urlscan.io logo urlscan.io
SecurityTrails logo

arsiv.payyor.net Open in urlscan Pro
176.53.35.152  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.payyor.net/
Effective URL: https://arsiv.payyor.net/
Submission: On December 29 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 45 HTTP transactions. The main IP is 176.53.35.152, located in Turkey and belongs to RADORE, TR. The main domain is arsiv.payyor.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 15th 2020. Valid for: 3 months.
This is the only time arsiv.payyor.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    176.53.35.152 (Turkey)

ASN42926 (RADORE, TR)
PTR: 1527qmof7.guzel.net.tr
www.payyor.net
arsiv.payyor.net
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
4    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
1    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
6    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
ssl.gstatic.com
1    2a00:1450:4001:81f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    18.206.249.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-249-150.compute-1.amazonaws.com
stats.pusher.com
Domain Requested by
13 arsiv.payyor.net arsiv.payyor.net
5 ssl.gstatic.com arsiv.payyor.net
5 pagead2.googlesyndication.com arsiv.payyor.net
pagead2.googlesyndication.com
4 apis.google.com arsiv.payyor.net
apis.google.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.youtube.com apis.google.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.jsdelivr.net arsiv.payyor.net
1 stats.pusher.com cdn.jsdelivr.net
1 accounts.google.com apis.google.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com arsiv.payyor.net
1 www.payyor.net 1 redirects
45 17

This site contains no links.

Subject Issuer Validity Valid
arsiv.payyor.net
Let's Encrypt Authority X3		 2020-11-15 -
2021-02-13		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
accounts.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.pusher.com
Gandi Standard SSL CA 2		 2020-01-09 -
2021-04-21		 a year crt.sh

This page contains 8 frames:

Primary Page: https://arsiv.payyor.net/
Frame ID: EECEC81ED6A11FED05A3CFE28503E2C5
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 43A6BD4E30906A0A242D94C24F451952
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2251910417245959&output=html&adk=1812271804&adf=3025194257&lmt=1609243025&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Farsiv.payyor.net%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609243025232&bpp=11&bdt=509&idt=80&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1851991172036&frm=20&pv=2&ga_vid=1398422393.1609243025&ga_sid=1609243025&ga_hid=1169484848&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C42530671%2C21068945&oid=3&pvsid=1415181740814619&pem=12&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=100
Frame ID: 00DDCDA71D0140DBF29AFE09055469CE
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCMCGO8aBIjA6lJ5Qhwa2rKQ&layout=default&count=default&origin=https%3A%2F%2Farsiv.payyor.net&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Frame ID: 35ED7C72FE8130949D916A7C428E783A
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Farsiv.payyor.net&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Frame ID: A300B856C7476AE2A0BC1AE4DA07F445
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCMCGO8aBIjA6lJ5Qhwa2rKQ&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Frame ID: 7B3664A5008B24A773D8E7160D8B43FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
Frame ID: 6BB0A476F8F04DFF1538B51F0F34CD8C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 9680F4DBC87D1903AF2F7E76E11BEAB9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.payyor.net/ HTTP 301
    https://arsiv.payyor.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • script /react.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

45
Requests

100 %
HTTPS

80 %
IPv6

12
Domains

17
Subdomains

15
IPs

4
Countries

1396 kB
Transfer

3984 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.payyor.net/ HTTP 301
    https://arsiv.payyor.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
arsiv.payyor.net/
Redirect Chain
  • https://www.payyor.net/
  • https://arsiv.payyor.net/
77 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
1527qmof7.guzel.net.tr
Software
LiteSpeed / PHP/7.4.10
Resource Hash
0ebdda905be23819219d6bb2b833990a8ba7373007878c5b2b8cd2bfd0f7d496

Request headers

:method
GET
:authority
arsiv.payyor.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-powered-by
PHP/7.4.10
content-type
text/html; charset=utf-8
x-csrf-token
NMrqXNERzVXPMirgXxUu6CjTUkWjdYR9gRAWd3l4
set-cookie
flarum_session=3mRvchwdFD8WABKwuwWRnsdCrBEKA6vhcuuUy3QQ; Path=/; Expires=Tue, 29 Dec 2020 13:57:03 GMT; Max-Age=7200; Secure; HttpOnly
cache-control
public, max-age=0
expires
Tue, 29 Dec 2020 11:57:03 GMT
content-encoding
br
vary
Accept-Encoding
date
Tue, 29 Dec 2020 11:57:03 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

