-Origin: *
Date: Wed, 05 May 2021 12:45:18 GMT
Connection: keep-alive
Content-Type: text/richtext;charset=UTF-8
Content-Length: 0
Location: /cm?sid=1009&pv=next&eid=6092935e9d8a82.43299922&rnd=841929810&neoid=2f2791f549405dd
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame EE60
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

91ms
29ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: prg.smartadserver.com
URL: https://prg.smartadserver.com/ac?pgid=1189087&insid=9280327&tmstp=6937227254&out=js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://taraftarium24.blogfree.net/?t=6273459
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://taraftarium24.blogfree.net/?t=6273459

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 05 May 2021 12:45:18 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Date: Wed, 05 May 2021 12:45:18 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK containr.js Show response
cdn.mookie1.com/ 9 KB
3 KB 96ms
34ms Script
application/x-javascript 104.111.237.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mookie1.com/containr.js
Requested by: Host: optimized-by.4wnetwork.com
URL: https://optimized-by.4wnetwork.com/js/groupm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.237.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-122.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1c2607a9bfc7164c68a6cc33e1a07e12b4c25886bf0ce92896f27ca8d531b81f

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 2941
Last-Modified: Tue, 08 Sep 2020 10:42:20 GMT
Server: AkamaiNetStorage
ETag: "6200df1a0ff97d44f843b0184fa20225:1599561740.987291"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 05 May 2021 12:46:18 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
695 B 91ms
82ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cd=1&cbuster=1620218718728944619415
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/forumfree.it.719965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26bb2f9ebb1784d0f5ed0122e1a75189aa7fb53930cd62c1ea3b416f311affcc

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 568e80c9-4ebb-4ab0-b7ee-c44879fe0260
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64aa10b02a3fa897-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09de28c2180000a8973628f000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 142B 19 B
313 B 78ms
73ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cd=1&cbuster=1620218718731184742196
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/forumfree.it.719965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 5ce3a54b-06a3-4405-93b0-2c1a1d8a2737
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64aa10b02a3ea897-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09de28c2180000a89746067000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2FjZmI3MjczZGZhNGVhZTU0NmVhOWI1NDU5Mzc0MWQzLmpwZw.webp
s-img.mgid.com/g/8164921/492x277/0x0x1001x667/ 24 KB
24 KB 76ms
74ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164921/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2FjZmI3MjczZGZhNGVhZTU0NmVhOWI1NDU5Mzc0MWQzLmpwZw.webp?v=1620218718-ts8kI_WKdMjd7wS-fUbs0UMQiSInwB-B9UhO6yQo4wY
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34e8579fafbba82bd9db50d894dec67e4ec020e9e62f7196fddb7903d64bb9ef

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
cf-cache-status: HIT
x-mg-request-uuid: ec7f78cc-d42a-4986-b95a-04784f575c0a
age: 1064991
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24066
cf-request-id: 09de28c21b0000a8975d21c000000001
last-modified: Mon, 08 Feb 2021 10:20:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 64aa10b02a3aa897-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2I1NWM1M2QxNDIxN2UwNTQyOGRkNzczMDVlYzExNzQ0LmpwZWc.webp
s-img.mgid.com/g/8164858/492x277/0x0x866x577/ 15 KB
15 KB 75ms
74ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164858/492x277/0x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2I1NWM1M2QxNDIxN2UwNTQyOGRkNzczMDVlYzExNzQ0LmpwZWc.webp?v=1620218718-vUw5QlrbSSFE9x8rToEkvYfeeDEQ20IwP_ROsfqxrDU
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0227cc4b75dfbaffd8eb0557e49264ed2aaae976d85ef0aa6f3d4b54ef8d9532

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
cf-cache-status: HIT
x-mg-request-uuid: 8c7c744d-8c8d-4b3b-975f-769c24b1f778
age: 1064991
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15348
cf-request-id: 09de28c2150000a8975d21b000000001
last-modified: Mon, 08 Feb 2021 10:20:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 64aa10b02a37a897-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzJmYzI5NzEyY2Y1ZmY5NDlkZjUwYzg4NzFkMzc5OTA2LmpwZWc.webp
s-img.mgid.com/g/8164863/492x277/0x0x561x374/ 19 KB
19 KB 27ms
26ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164863/492x277/0x0x561x374/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzJmYzI5NzEyY2Y1ZmY5NDlkZjUwYzg4NzFkMzc5OTA2LmpwZWc.webp?v=1620218718-N-BOHPYDtqwBIb9g8x3NuQ5tf8wXmihejh5_R5mspiE
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9716b127a75c050c3255fa967732faf807d14bcbb1d2d15c1fa0ac97feb8107

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:18 GMT
cf-cache-status: HIT
x-mg-request-uuid: cc97bbd4-1175-4c78-97a2-8a5e00e718c5
age: 1065009
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19004
cf-request-id: 09de28c2150000a8974c16a000000001
last-modified: Mon, 08 Feb 2021 10:20:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 64aa10b02a3ba897-CDG

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2F32
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

52ms
29ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cd=1&cbuster=1620218718728944619415
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://taraftarium24.blogfree.net/?t=6273459
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://taraftarium24.blogfree.net/?t=6273459

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 05 May 2021 12:45:18 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Wed, 05 May 2021 12:45:18 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
621 B 114ms
75ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l45iTBHXjvJ5
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 64aa10b11ba5cde3-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09de28c2b40000cde36e1e1000000001

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDQ1aVRCSFhqdko1&muidn=l45iTBHXjvJ5
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDQ1aVRCSFhqdko1&muidn=l45iTBHXjvJ5&google_tc=
https://cm.mgid.com/google?muidn=l45iTBHXjvJ5&google_ula={guid},5&google_gid=CAESEKIPaTZuEi2kK5PMhshR1ko&google_cver=1

0
491 B

74ms
73ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l45iTBHXjvJ5&google_ula={guid},5&google_gid=CAESEKIPaTZuEi2kK5PMhshR1ko&google_cver=1
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64aa10b2aab032b6-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09de28c3ab000032b6b403f000000001

Redirect headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l45iTBHXjvJ5&google_ula={guid},5&google_gid=CAESEKIPaTZuEi2kK5PMhshR1ko&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=55fe1682-b161-4ca6-833f-83e0d0f81360&ttl=1622810718

43 B
690 B

82ms
82ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=55fe1682-b161-4ca6-833f-83e0d0f81360&ttl=1622810718
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:19 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 11171b81-118f-4393-9210-c7c251b420e0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64aa10b1c80432b6-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09de28c31f000032b6c421a000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=55fe1682-b161-4ca6-833f-83e0d0f81360&ttl=1622810718
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l45iTBHXjvJ5
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l45iTBHXjvJ5
https://cm.mgid.com/m?cdsp=433145&c=2833ffef-0620-41bc-9a20-8e83a1235d43&gdpr=&gdpr_consent=&us_privacy=