Redirect headers

content-type
text/html
content-length
706
date
Tue, 29 Dec 2020 11:57:02 GMT
server
LiteSpeed
location
https://arsiv.payyor.net/
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
forum-459e8a21.css
arsiv.payyor.net/assets/ 		179 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://arsiv.payyor.net/assets/forum-459e8a21.css
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
1527qmof7.guzel.net.tr
Software
LiteSpeed /
Resource Hash
5a32e305672f591ff96d39b0d7dcb2e30f37bb9205ee2fce10bdcd1757debf45

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:03 GMT
content-encoding
br
last-modified
Sat, 07 Nov 2020 19:45:32 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
33369
expires
Wed, 29 Dec 2021 11:57:03 GMT
katex.min.css
arsiv.payyor.net/assets/extensions/the-turk-mathren/ 		22 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://arsiv.payyor.net/assets/extensions/the-turk-mathren/katex.min.css
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
1527qmof7.guzel.net.tr
Software
LiteSpeed /
Resource Hash
57c495d8c3b51546fadc1c21b795b1f71e8f54735ad3682ff01807fee1f7ba78

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:03 GMT
content-encoding
br
last-modified
Fri, 18 Sep 2020 04:23:49 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2835
expires
Wed, 29 Dec 2021 11:57:03 GMT
css2
fonts.googleapis.com/ 		5 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Manrope:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35713bc24b1ec8cc88be62d7b8a0119ef159dc44bdd2ea99ccca3d5ae1ef19c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Dec 2020 11:57:04 GMT
server
ESF
date
Tue, 29 Dec 2020 11:57:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Dec 2020 11:57:04 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47107
x-xss-protection
0
server
cafe
etag
13290078405355148527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Dec 2020 11:57:04 GMT
logo-znqb1l7p.png
arsiv.payyor.net/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arsiv.payyor.net/assets/logo-znqb1l7p.png
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
1527qmof7.guzel.net.tr
Software
LiteSpeed /
Resource Hash
6ec474b8912beef6b1ea434647e517d8a6c0714a885a0cb28a11b3622baf0c16

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:03 GMT
last-modified
Mon, 30 Nov 2020 14:54:32 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
2382
expires
Thu, 28 Jan 2021 11:57:03 GMT
platform.js
apis.google.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc2be4452bc4692f8217c936cda931f78a8c10a33220e161fa3dd63ddba32603
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ic/1uS7EAUPAoQ0I6eHefQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"aac26683f8ed075f1fb9d0835ec9584c"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-ic/1uS7EAUPAoQ0I6eHefQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Tue, 29 Dec 2020 11:57:04 GMT
forum-13637ee7.js
arsiv.payyor.net/assets/ 		2 MB
788 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arsiv.payyor.net/assets/forum-13637ee7.js
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
1527qmof7.guzel.net.tr
Software
LiteSpeed /
Resource Hash
456495141dba0f5b8551364409e88315f765203e60003c40128ad391c52eb90b

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:03 GMT
content-encoding
br
last-modified
Sat, 07 Nov 2020 19:45:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
805930
expires
Wed, 29 Dec 2021 11:57:03 GMT
forum-tr-4017e510.js
arsiv.payyor.net/assets/ 		47 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arsiv.payyor.net/assets/forum-tr-4017e510.js
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
1527qmof7.guzel.net.tr
Software
LiteSpeed /
Resource Hash
62895871b5acd5a5018cba6ec6362fc6ec209cf8aa2a93249562bca366a63668