43 B
727 B

100ms
79ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=2833ffef-0620-41bc-9a20-8e83a1235d43&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:19 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 30525173-ceed-4983-bab8-e4e42f08b28a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64aa10b1bfcc32b6-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09de28c310000032b6be325000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=2833ffef-0620-41bc-9a20-8e83a1235d43&gdpr=&gdpr_consent=&us_privacy=
date: Wed, 05 May 2021 12:45:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=OwZYEivoMQHbDcsdh1q1&pi=mgid&tc=1

43 B
691 B

78ms
77ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=OwZYEivoMQHbDcsdh1q1&pi=mgid&tc=1
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:19 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 01e65389-a4de-4233-aa3e-47e7fd20cbaa
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64aa10b1e85732b6-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09de28c330000032b6d11d9000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=OwZYEivoMQHbDcsdh1q1&pi=mgid&tc=1
pragma: no-cache
date: Wed, 05 May 2021 12:45:18 GMT, Wed, 05 May 2021 12:45:18 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=70&user_id=7540292589574127688&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=2833ffef-0620-41bc-9a20-8e83a1235d43&gdpr=&gdpr_consent=&us_privacy=

43 B
707 B

91ms
91ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=2833ffef-0620-41bc-9a20-8e83a1235d43&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:19 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6eb69188-983a-4e5b-8200-d2d16a9f2c1e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64aa10b36cb432b6-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09de28c422000032b6f3b22000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=2833ffef-0620-41bc-9a20-8e83a1235d43&gdpr=&gdpr_consent=&us_privacy=
date: Wed, 05 May 2021 12:45:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 111ms
75ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l45iTBHXjvJ5
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 64aa10b119a8cdd3-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 09de28c2b00000cdd37aaa1000000001

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=5bd589b1-9290-4e0d-bba8-a0ea32c98a30

43 B
723 B

79ms
79ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=5bd589b1-9290-4e0d-bba8-a0ea32c98a30
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:19 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 67074604-bff0-43f6-8f97-1888a659f1e9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64aa10b5fb5b32b6-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09de28c5bc000032b61da8b000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=5bd589b1-9290-4e0d-bba8-a0ea32c98a30
date: Wed, 05 May 2021 12:45:19 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame EE60 30 KB
9 KB 63ms
35ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=74698
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9235
Expires: Thu, 06 May 2021 09:30:16 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2F32 30 KB
9 KB 43ms
32ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=74698
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9235
Expires: Thu, 06 May 2021 09:30:16 GMT

GET
H/1.1 200
OK impression.php Show response
optimized-by.4wnetwork.com/ 9 KB
5 KB 119ms
119ms Script
text/html 81.88.48.90
REGISTER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.4wnetwork.com/impression.php?code=215047;104209;3275;0&$4wOTkey=&GDPR=&GDPR_CONSENT=&nug=&category=not_mapped&resistivity=false
Requested by: Host: optimized-by.4wnetwork.com
URL: https://optimized-by.4wnetwork.com/js/video_impression.js?v=o2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.48.90 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software: nginx / PHP/5.6.29-0+deb8u1
Resource Hash: 40c25421743245455084f065c93d00b19bad8276f22bce954b38361c780cb858

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 05 May 2021 12:45:19 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.6.29-0+deb8u1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame EE60 284 B
536 B 100ms
25ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2F32 284 B
536 B 103ms
27ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H/1.1 200
OK vidIMA.min.css
optimized-by.4wnetwork.com/asset/css/ 46 KB
15 KB 82ms
81ms Stylesheet
text/css 81.88.48.90
REGISTER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.4wnetwork.com/asset/css/vidIMA.min.css
Requested by: Host: optimized-by.4wnetwork.com
URL: https://optimized-by.4wnetwork.com/js/video_loader_new.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.48.90 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software: nginx /
Resource Hash: 8019a99e09d753b455ee70ce5408c4a2180c2b94d75ea00144a65fb8666d9e71

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Apr 2021 12:07:18 GMT
Server: nginx
ETag: W/"6082b876-b807"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400, public
Connection: keep-alive
Expires: Thu, 06 May 2021 12:45:19 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 334 KB
115 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: optimized-by.4wnetwork.com
URL: https://optimized-by.4wnetwork.com/js/video_loader_new.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Wed, 05 May 2021 12:45:19 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 106ms
46ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:19 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=57974
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 tag.js Show response
js.agkn.com/prod/v0/ 3 KB
3 KB 36ms
7ms Script
application/javascript 2600:9000:206f:b200:15:efbc:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: optimized-by.4wnetwork.com
URL: https://optimized-by.4wnetwork.com/js/neustar.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b200:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0207dcde9d13d30d12727aa053edf2790e4586445ddef3cdf368adc9f2457d4c

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:10:59 GMT
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
last-modified: Tue, 22 Oct 2019 20:22:52 GMT
server: AmazonS3
age: 52267
etag: "f53f55cbab099be3a970b446a66c496a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: RaKzXS9rrCX-h_fG5QCbbl8oKTitj3x1qwUlJUAAeXezMD9yBVNXPA==

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0D96 19 KB
10 KB 27ms
26ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYId8UAAAAAJXVcQyaaoWPpqqnW9NA7WRRs39a&co=aHR0cHM6Ly90YXJhZnRhcml1bTI0LmJsb2dmcmVlLm5ldDo0NDM.&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=xzqhhqefomu4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2182c63a8272721f0cc3263d4e37f20033a7a151e96aa2501d82a412ff1ea123

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3BASdtszUhuogIhu5SYJ8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeYId8UAAAAAJXVcQyaaoWPpqqnW9NA7WRRs39a&co=aHR0cHM6Ly90YXJhZnRhcml1bTI0LmJsb2dmcmVlLm5ldDo0NDM.&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=xzqhhqefomu4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://taraftarium24.blogfree.net/?t=6273459
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://taraftarium24.blogfree.net/?t=6273459

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 05 May 2021 12:45:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-3BASdtszUhuogIhu5SYJ8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10227
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 196F 19 KB
10 KB 25ms
25ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7fa0ebeeba4b91ea8adbf5952df79c442023c4c608f1942897a3dbaaba490cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xCGqXBAxa0UCnbH1JPQ7Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeYId8UAAAAAJXVcQyaaoWPpqqnW9NA7WRRs39a&co=aHR0cHM6Ly90YXJhZnRhcml1bTI0LmJsb2dmcmVlLm5ldDo0NDM.&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=16ej47kjxb05
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://taraftarium24.blogfree.net/?t=6273459
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://taraftarium24.blogfree.net/?t=6273459