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:03 GMT
content-encoding
br
last-modified
Sat, 07 Nov 2020 19:45:31 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10323
expires
Wed, 29 Dec 2021 11:57:03 GMT
flatpickr.min.css
cdn.jsdelivr.net/npm/flatpickr@4.6.1/dist/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/flatpickr@4.6.1/dist/flatpickr.min.css
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/assets/forum-459e8a21.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa86d2781d5ac24e2b47dec8545bcbd9521b82e1a7ef8ab0794dc0357889d3a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://arsiv.payyor.net/assets/forum-459e8a21.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
3447066
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3015
etag
W/"3e63-AfLQblVhX0wOBQz9RtQClfC3IZU"
x-served-by
cache-fra19154-FRA
date
Tue, 29 Dec 2020 11:57:05 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
xn7gYHE41ni1AdIRggexSvfedN4.woff2
fonts.gstatic.com/s/manrope/v3/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/manrope/v3/xn7gYHE41ni1AdIRggexSvfedN4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd526b51031d2617b3a4c81b9564f28a8d1a676cc3b6f2ef475cb66a6749a676
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://arsiv.payyor.net
Referer
https://fonts.googleapis.com/css2?family=Manrope:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 09:53:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 25 Jun 2020 22:20:46 GMT
server
sffe
age
525787
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22552
x-xss-protection
0
expires
Thu, 23 Dec 2021 09:53:58 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 		234 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2251910417245959&plah=arsiv.payyor.net&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b6b975bd4630bc5d6e825c009212b09810f07ed7159bcee6df5568b0a49173e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
89528
x-xss-protection
0
server
cafe
etag
1324544567662719642
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 29 Dec 2020 11:57:05 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 43A6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201203/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://arsiv.payyor.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://arsiv.payyor.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 29 Dec 2020 09:58:13 GMT
expires
Tue, 12 Jan 2021 09:58:13 GMT
content-type
text/html; charset=UTF-8
etag
10723747146953794269
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4923
x-xss-protection
0
cache-control
public, max-age=1209600
age
7132
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		200 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=arsiv.payyor.net&callback=_gfp_s_&client=ca-pub-2251910417245959
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2251910417245959&plah=arsiv.payyor.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
550ff2240ef720f43649ed8bbfad9d8849fa416cb13c855fbc89e1f23d3ba143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=arsiv.payyor.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2251910417245959&plah=arsiv.payyor.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Dec 2020 11:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.payyor.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2251910417245959&plah=arsiv.payyor.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Dec 2020 11:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 00DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2251910417245959&output=html&adk=1812271804&adf=3025194257&lmt=1609243025&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Farsiv.payyor.net%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609243025232&bpp=11&bdt=509&idt=80&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1851991172036&frm=20&pv=2&ga_vid=1398422393.1609243025&ga_sid=1609243025&ga_hid=1169484848&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C42530671%2C21068945&oid=3&pvsid=1415181740814619&pem=12&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2251910417245959&plah=arsiv.payyor.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2251910417245959&output=html&adk=1812271804&adf=3025194257&lmt=1609243025&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Farsiv.payyor.net%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609243025232&bpp=11&bdt=509&idt=80&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1851991172036&frm=20&pv=2&ga_vid=1398422393.1609243025&ga_sid=1609243025&ga_hid=1169484848&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C42530671%2C21068945&oid=3&pvsid=1415181740814619&pem=12&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=100
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://arsiv.payyor.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://arsiv.payyor.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 29 Dec 2020 11:57:05 GMT
server
cafe
content-length
39514
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 29-Dec-2020 12:12:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 29 Dec 2020 11:57:05 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2251910417245959&plah=arsiv.payyor.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607690616793149"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28334
x-xss-protection
0
expires
Tue, 29 Dec 2020 11:57:05 GMT
pusher.min.js
cdn.jsdelivr.net/npm/pusher-js@3.0.0/dist/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/pusher-js@3.0.0/dist/pusher.min.js?_=1609243025469
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/assets/forum-13637ee7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
24135d778329677664a6cad9b0abac537f5a787aeb68bb0b7f9c50b65c750678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
748535
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
12683
etag
W/"b636-sygdsLEdK1M1hnKaWWBRmD1iGKo"
x-served-by
cache-fra19154-FRA
date
Tue, 29 Dec 2020 11:57:05 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ 		114 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70e50fc5492fa0a2620ef0a436aa20624185f19cb213e9657b3e2cf5228be3e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 11:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Nov 2020 17:03:00 GMT
server
sffe
age
348588
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41205
x-xss-protection
0
expires
Sat, 25 Dec 2021 11:07:17 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f30270779557fab3b4aa8c7f1a72e38452e4c2ca36b0f65262b4567abbba1e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Dec 2020 13:51:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Nov 2020 17:03:00 GMT
server
sffe
age
425108
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41561
x-xss-protection
0
expires
Fri, 24 Dec 2021 13:51:57 GMT
subscribe_embed
www.youtube.com/ Frame 35ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCMCGO8aBIjA6lJ5Qhwa2rKQ&layout=default&count=default&origin=https%3A%2F%2Farsiv.payyor.net&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/subscribe_embed?usegapi=1&channelid=UCMCGO8aBIjA6lJ5Qhwa2rKQ&layout=default&count=default&origin=https%3A%2F%2Farsiv.payyor.net&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://arsiv.payyor.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://arsiv.payyor.net/

Response headers

cache-control
no-cache
content-length
1640
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-type
text/html; charset=utf-8
date
Tue, 29 Dec 2020 11:57:05 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
GPS=1; path=/; domain=.youtube.com; expires=Tue, 29-Dec-2020 12:27:05 GMT YSC=TIqVw5JACew; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=gGTEijBcs4I; path=/; domain=.youtube.com; secure; expires=Sun, 27-Jun-2021 11:57:05 GMT; httponly; samesite=None
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fa-solid-900.woff2
arsiv.payyor.net/assets/fonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://arsiv.payyor.net/assets/fonts/fa-solid-900.woff2
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/assets/forum-459e8a21.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
1527qmof7.guzel.net.tr
Software
LiteSpeed /
Resource Hash
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Request headers

Origin
https://arsiv.payyor.net
Referer
https://arsiv.payyor.net/assets/forum-459e8a21.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:04 GMT
last-modified
Fri, 18 Sep 2020 04:23:49 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
76120
expires
Thu, 28 Jan 2021 11:57:04 GMT
xn7gYHE41ni1AdIRggmxSvfedN62Zw.woff2
fonts.gstatic.com/s/manrope/v3/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/manrope/v3/xn7gYHE41ni1AdIRggmxSvfedN62Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d612102572453c2199725d690e42382370ad4e11ba0fce90c329b630421db315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://arsiv.payyor.net
Referer
https://fonts.googleapis.com/css2?family=Manrope:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 04:20:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 25 Jun 2020 22:20:52 GMT
server
sffe
age
372967
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14324
x-xss-protection
0
expires
Sat, 25 Dec 2021 04:20:58 GMT
fa-regular-400.woff2
arsiv.payyor.net/assets/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://arsiv.payyor.net/assets/fonts/fa-regular-400.woff2
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/assets/forum-459e8a21.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
1527qmof7.guzel.net.tr
Software
LiteSpeed /
Resource Hash
093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a

Request headers

Origin
https://arsiv.payyor.net
Referer
https://arsiv.payyor.net/assets/forum-459e8a21.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:04 GMT
last-modified
Fri, 18 Sep 2020 04:23:49 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
13600
expires
Thu, 28 Jan 2021 11:57:04 GMT
rQ0ZCTtOM4N8bgKg.png
arsiv.payyor.net/assets/avatars/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arsiv.payyor.net/assets/avatars/rQ0ZCTtOM4N8bgKg.png
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
1527qmof7.guzel.net.tr
Software
LiteSpeed /
Resource Hash
9d4b1e039ba8280e4f65243f299e5ef54053c88f38a2f34eb3a56e00f9baace5

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:04 GMT
last-modified
Sat, 07 Nov 2020 19:45:46 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
11036
expires
Thu, 28 Jan 2021 11:57:04 GMT
xHWyUaHs8Warnlwp.png
arsiv.payyor.net/assets/avatars/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arsiv.payyor.net/assets/avatars/xHWyUaHs8Warnlwp.png
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
1527qmof7.guzel.net.tr
Software
LiteSpeed /
Resource Hash
01f9cc31c13b501d7dfd672f1efbe8eb02b67810b1b94624dbea63a00bf7b470

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:04 GMT
last-modified
Fri, 18 Sep 2020 04:23:49 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
23580
expires
Thu, 28 Jan 2021 11:57:04 GMT
KyOf2PDA5UuOXsgh.png
arsiv.payyor.net/assets/avatars/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arsiv.payyor.net/assets/avatars/KyOf2PDA5UuOXsgh.png
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
1527qmof7.guzel.net.tr
Software
LiteSpeed /
Resource Hash
75ea2afcd2f31f1dc04b0baa2f458366472b0c1cc5732d78cbfe04704024cff7