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 05 May 2021 12:45:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-xCGqXBAxa0UCnbH1JPQ7Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10118
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 516 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Cookie set / Show response
d.agkn.com/iframe/8613/ Frame A25B 481 B
1 KB 114ms
27ms Document
text/html 52.29.48.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8613/?che=485204166&gdpr=&gdpr_consent=&ref=&bpid=4wit&c=%7B%22bpid%22%3A%224wit%22%2C%22loc%22%3A%22https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.48.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 33028b306202787af41768dacb7fbc2b20a84f3a1f026cc0893d177af270fccd

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://taraftarium24.blogfree.net/?t=6273459
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://taraftarium24.blogfree.net/?t=6273459

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Wed, 05 May 2021 12:45:18 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AqsUrO6NLlSbxlzcuwvJLm4194AgF09BV;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure u=C|0AEAoJU_fKCVP3wAAAAAAAg1RAQCADVIBAIA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
Content-Length: 481
Connection: keep-alive

GET
H/1.1 200
OK allscriptIMA.min.js Show response
optimized-by.4wnetwork.com/asset/js/ 263 KB
62 KB 68ms
68ms Script
application/javascript 81.88.48.90
REGISTER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.4wnetwork.com/asset/js/allscriptIMA.min.js
Requested by: Host: optimized-by.4wnetwork.com
URL: https://optimized-by.4wnetwork.com/js/video_loader_new.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.48.90 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software: nginx /
Resource Hash: d46a5ed5ec73c55f1d7cad5f7e77070e4af65909fedabf85ada126718e419b00

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Apr 2021 12:07:18 GMT
Server: nginx
ETag: W/"6082b876-41ad2"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Connection: keep-alive
Expires: Thu, 06 May 2021 12:45:19 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame 0D96 51 KB
25 KB 14ms
12ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYId8UAAAAAJXVcQyaaoWPpqqnW9NA7WRRs39a&co=aHR0cHM6Ly90YXJhZnRhcml1bTI0LmJsb2dmcmVlLm5ldDo0NDM.&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=xzqhhqefomu4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 11:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
age: 3170
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Thu, 05 May 2022 11:52:29 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame 0D96 335 KB
131 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2457
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134200
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 May 2022 12:04:22 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame 196F 51 KB
25 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 11:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
age: 3170
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Thu, 05 May 2022 11:52:29 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame 196F 335 KB
131 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2457
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134200
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 May 2022 12:04:22 GMT

GET
H3-29 200 W2xNIJZa3rU__xOhJSE22-BlHC3zQORVvVWr7ErpxMA.js Show response
www.google.com/js/bg/ Frame 196F 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/W2xNIJZa3rU__xOhJSE22-BlHC3zQORVvVWr7ErpxMA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b6c4d20965adeb53fff13a1252136dbe0651c2df340e455bd55abec4ae9c4c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYId8UAAAAAJXVcQyaaoWPpqqnW9NA7WRRs39a&co=aHR0cHM6Ly90YXJhZnRhcml1bTI0LmJsb2dmcmVlLm5ldDo0NDM.&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=16ej47kjxb05
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 18:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 16:00:00 GMT
server: sffe
age: 66655
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5734
x-xss-protection: 0
expires: Wed, 04 May 2022 18:14:24 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 196F 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 579168
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Wed, 05 May 2021 19:52:31 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 196F 15 KB
15 KB 16ms
13ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 53959
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 04 May 2022 21:46:00 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 196F 15 KB
15 KB 20ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 22:46:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 482319
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Fri, 29 Apr 2022 22:46:40 GMT

GET
H3-29 200 W2xNIJZa3rU__xOhJSE22-BlHC3zQORVvVWr7ErpxMA.js Show response
www.google.com/js/bg/ Frame 0D96 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/W2xNIJZa3rU__xOhJSE22-BlHC3zQORVvVWr7ErpxMA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b6c4d20965adeb53fff13a1252136dbe0651c2df340e455bd55abec4ae9c4c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYId8UAAAAAJXVcQyaaoWPpqqnW9NA7WRRs39a&co=aHR0cHM6Ly90YXJhZnRhcml1bTI0LmJsb2dmcmVlLm5ldDo0NDM.&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=xzqhhqefomu4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 18:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 16:00:00 GMT
server: sffe
age: 66655
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5734
x-xss-protection: 0
expires: Wed, 04 May 2022 18:14:24 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0D96 2 KB
2 KB 8ms
6ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 579168
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Wed, 05 May 2021 19:52:31 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0D96 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 53959
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 04 May 2022 21:46:00 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0D96 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 22:46:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 482319
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Fri, 29 Apr 2022 22:46:40 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 196F 102 B
132 B 16ms
15ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c794ed9998df8cdf623077dcf9df6523be8080fb2bfd82a61d5ab391ee58c02

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYId8UAAAAAJXVcQyaaoWPpqqnW9NA7WRRs39a&co=aHR0cHM6Ly90YXJhZnRhcml1bTI0LmJsb2dmcmVlLm5ldDo0NDM.&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=16ej47kjxb05
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 12:45:19 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0D96 102 B
132 B 16ms
16ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c794ed9998df8cdf623077dcf9df6523be8080fb2bfd82a61d5ab391ee58c02

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYId8UAAAAAJXVcQyaaoWPpqqnW9NA7WRRs39a&co=aHR0cHM6Ly90YXJhZnRhcml1bTI0LmJsb2dmcmVlLm5ldDo0NDM.&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=xzqhhqefomu4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 12:45:19 GMT

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame A25B
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212293468&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adadvisor&ttd_tpi=1&gdpr=&gdpr_consent=
https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=55fe1682-b161-4ca6-833f-83e0d0f81360

43 B
371 B

25ms
24ms

Image
image/gif

52.56.111.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=55fe1682-b161-4ca6-833f-83e0d0f81360
Requested by: Host: d.agkn.com
URL: https://d.agkn.com/iframe/8613/?che=485204166&gdpr=&gdpr_consent=&ref=&bpid=4wit&c=%7B%22bpid%22%3A%224wit%22%2C%22loc%22%3A%22https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.111.113 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://d.agkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:19 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=55fe1682-b161-4ca6-833f-83e0d0f81360
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 217

GET
H/1.1

200
OK

/
pixel.mathtag.com/sync/img/ Frame A25B
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212293438
https://pixel.mathtag.com/sync/img?redir=https://aa.agkn.com/adscores/g.pixel%3Fsid%3D9312292258%26mt%3D%5BMM_UUID%5D
https://aa.agkn.com/adscores/g.pixel?sid=9312292258&mt=d1336092-935f-4a00-8338-60a0748a1b5c
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=267480603777004792984

43 B
360 B

43ms
43ms

Image
image/gif

2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=267480603777004792984
Requested by: Host: d.agkn.com
URL: https://d.agkn.com/iframe/8613/?che=485204166&gdpr=&gdpr_consent=&ref=&bpid=4wit&c=%7B%22bpid%22%3A%224wit%22%2C%22loc%22%3A%22https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3709 11aaa92 master cdg-pixel-x26 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://d.agkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:19 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 05 May 2021 12:46:44 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:19 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=267480603777004792984
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 51A5 570 KB
570 KB 19ms
6ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://taraftarium24.blogfree.net/?t=6273459
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://taraftarium24.blogfree.net/?t=6273459

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 583201
date: Thu, 29 Apr 2021 15:46:56 GMT
expires: Fri, 29 Apr 2022 15:46:56 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 507503
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 60ms
13ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 05 May 2021 12:45:19 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 41ms
41ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=taraftarium24.blogfree.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 12:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 69CA 36 KB
12 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:38:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 400
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Wed, 05 May 2021 13:38:39 GMT

GET
H/1.1 200 pv Show response
trz.neodatagroup.com/ 52 B
1 KB 408ms
212ms Script
text/javascript 20.73.120.41
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://trz.neodatagroup.com/pv?sid=1011&rnd=32488901595&pv=omg&id=604&ad=196&rs=1600x1200&lg=en-US&tz=-120&ur=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459&re=&co=24&cb=window._omgDmp.setNeoIdLastSync(%27@@neo_user_id@@%27);
Requested by: Host: js.omg.neodatagroup.com
URL: https://js.omg.neodatagroup.com/omg.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.73.120.41 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 675ffad027ec1c970739302ed148b46723934abc4ff4caf213b2298e0f7b5568

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 May 2021 12:45:20 GMT
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 52
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ 597 B
1 KB 137ms
48ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftrz.neodatagroup.com%2Fcm%3Fsid%3D1011%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D32488901595
Requested by: Host: js.omg.neodatagroup.com
URL: https://js.omg.neodatagroup.com/omg.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3709 11aaa92 master cdg-pixel-x2 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:19 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x2
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 05 May 2021 12:46:44 GMT

GET
H/1.1

200

cm
tracker.neodatagroup.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1011&rt=img&rnd=32488901595
https://tracker.neodatagroup.com/cm?pv=dbm&sid=1011&rt=img&rnd=32488901595&google_gid=CAESEAdHKXib6m1OtSdUxVDZtRI&google_cver=1

49 B
2 KB

183ms
108ms

Image
image/gif

20.73.120.41
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.neodatagroup.com/cm?pv=dbm&sid=1011&rt=img&rnd=32488901595&google_gid=CAESEAdHKXib6m1OtSdUxVDZtRI&google_cver=1
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.73.120.41 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: eecfda8b8a06de40fa1857fc81abe01c45ffdd698de0b0e3eb01b78d3d6df257

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 May 2021 12:45:19 GMT
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 49
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tracker.neodatagroup.com/cm?pv=dbm&sid=1011&rt=img&rnd=32488901595&google_gid=CAESEAdHKXib6m1OtSdUxVDZtRI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

cm
tracker.neodatagroup.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=neodata&ttd_tpi=1
https://tracker.neodatagroup.com/cm?eid=55fe1682-b161-4ca6-833f-83e0d0f81360&pv=TDD&sid=1011&rt=img&rnd=1622810719

49 B
2 KB

175ms
98ms

Image
image/gif

20.73.120.41
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.neodatagroup.com/cm?eid=55fe1682-b161-4ca6-833f-83e0d0f81360&pv=TDD&sid=1011&rt=img&rnd=1622810719
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.73.120.41 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: eecfda8b8a06de40fa1857fc81abe01c45ffdd698de0b0e3eb01b78d3d6df257

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 May 2021 12:45:19 GMT
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 49
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://tracker.neodatagroup.com/cm?eid=55fe1682-b161-4ca6-833f-83e0d0f81360&pv=TDD&sid=1011&rt=img&rnd=1622810719
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H/1.1

200

cm
d.omg.neodatagroup.com/
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1056&rt=img&rnd=32488901595
https://d.omg.neodatagroup.com/cm?eid=7540292589574127688&pv=adform&sid=1011&rt=img

49 B
1 KB

353ms
183ms

Image
image/gif

20.73.120.41
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.omg.neodatagroup.com/cm?eid=7540292589574127688&pv=adform&sid=1011&rt=img
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.73.120.41 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: eecfda8b8a06de40fa1857fc81abe01c45ffdd698de0b0e3eb01b78d3d6df257

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 May 2021 12:45:20 GMT
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 49
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:19 GMT
server: nginx
location: https://d.omg.neodatagroup.com/cm?eid=7540292589574127688&pv=adform&sid=1011&rt=img
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 51A5 65 B
745 B 39ms
37ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=556987;gdpr=;gdpr_consent=&t=2

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:19 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
479 B 39ms
39ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3709 11aaa92 master cdg-pixel-x1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:19 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 05 May 2021 12:46:44 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=taraftarium24.blogfree.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 12:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 51A5 156 B
752 B 285ms
210ms XHR
text/xml 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F131207395%2Fca-video-pub-7774251886246218-tag%2FForumfree.it_news_4wstill_desktop&description_url=https%3A%2F%2Fwww.forumfree.it%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3145333726860297&vpa=click&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=0.6.0&sdki=44d&adk=1683526291&sdk_apis=2%2C8&sid=09D1FFDE-E2FE-4E06-90D7-12ACD5ABE9DA&eid=44730612%2C44739826&url=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459&dlt=1620218717934&idt=1916&dt=1620218719957&cookie_enabled=1&scor=2299280490176828&ged=ve4_td2_tt0_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/
Redirect Chain

https://trz.neodatagroup.com/cm?eid=2f2791f549405dd&pv=AMAZON&sid=1&rd=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Dd0592a87-ff14-499d-9eda-8641b59e11c0%26id%3D2f2791f549405dd
https://aax-eu.amazon-adsystem.com/s/dcm?pid=d0592a87-ff14-499d-9eda-8641b59e11c0&id=2f2791f549405dd
https://aax-eu.amazon-adsystem.com/s/dcm?pid=d0592a87-ff14-499d-9eda-8641b59e11c0&id=2f2791f549405dd&dcc=t