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:04 GMT
last-modified
Fri, 18 Sep 2020 04:23:49 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
22348
expires
Thu, 28 Jan 2021 11:57:04 GMT
mdrH3ItxXsOHjVqL.png
arsiv.payyor.net/assets/avatars/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arsiv.payyor.net/assets/avatars/mdrH3ItxXsOHjVqL.png
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
1527qmof7.guzel.net.tr
Software
LiteSpeed /
Resource Hash
140c010da1210224f8a501684f4c3fdcb4b5f672ac22774545772f5d0fc44b69

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:04 GMT
last-modified
Fri, 18 Sep 2020 04:23:49 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
2291
expires
Thu, 28 Jan 2021 11:57:04 GMT
HhcskSwh8RUibn8F.png
arsiv.payyor.net/assets/avatars/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arsiv.payyor.net/assets/avatars/HhcskSwh8RUibn8F.png
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
1527qmof7.guzel.net.tr
Software
LiteSpeed /
Resource Hash
7c7368b9bc89727049b8b01ef34a621c01a7566109d67558e18eebbf41c0f125

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:04 GMT
last-modified
Fri, 18 Sep 2020 04:23:49 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
8532
expires
Thu, 28 Jan 2021 11:57:04 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame A300 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Farsiv.payyor.net&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-234HwlROax10RMTWluDb3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Farsiv.payyor.net&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://arsiv.payyor.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=205=BUOanv7bFvUxuJr3jaYAP8u-2665dMBElCljXMkqkIMRshVtoYo61hYb7Pno9B6Yl3L4-_dkBxM9VlWFGhW0q3PxIoW51wW_w34_z7IhYFRW_MCmeodgfd0p86M8JAsAtjB2e-Q42zuOqTgkh5teHM1KajPt3-uM0ftkH2emfpw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://arsiv.payyor.net/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 29 Dec 2020 11:57:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-234HwlROax10RMTWluDb3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cb=gapi.loaded_2
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_2
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e959979b72f47e592117c294589024dfb51a85d0fa935265d5adca205bb427a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Dec 2020 13:51:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Nov 2020 17:03:00 GMT
server
sffe
age
425107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9271
x-xss-protection
0
expires
Fri, 24 Dec 2021 13:51:58 GMT
subscribe_embed
www.youtube.com/ Frame 7B36 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCMCGO8aBIjA6lJ5Qhwa2rKQ&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/subscribe_embed?action_card=1&channelid=UCMCGO8aBIjA6lJ5Qhwa2rKQ&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://arsiv.payyor.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=TIqVw5JACew; VISITOR_INFO1_LIVE=gGTEijBcs4I
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://arsiv.payyor.net/

Response headers

expires
Tue, 27 Apr 1971 19:44:06 GMT
content-type
text/html; charset=utf-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security
max-age=31536000
cache-control
no-cache
x-content-type-options
nosniff
content-encoding
br
content-length
327
date
Tue, 29 Dec 2020 11:57:05 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
GPS=1; path=/; domain=.youtube.com; expires=Tue, 29-Dec-2020 12:27:05 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Dec 2020 21:39:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
397032
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 24 Dec 2021 21:39:53 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 23:01:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
46531
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 28 Dec 2021 23:01:34 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		318 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 16:51:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
587152
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Wed, 22 Dec 2021 16:51:13 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		116 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 18:34:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
494527
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
expires
Thu, 23 Dec 2021 18:34:58 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		117 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: arsiv.payyor.net
URL: https://arsiv.payyor.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 05:48:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
367700
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
expires
Sat, 25 Dec 2021 05:48:45 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2251910417245959&plah=arsiv.payyor.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3b0e1ed6cb79ccf93702fd66f2371d4f73de62937c237270b7d70f25300bda1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
53263
x-xss-protection
0
server
cafe
etag
8848748755015014073
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Dec 2020 11:57:05 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 6BB0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2251910417245959&plah=arsiv.payyor.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://arsiv.payyor.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://arsiv.payyor.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 28 Dec 2020 18:46:21 GMT
expires
Mon, 11 Jan 2021 18:46:21 GMT
content-type
text/html; charset=UTF-8
etag
10723747146953794269
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4923
x-xss-protection
0
age
61844
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2251910417245959&plah=arsiv.payyor.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6535203d47a681f2ceaa72c5d8c142aad13ee97f278ee21f0bfb8acd61c0e18e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Dec 2020 11:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6333
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2251910417245959&plah=arsiv.payyor.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 11:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Tue, 29 Dec 2020 11:57:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 9680 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://arsiv.payyor.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://arsiv.payyor.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Tue, 29 Dec 2020 11:27:05 GMT
expires
Wed, 29 Dec 2021 11:27:05 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1801
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1
stats.pusher.com/timeline/v2/jsonp/ 		80 B
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.pusher.com/timeline/v2/jsonp/1?session=NTM5MjU0MzE%3D&bundle=MQ%3D%3D&key=NmEzNTViNGE3ODI1YTc5OTFlYjc%3D&lib=anM%3D&version=My4wLjA%3D&cluster=bXQx&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE2MDkyNDMwMjU3NjJ9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNjA5MjQzMDI1NzYyfSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNjA5MjQzMDI1NzYyfSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTYwOTI0MzAyNTc2Mn0seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTYwOTI0MzAyNTc2M30seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTYwOTI0MzAyNjE2N30seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiIzMDc0NjQuMTU4MTI4NzAifSwidGltZXN0YW1wIjoxNjA5MjQzMDI2MTY4fV0%3D
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/pusher-js@3.0.0/dist/pusher.min.js?_=1609243025469
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.249.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-249-150.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8342679192f698b3f9636dd0dd00fa309d2cf3c404ca8e03fa9339c078eb787b