43 B
720 B

192ms
191ms

Image
image/gif

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=d0592a87-ff14-499d-9eda-8641b59e11c0&id=2f2791f549405dd&dcc=t
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 12:45:20 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 May 2021 12:45:20 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=d0592a87-ff14-499d-9eda-8641b59e11c0&id=2f2791f549405dd&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=taraftarium24.blogfree.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 12:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 advast Show response
ice.360yield.com/ Frame 51A5 27 B
446 B 143ms
90ms XHR
application/xml 18.184.87.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=1155535&gdpr=&schain=1.0,1!4wmarketplace.com,104209,1,,,&w=640&h=360&referrer=blogfree.net
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.87.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Wed, 05 May 2021 12:45:20 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=taraftarium24.blogfree.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 12:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK vast.xml Show response
video-ads.rubiconproject.com/video/11762/155096/750376/201/ Frame 51A5 2 KB
2 KB 97ms
29ms XHR
text/xml 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/11762/155096/750376/201/vast.xml?tg_c.language=it&rp_schain=1.0,1!4wmarketplace.com,104209,1,,,
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash: 353e8cba199d55098e5ea0c0b64222af25ecef9b78fe7ba1e06261acd14ef56e

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 12:45:20 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: text/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 950
Expires: Wed, 05 May 2021 12:45:20 GMT

GET
H/1.1 200
OK 4w.png
optimized-by.4wnetwork.com/asset/img/ 1 KB
1 KB 47ms
46ms Image
image/png 81.88.48.90
REGISTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimized-by.4wnetwork.com/asset/img/4w.png
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.48.90 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software: nginx /
Resource Hash: 7d53564de55531407e315437d68d3dc4d597d770c64726366fabb575627b15ca

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:20 GMT
Last-Modified: Fri, 23 Apr 2021 12:07:18 GMT
Server: nginx
ETag: "6082b876-462"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1122

GET
H/1.1 200
OK xmark.png
optimized-by.4wnetwork.com/asset/img/ 432 B
663 B 47ms
47ms Image
image/png 81.88.48.90
REGISTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimized-by.4wnetwork.com/asset/img/xmark.png
Requested by: Host: taraftarium24.blogfree.net
URL: https://taraftarium24.blogfree.net/?t=6273459
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.48.90 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software: nginx /
Resource Hash: 5bb6f14413a952b3a5d38f5dc54aa412f6d5e681941315f3d259a816e14b673d

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:20 GMT
Last-Modified: Fri, 23 Apr 2021 12:07:18 GMT
Server: nginx
ETag: "6082b876-1b0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 432

POST
H2 204 csi
csi.gstatic.com/ Frame 51A5 0
331 B 779ms
269ms Ping
image/gif 2404:6800:4004:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kobge5b5&c=7910488586551&slotId=3955244293275.5&fb=ima-html5&sdkv=h.3.453.0&ppt=videojs-ima&ppv=0.6.0&mrd=7&aab=1&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=44730612%2C44739826&vmfc=3&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7956 50 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 841
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Wed, 05 May 2021 12:46:19 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d654f59df92472abf0e98b1dd24276dd2452e98216f44d2450b103370ad1d215

Request headers

Origin: https://taraftarium24.blogfree.net
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK bridge-31032.js Show response
video-ads.rubiconproject.com/video/ Frame 7956 64 KB
20 KB 36ms
35ms Script
application/javascript 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/bridge-31032.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 36a9e03d1116cc94b5ec602a5737992734dd845d831a91349e975c610f132307

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 09:40:09 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "100d7-5bfd76a7cf040-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 19979

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ Frame 7956 28 B
399 B 103ms
30ms XHR
application/xml 18.157.50.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=11762&site_id=155096&zone_id=750376&size_id=201&tg_c.language=it&rp_schain=1.0,1!4wmarketplace.com,95617,1,,,&p_window.depth=0&rf=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=460&p_aso.video.ext.ad.h=259&width=460&height=259&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=2565142976558630&rp_secure=1
Requested by: Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31032.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.50.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:20 GMT
server: nginx/1.16.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://taraftarium24.blogfree.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: application/xml
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=taraftarium24.blogfree.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 12:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK vast.html Show response
adsr.4wnetwork.com/ Frame 51A5 83 B
406 B 120ms
120ms XHR
application/xml 81.88.48.83
REGISTER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsr.4wnetwork.com/vast.html?placement_id=19481394&sid=215047&xuid=7308047255340001917&ip=185.93.2.40&subtype=preroll&xdom=forumfree.it&xref=https%3A%2F%2Fforumfree.it&cb=1620218719045&gdpr=1&gdpr_consent=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.48.83 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: bf0b78bff50bbd7d4309766a88f74f6b631c2ef34c55428b9118738eef2d26be

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:21 GMT
Server: nginx/1.10.3
Transfer-Encoding: chunked
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: must-revalidate, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=taraftarium24.blogfree.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 12:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK KCBGDbDP_YXKcYHde8FE3UMh0LDly_ca2IKvw0tQ27Wpa0pVOUMb5XTwhafi4fiGAWCfnDKmEHAkCSi+mIApKutdAnKshlV5 Show response
ads.adaptv.advertising.com/a/h/ Frame 51A5 2 KB
1 KB 123ms
28ms XHR
text/xml 52.28.108.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.108.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

745217f429eae8b2dd2cb31fc28cbce66da4a0d320b5e0c7046f04dae484b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 969
expires: 0

POST
H3-29 204 csi
csi.gstatic.com/ Frame 51A5 0
17 B 534ms
267ms Ping
image/gif 2404:6800:4004:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kobge5up&c=7910488586551&slotId=3955244293275.5&fb=ima-html5&sdkv=h.3.453.0&ppt=videojs-ima&ppv=0.6.0&mrd=7&aab=1&itv=1&met.4=err.kobge6e2&aec=901&vmfc=1&ccc=5&ccrh=5&ccri=0&ccrs=0&ccru=0&ccrhc=true
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F77C 50 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 842
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Wed, 05 May 2021 12:46:19 GMT

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame F77C 15 KB
7 KB 102ms
33ms Script
application/javascript 52.48.131.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1017964&orgId=21984&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=blogfree.net&vrid=4362e9d3-0604-4697-a991-f082bd103176&pblob=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.131.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6c1a1c4fed3201ea5d4366e36b0fd408c184d144d9cc331531f7d66f8c5262d9

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:21 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6624

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame F77C 317 KB
102 KB 29ms
8ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1017964&orgId=21984&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=blogfree.net&vrid=4362e9d3-0604-4697-a991-f082bd103176&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 03 May 2021 07:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192859
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 104243
x-amz-id-2: tBykOFKUE1ZKgJeWJk6xrJlCQUGWjgvBiqJidaUp4zOsD12NYAMPSC4rlkl/xxBrYZsr6u6aIk8=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Mar 2021 05:09:03 GMT
server: ATS
etag: "ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: Q4R4T8W34Q36N13E
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame F77C 43 B
246 B 82ms
24ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59ae8ac37cdce04271395125&s=true&pv=10.2.63&ifr=true&cb=0.881256699230778&pt=o2unit&sid=5a5d41bc-1372-4258-84d6-823cca5706aa&r=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:21 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Wed, 05 May 2021 12:45:21 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ 133 KB
44 KB 54ms
53ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:21 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 844FF664DE0AB17A
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=58039
accept-ranges: bytes
content-length: 44266
x-amz-id-2: KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=