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 29 Dec 2020 11:57:06 GMT
Server
nginx
Connection
close
Content-Length
80
Content-Type
application/javascript
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=1415181740814619&bg=!JySlJATNAAXKjztBylg1ahPUkTE0JAIAAACKUgAAAApoAQcKASXaaTo8UTV7ZkN_HHQFyp5FRM6qj1lS7QHuYV_okWKpG7fsMmtWmTyO2ykMnsrGVb7uf8tkZpc4IJztIrLSfusEnd3ZnlG-TUhhuNKQ-PICqYqF-HQSv5u8tXjKVOv7Uba-KVlu_EXclALeUoITKFKokbcdxtfarHLQrPd4TCspTgypLSp9Vkf0HFlPEHW_nCrvnDEnvqIHqsZJGBED1fF6l8DqMi1iYgqKzSfYSeKYQQDrZlxzYnF-3imlcwpX-ck96bHPgnIi0vShGDUai90d5vWlN0nsfeTN6XPa6Kb7iIa1U1JalCdXWj_7V5R-UHMZwX192vQYCk7Swi1pMYhYopelc5Ib3xyNERJNuZvsd1IsvK9ALgaVjZQe6PTi-NWQIUpBCZkBuXbEOHxNYS1cx6cbzH0JCzGylUVj5mI-G6K9UpERK6nyayJzrAcG3-4DDKTJuAlrxh2-EpRVzsMUQFL2TwEZxULuFQVaH5W8X0UjpPmq86ONV-ijlJJv4tZLcVhEhJL7sKAyuPBzOx6ZydDxNWMF8FLyvtyR-Pn3Tuc6Kw5IBvr0T47nJ2NgwitcFFgYMFEci0GeekGNLp_8b1HLrMjtF--Af_q7jBksB1hhcFHwn9VnVovxGliGi_ZD8L7n0pRsms3htmUE9juq2hL0xwTmcOGJ3JOoj1_ZpC7OjhHW0K8o5cRoLNWJ-8f6_wFTLRe97F2sfRzzob3toKr-eu5tvqYVbyh01nINs_Ix39urlIhYvufWgtr81-zsCryLYTn-SZ79XnJPA64Mo1vIv76uTvDEwVS143I4ENO8lu_uYEd0sNl2xd2ArmpxNwBBDhIz-Pmjylppzea33zA1nKGFKl1MoLsCsI5dHz7-Ls9BCGJ8ws-SkjfBvprtQmF2vkEozJYOVV6N3pqbZTTMFSodv2UH9tT-xRVLLy7X_Rk6hWxyeChgGtFscCnmz57--UIweHuSPc9ohI3gZQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arsiv.payyor.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Dec 2020 11:57:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| gapi object| ___jsl object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| flarum function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| module function| jQuery function| $ function| m function| moment object| punycode function| ColorThief object| app object| s9e object| regeneratorRuntime function| flatpickr undefined| error function| Pusher object| gadgets object| osapi object| iframer object| __gapi_jstiming__ object| oauth2 object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| google_llp number| google_lpabyc number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 205=BUOanv7bFvUxuJr3jaYAP8u-2665dMBElCljXMkqkIMRshVtoYo61hYb7Pno9B6Yl3L4-_dkBxM9VlWFGhW0q3PxIoW51wW_w34_z7IhYFRW_MCmeodgfd0p86M8JAsAtjB2e-Q42zuOqTgkh5teHM1KajPt3-uM0ftkH2emfpw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: gGTEijBcs4I
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.youtube.com/ Name: YSC
Value: TIqVw5JACew
.payyor.net/ Name: __gads
Value: ID=ac7d7b08cf3128be-22b4374976b90008:T=1609243025:RT=1609243025:S=ALNI_MbQasVuvj9H-WkG1TXiuyBiv_Pdcw
arsiv.payyor.net/ Name: flarum_session