GET
H2 200 local-storage.html Show response
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame E1DA 2 KB
779 B 7ms
7ms Document
text/html 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://taraftarium24.blogfree.net/?t=6273459
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://taraftarium24.blogfree.net/?t=6273459

Response headers

x-amz-id-2: O33udB7OO1Zjvqyy9HdM9F8jJbcUdhasv/ijVJtXuFtWcnaEpGbpIZtaQO9AykHxMN1fEcmqjyc=
x-amz-request-id: D8YCW59G7K9V7THM
date: Tue, 04 May 2021 09:02:06 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
age: 99796
ats-carp-promotion: 1
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK KCBGDbDP_YXKcYHde8FE3UMh0LDly_ca2IKvw0tQ27Wpa0pVOUMb5XTwhafi4fiGAWCfnDKmEHAkCSi+mIApKutdAnKshlV5 Show response
ads.adaptv.advertising.com/a/h/ Frame F77C 249 B
556 B 111ms
110ms XHR
text/xml 52.28.108.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/KCBGDbDP_YXKcYHde8FE3UMh0LDly_ca2IKvw0tQ27Wpa0pVOUMb5XTwhafi4fiGAWCfnDKmEHAkCSi+mIApKutdAnKshlV5?cb=1620218719045&gdpr=&gdpr_consent=&pet=preroll&pageUrl=blogfree.net&eov=eov&scpid=21984&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=259&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=460

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.108.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://taraftarium24.blogfree.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame F77C 43 B
245 B 26ms
25ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=59ae8ac37cdce04271395125&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459&s=true&sid=5a5d41bc-1372-4258-84d6-823cca5706aa&vvuid=fefb8a86-24d6-413e-8a99-dab767b2a0d6&orgId=21984&plcid=1017964&vrid=4362e9d3-0604-4697-a991-f082bd103176&ab=0&dt=85&h=259&spaceid=793604934&w=460&cb=0.5299041325730747
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:21 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.8
content-type: image/gif
content-length: 43
expires: Wed, 05 May 2021 12:45:21 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame F77C 43 B
245 B 24ms
24ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=59ae8ac37cdce04271395125&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459&s=true&sid=5a5d41bc-1372-4258-84d6-823cca5706aa&vvuid=fefb8a86-24d6-413e-8a99-dab767b2a0d6&orgId=21984&plcid=1017964&vrid=4362e9d3-0604-4697-a991-f082bd103176&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.9976525790528425
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:21 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Wed, 05 May 2021 12:45:21 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame F77C 43 B
245 B 25ms
25ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59ae8ac37cdce04271395125&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459&s=true&sid=5a5d41bc-1372-4258-84d6-823cca5706aa&vvuid=fefb8a86-24d6-413e-8a99-dab767b2a0d6&orgId=21984&plcid=1017964&vrid=4362e9d3-0604-4697-a991-f082bd103176&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=460&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=259&cb=0.8272175393165058
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:45:21 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Wed, 05 May 2021 12:45:21 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 99ms
97ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1620218721817&de=588845202435&d=93%3A-%3A-%3A-&bo=blogfree.net&bd=taraftarium24.blogfree.net&f=0&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:21 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 05 May 2021 12:45:21 GMT

GET ad-engine-response.gif
trk.vidible.tv/trk/ Frame F77C 0
0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=taraftarium24.blogfree.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 12:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK 237175 Show response
search.spotxchange.com/vast/2.0/ Frame 51A5 67 B
1 KB 128ms
44ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/237175?VPAID=JS&content_page_url=forumfree.it&cb={cb}&player_width=640&player_height=480&custom_skin=1&regs[gdpr]=1&user[consent]=1&schain=1.0,1!4wnetwork.com,104209,1,,,
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:21 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000252
X-SpotX-Timing-SpotMarket: 0.011665
X-SpotX-Timing-Page-Mux: 0.000245
X-SpotX-Timing-Page-Require: 0.000409
X-fe: 106
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000027
Content-Length: 77
X-SpotX-Timing-Page: 0.015634
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000354
Last-Modified: Wed, 05 May 2021 12:45:21 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.011665
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
X-SpotX-Timing-Page-Misc: 0.002673
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 learn
it-gmtdmp.mookie1.com/t/v2/ 43 B
324 B 91ms
33ms Image
image/gif 35.186.238.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://it-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_877843&src.rand=%5Btimestamp%5D&gdpr_err=NO_CMP&gdpr_consent=-1&depp=7.0.1-4-eu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.175 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 12:45:22 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
634 B 41ms
40ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3709 11aaa92 master cdg-pixel-x6 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://taraftarium24.blogfree.net/?t=6273459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 12:45:29 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x6
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 05 May 2021 12:46:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trk.vidible.tv
URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=59ae8ac37cdce04271395125&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459&s=true&sid=5a5d41bc-1372-4258-84d6-823cca5706aa&vvuid=fefb8a86-24d6-413e-8a99-dab767b2a0d6&orgId=21984&plcid=1017964&vrid=4362e9d3-0604-4697-a991-f082bd103176&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=460&aert=117&ar=no&fo=0&ft=0&h=259&cb=0.9509678929172782

Verdicts & Comments Add Verdict or Comment

318 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
taraftarium24.blogfree.net/	1969-12-31 23:59:59	Name: neoLastSync Value: {"id":"2f2791f549405dd","ts":1620218720128}
taraftarium24.blogfree.net/	1969-12-31 23:59:59	Name: neoLastSync_ADFORM Value: 1620218719720
taraftarium24.blogfree.net/	1969-12-31 23:59:59	Name: neoLastSync_THETRADEDESK Value: 1620218719720
taraftarium24.blogfree.net/	1970-01-20 03:33:53	Name: __atuvc Value: 1%7C18
.agkn.com/	1970-01-20 02:49:14	Name: u Value: C\|0AEAoJU_fKCVP3wAAAAAAAg1RAQCADVIBAIA
taraftarium24.blogfree.net/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C719965%22%3A%7B%22page%22%3A1%2C%22time%22%3A1620218718720%7D%7D
.blogfree.net/	1970-01-20 02:49:14	Name: cpop Value: 1
.blogfree.net/	1970-01-19 18:03:42	Name: pop1 Value: 1
.blogfree.net/	1970-01-20 02:49:14	Name: cat Value: 205573
.blogfree.net/	1970-01-20 02:49:14	Name: login-from Value: https%253A%252F%252Ftaraftarium24.blogfree.net%252F%253Ft%253D6273459
taraftarium24.blogfree.net/	1970-01-19 18:03:40	Name: __atuvs Value: 6092935fd29a1634000
.agkn.com/	1970-01-20 02:49:14	Name: ab Value: 0001%3AqsUrO6NLlSbxlzcuwvJLm1Rk1XW9a%2B%2FxHcXJu2ftvkddiLt9hXarFA%3D%3D
taraftarium24.blogfree.net/	1969-12-31 23:59:59	Name: neoLastSync_MEDIAMATH Value: 1620218719721
.blogfree.net/	1969-12-31 23:59:59	Name: resolution Value: 1600x1200
taraftarium24.blogfree.net/	1969-12-31 23:59:59	Name: neoLastSync_AMAZON Value: 1620218720129
taraftarium24.blogfree.net/	1969-12-31 23:59:59	Name: neoLastSync_DBM Value: 1620218719719
.blogfree.net/	1969-12-31 23:59:59	Name: session_id Value: 8c254ed371dd2fb2e2152b609f43b8d0

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://mod.forumfree.it/kakashi/post_cron8.js?v43(Line 690) Message: edit disabled
console-api	debug	URL: https://jsc.mgid.com/f/o/forumfree.it.719965.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://optimized-by.4wnetwork.com/asset/js/allscriptIMA.min.js(Line 14) Message: AdsLoader error: AdError 303: No Ads VAST response after one or more Wrappers
console-api	log	URL: https://optimized-by.4wnetwork.com/asset/js/allscriptIMA.min.js(Line 14) Message: AdsLoader error: AdError 303: No Ads VAST response after one or more Wrappers
console-api	log	URL: https://optimized-by.4wnetwork.com/asset/js/allscriptIMA.min.js(Line 14) Message: AdsLoader error: AdError 303: No Ads VAST response after one or more Wrappers
console-api	log	URL: https://video-ads.rubiconproject.com/video/bridge-31032.js(Line 1) Message: com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=11762&site_id=155096&zone_id=750376&size_id=201&tg_c.language=it&rp_schain=1.0,1!4wmarketplace.com,95617,1,,,&p_window.depth=0&rf=https%3A%2F%2Ftaraftarium24.blogfree.net%2F%3Ft%3D6273459&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=460&p_aso.video.ext.ad.h=259&width=460&height=259&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=2565142976558630&rp_secure=1
console-api	log	URL: https://optimized-by.4wnetwork.com/asset/js/allscriptIMA.min.js(Line 14) Message: Ad error: AdError 901: An unexpected error occurred within the VPAID creative. Refer to the inner error for more info. Caused by: Error: Error: null
console-api	log	URL: https://optimized-by.4wnetwork.com/asset/js/allscriptIMA.min.js(Line 14) Message: AdsLoader error: AdError 303: No Ads VAST response after one or more Wrappers
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 14:45:21.855 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 14:45:21.855 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	log	URL: https://optimized-by.4wnetwork.com/asset/js/allscriptIMA.min.js(Line 14) Message: Ad error: AdError 901: An unexpected error occurred within the VPAID creative. Refer to the inner error for more info. Caused by: Error: Error: No ads provided, ad engine did not finish loading
console-api	log	URL: https://optimized-by.4wnetwork.com/asset/js/allscriptIMA.min.js(Line 14) Message: AdsLoader error: AdError 303: No Ads VAST response after one or more Wrappers