Value: 3mRvchwdFD8WABKwuwWRnsdCrBEKA6vhcuuUy3QQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
arsiv.payyor.net
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
ssl.gstatic.com
stats.pusher.com
tpc.googlesyndication.com
www.googletagservices.com
www.payyor.net
www.youtube.com
172.217.23.98
176.53.35.152
18.206.249.150
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:817::200e
2a00:1450:4001:818::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2001
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::200d
2a00:1450:4001:821::200e
2a00:1450:4001:825::2003
2a04:4e42:3::621
01f9cc31c13b501d7dfd672f1efbe8eb02b67810b1b94624dbea63a00bf7b470
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a
0ebdda905be23819219d6bb2b833990a8ba7373007878c5b2b8cd2bfd0f7d496
140c010da1210224f8a501684f4c3fdcb4b5f672ac22774545772f5d0fc44b69
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
24135d778329677664a6cad9b0abac537f5a787aeb68bb0b7f9c50b65c750678
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
35713bc24b1ec8cc88be62d7b8a0119ef159dc44bdd2ea99ccca3d5ae1ef19c5
456495141dba0f5b8551364409e88315f765203e60003c40128ad391c52eb90b
4b6b975bd4630bc5d6e825c009212b09810f07ed7159bcee6df5568b0a49173e
550ff2240ef720f43649ed8bbfad9d8849fa416cb13c855fbc89e1f23d3ba143
57c495d8c3b51546fadc1c21b795b1f71e8f54735ad3682ff01807fee1f7ba78
5a32e305672f591ff96d39b0d7dcb2e30f37bb9205ee2fce10bdcd1757debf45
62895871b5acd5a5018cba6ec6362fc6ec209cf8aa2a93249562bca366a63668
6535203d47a681f2ceaa72c5d8c142aad13ee97f278ee21f0bfb8acd61c0e18e
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6ec474b8912beef6b1ea434647e517d8a6c0714a885a0cb28a11b3622baf0c16
70e50fc5492fa0a2620ef0a436aa20624185f19cb213e9657b3e2cf5228be3e5
75ea2afcd2f31f1dc04b0baa2f458366472b0c1cc5732d78cbfe04704024cff7
7c7368b9bc89727049b8b01ef34a621c01a7566109d67558e18eebbf41c0f125
7f30270779557fab3b4aa8c7f1a72e38452e4c2ca36b0f65262b4567abbba1e3
8342679192f698b3f9636dd0dd00fa309d2cf3c404ca8e03fa9339c078eb787b
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9d4b1e039ba8280e4f65243f299e5ef54053c88f38a2f34eb3a56e00f9baace5
aa86d2781d5ac24e2b47dec8545bcbd9521b82e1a7ef8ab0794dc0357889d3a1
bc2be4452bc4692f8217c936cda931f78a8c10a33220e161fa3dd63ddba32603
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
d612102572453c2199725d690e42382370ad4e11ba0fce90c329b630421db315
dd526b51031d2617b3a4c81b9564f28a8d1a676cc3b6f2ef475cb66a6749a676
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e959979b72f47e592117c294589024dfb51a85d0fa935265d5adca205bb427a4
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
f3b0e1ed6cb79ccf93702fd66f2371d4f73de62937c237270b7d70f25300bda1