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax-eu.amazon-adsystem.com
acds.prod.vidible.tv
ads.adaptv.advertising.com
adservice.google.com
adsr.4wnetwork.com
adx.adform.net
c.mgid.com
c1.adform.net
cdn-ssl.vidible.tv
cdn.forumfree.it
cdn.mgid.com
cdn.mookie1.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
csi.gstatic.com
d.agkn.com
d.omg.neodatagroup.com
dmp.adform.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ice.360yield.com
imasdk.googleapis.com
img.forumfree.net
it-gmtdmp.mookie1.com
js.agkn.com
js.omg.neodatagroup.com
jsc.mgid.com
match.adsrvr.org
mod.forumfree.it
nb.forumfree.it
optimized-by.4wnetwork.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pixel.mathtag.com
prg.smartadserver.com
pubads.g.doubleclick.net
px.moatads.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s0.2mdn.net
s7.addthis.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
servicer.mgid.com
skin.forumfree.net
taraftarium24.blogfree.net
token.rubiconproject.com
tra.neodatagroup.com
tracker.neodatagroup.com
trk.vidible.tv
trz.neodatagroup.com
upload.forumfree.net
uploads.blogfree.net
video-ads.rubiconproject.com
www.google.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
trk.vidible.tv
104.109.85.134
104.111.230.142
104.111.237.122
104.16.199.73
104.19.132.78
104.19.133.78
104.19.216.61
13.248.242.197
142.250.186.66
172.217.23.98
18.157.50.45
18.184.87.203
185.184.8.30
185.33.223.178
185.86.138.16
185.94.180.123
195.201.63.185
2.18.233.201
2.18.235.40
20.73.120.41
23.37.42.132
2404:6800:4004:81f::2003
2600:9000:206f:b200:15:efbc:e300:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1288:80:800::7000
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:812::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
35.156.201.148
35.156.245.144
35.186.238.175
35.212.212.222
37.157.2.236
37.157.2.238
52.28.108.235
52.29.48.214
52.48.131.173
52.56.111.113
52.95.124.165
69.173.144.139
81.88.48.83
81.88.48.90
95.216.245.43
95.217.108.170
0207dcde9d13d30d12727aa053edf2790e4586445ddef3cdf368adc9f2457d4c
0227cc4b75dfbaffd8eb0557e49264ed2aaae976d85ef0aa6f3d4b54ef8d9532
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
050efb075f3ac50ad08d76b7e6575cc345808fd1a36502c4c77c7a1ee7910ac9
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0adddbdeacf0673d14c722a363d6837adda043669eafb5a09cc8bff0d365cb3c
0c9ede87e0786c38b7347e7b3acd595d81b72483a0cc46081cb6b3b73b3fabec
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1b0237283fc07322014ae71214d23f7b37d93ec34d7ffc3a223c1beb9b24c959
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c2607a9bfc7164c68a6cc33e1a07e12b4c25886bf0ce92896f27ca8d531b81f
2182c63a8272721f0cc3263d4e37f20033a7a151e96aa2501d82a412ff1ea123
25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c
26bb2f9ebb1784d0f5ed0122e1a75189aa7fb53930cd62c1ea3b416f311affcc
27a31183bf236e3d60f6cf71948dac650ab7323246ba7fdb6f72a7d2a422c652
2af9233a7b19c47ec4dd98a5148c70ace25dbe405d43c37757fe90d041cfeaf2
2e19d2ed78689cb27c7e929541d959764bae4c7d339ee14e035ba67bc717cbd1
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
33028b306202787af41768dacb7fbc2b20a84f3a1f026cc0893d177af270fccd
34e8579fafbba82bd9db50d894dec67e4ec020e9e62f7196fddb7903d64bb9ef
353e8cba199d55098e5ea0c0b64222af25ecef9b78fe7ba1e06261acd14ef56e
36a9e03d1116cc94b5ec602a5737992734dd845d831a91349e975c610f132307
38ea399f40d366fe7bde2a04f366f868e330162bc66ffe9297f3dbd7f155a35b
3c794ed9998df8cdf623077dcf9df6523be8080fb2bfd82a61d5ab391ee58c02
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ea062b831fa79154f29111db7dacea9022312a74999f48f2683e7e4593e584c
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
3f6758d7a8dbd6b8b93c93111fccee2a5ca51307b5ac29d3e3b9000d9c178fe6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40c25421743245455084f065c93d00b19bad8276f22bce954b38361c780cb858
4821d14560854417197a31f299d6192f5c873b7f351d9d6aae2a39dfacdd3e5e
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b6c4d20965adeb53fff13a1252136dbe0651c2df340e455bd55abec4ae9c4c0
5bb6f14413a952b3a5d38f5dc54aa412f6d5e681941315f3d259a816e14b673d
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e
675ffad027ec1c970739302ed148b46723934abc4ff4caf213b2298e0f7b5568
6b4f6fc313de646e2e6b3cc67faa8f908a68d3a0852601a07b672d09cfe33ff2
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c1a1c4fed3201ea5d4366e36b0fd408c184d144d9cc331531f7d66f8c5262d9
6cf9fed1f050b9b04b0e7c03f057371067643d4305ec435828a6b5691279d602
6f3531a812431a1af69491fa1d62776a9793468ae152cc0c2ead142d5403d9ef
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
745217f429eae8b2dd2cb31fc28cbce66da4a0d320b5e0c7046f04dae484b438
76d1ddd14c4d32fcc4d193531add5880de5016dfe6ffe8e1aa3a56a878840c16
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79adb06156981edf970906f4b58de08a62fad5dc27fff7dcfeaa63451ada1193
7d53564de55531407e315437d68d3dc4d597d770c64726366fabb575627b15ca
8019a99e09d753b455ee70ce5408c4a2180c2b94d75ea00144a65fb8666d9e71
8a8ed20b87bf1c9b28d7692df23bcffcef31457cbe653e2dd794e890b5dfc842
8b1551c4eae74dcd8eb23a751b27365c5eb71fa48dda0ab1d14f6f96ec4842df
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4
94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
9d3631b5ddd7e057f2167921ac1b79fe3c879cc7e62f9ec5b6ebbfa076b57cb9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a18e673aad197607e62f08c8c618bfd799f4ac030385bc35508a21f4c2b6a35a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a8f9dde39bcd499f9f82c524934422a6e4b5095ed9322cf9b5a3aa350c4d1140
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aad2b6d960df65a46563c335ca5dbf6f4da009ef0c0e3c6728d7c3173958349f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d
b277a4f2a04be505dc123a234b3a6b73f85ed9a7669b3df3335540ab4233d3ee
b33dbf1c54ec38bb895f8d45424be11679419437c3cef858bded94ac12754c74
b623365a67a8f4c7afef1df1d8b65e2717c7e6d0771906d071e50e182e6d8ad4
b636070da04b0bb4088418783006421f638b18cbe55e5ab1f2ecb999edf5cc3d
b8a2bd0a81fb9403de15cf78d9b4e57b3c6ab1673c687d9e02b46638fa8ec2a7
b8b03cea53d1ea314553bb1b72c22ee5d1dae5724040bd02ee69d3b86ac92ee5
bac4ea004d72c2f74cb64b16cdd796cc3ef932c7c937487453bcb636d64bdcdd
bf0b78bff50bbd7d4309766a88f74f6b631c2ef34c55428b9118738eef2d26be
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2f0e1813262877b0e01347e14b0a741a6ef7834e67193c5c8a9de11fe071f1b
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c7fa0ebeeba4b91ea8adbf5952df79c442023c4c608f1942897a3dbaaba490cf
c81c35f7ebce8ed7c2aaf47c987bbff0e1b817e7f67c533539f1400795cf748a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccc11bdcf2f2bb08bdaa93ec93c9b89ac844eba6d2742d22f72d6d91e415b54c
cdeb7371a550d8cee6270f71eb85376733612fa7db7cb66f89bab1f2995dc094
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0aab1b042af66357b42508b129bcf0b242b6f6e492bb1ab23287929177c78aa
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d46a5ed5ec73c55f1d7cad5f7e77070e4af65909fedabf85ada126718e419b00
d654f59df92472abf0e98b1dd24276dd2452e98216f44d2450b103370ad1d215
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
dfc1f483fa420d54784871a635f349df9b8f4ceb807c63d664e5c81fa1305b22
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9aa8fd80224b3809e18bbeee38bcbb490699e03ad349dea0c9845ba276d157c
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eecfda8b8a06de40fa1857fc81abe01c45ffdd698de0b0e3eb01b78d3d6df257
f71baa5af0d781a33c33a7391eb888c51083c974a608b7d11a10f7fa6e68ef8f
f9716b127a75c050c3255fa967732faf807d14bcbb1d2d15c1fa0ac97feb8107
fbeb557ed3adb88cb4959afa9fa10a9f973efa2578545aac5ba212ebc73f7522
fdc25f117137a962cc2e4a122e7ab62d29ae301d6838b4edf137990e759bd3d8
fe5fd6cadb6e646f75c8e03830cdb8c11f8c4e6d773633cf4e38e10181560e09

taraftarium24.blogfree.net Open in urlscan Pro 195.201.63.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

141 Requests

99 %HTTPS

27 %IPv6

32 Domains

64 Subdomains

44 IPs

10 Countries

2452 kBTransfer

4918 kBSize

17 Cookies

22 Outgoing links

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

taraftarium24.blogfree.net Open in urlscan Pro
195.201.63.185 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

99 %
HTTPS

27 %
IPv6

32
Domains

64
Subdomains

44
IPs

10
Countries

2452 kB
Transfer

4918 kB
Size

17
Cookies

141 HTTP transactions
9 data transactions