www.clomid24.com Open in urlscan Pro
2606:4700:3031::ac43:8fbf Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tadalafil247.com/
Effective URL:
http://www.clomid24.com/
Submission Tags: tranco_l324
Submission: On November 21 via api (November 21st 2021, 11:03:02 am UTC) from DE — Scanned from DE

Summary HTTP 158 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 53 IPs in 10 countries across 76 domains to perform 158 HTTP transactions. The main IP is 2606:4700:3031::ac43:8fbf, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.clomid24.com.

This is the only time www.clomid24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::6815:16cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3032::6815:5144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3037::ac43:b2c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3030::ac43:d36d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3032::ac43:825e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3033::6815:d39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::ac43:8fbf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
14	142.250.185.193 142.250.185.193	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3036::6815:4ad0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.137 142.250.185.137	15169 (GOOGLE) (GOOGLE)
12 12	2606:4700:20:... 2606:4700:20::681a:170	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700:303... 2606:4700:3033::ac43:befc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
5	158.69.139.225 158.69.139.225	16276 (OVH) (OVH)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
3	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
2	13.225.78.44 13.225.78.44	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.66.112.41 18.66.112.41	16509 (AMAZON-02) (AMAZON-02)
2	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST)
6	13.225.78.47 13.225.78.47	16509 (AMAZON-02) (AMAZON-02)
2	159.203.161.83 159.203.161.83	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	104.79.88.178 104.79.88.178	16625 (AKAMAI-AS) (AKAMAI-AS)
6 7	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
4 5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
6 26	52.215.102.174 52.215.102.174	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	104.18.29.199 104.18.29.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
16	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
1	143.204.98.3 143.204.98.3	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
3 3	54.194.211.3 54.194.211.3	16509 (AMAZON-02) (AMAZON-02)
4 4	52.211.70.246 52.211.70.246	16509 (AMAZON-02) (AMAZON-02)
1	52.29.0.64 52.29.0.64	16509 (AMAZON-02) (AMAZON-02)
1	52.19.142.33 52.19.142.33	16509 (AMAZON-02) (AMAZON-02)
2 3	18.169.90.17 18.169.90.17	16509 (AMAZON-02) (AMAZON-02)
1	52.208.138.90 52.208.138.90	16509 (AMAZON-02) (AMAZON-02)
1 1	54.87.192.123 54.87.192.123	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2a05:d018:24:... 2a05:d018:24:b002:2591:850:d183:b9b4	16509 (AMAZON-02) (AMAZON-02)
1 1	199.127.207.188 199.127.207.188	26120 (RHYTHMONE) (RHYTHMONE)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
3 3	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.36.172.109 54.36.172.109	16276 (OVH) (OVH)
2 2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	141.95.3.10 141.95.3.10	16276 (OVH) (OVH)
1	3.215.242.19 3.215.242.19	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1 1	52.45.122.28 52.45.122.28	14618 (AMAZON-AES) (AMAZON-AES)
1	104.16.112.154 104.16.112.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	51.144.7.192 51.144.7.192	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
5 5	34.232.235.22 34.232.235.22	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.196.159.27 18.196.159.27	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1 2	193.232.148.140 193.232.148.140	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
1	63.251.14.14 63.251.14.14	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
1	173.231.181.122 173.231.181.122	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.58.94.171 52.58.94.171	16509 (AMAZON-02) (AMAZON-02)
158	53

1 2606:4700:3034::6815:16cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tadalafil247.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:5144 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.augmentinamoxicillin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:b2c5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.mmfftz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:d36d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.escitalopramex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:825e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.lexapro-generic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:d39 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.propeciafromcanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:8fbf (United States)

ASN13335 (CLOUDFLARENET, US)

www.clomid24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.75.88.126 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:4ad0 (United States)

ASN13335 (CLOUDFLARENET, US)

upload.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.137 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:170 (United States) 12 redirects

ASN13335 (CLOUDFLARENET, US)

git.player25.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3033::ac43:befc (United States)

ASN13335 (CLOUDFLARENET, US)

inanamiyorumhalaburdasin.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 158.69.139.225 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip225.ip-158-69-139.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-44.fra2.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.94.86 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.78.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-47.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.203.161.83 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: lb4.ny1.dtscdn.com

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.79.88.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-178.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.79.83.225 (Beauharnois, Canada) 6 redirects

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 52.215.102.174 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:1857 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.29.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-3.fra50.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.211.3 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-211-3.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.211.70.246 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-70-246.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.142.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.169.90.17 (London, United Kingdom) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-90-17.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.138.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.192.123 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-192-123.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:2591:850:d183:b9b4 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.188 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt-secure.videohub.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.242 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.172.109 (France)

ASN16276 (OVH, FR)
PTR: pl01.roqad.pl

wt.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.3.10 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: p31.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.242.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-242-19.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.122.28 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-122-28.compute-1.amazonaws.com

pixel.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.112.154 (None, )

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.87 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.232.235.22 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-235-22.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.159.27 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.140 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp1.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.14.14 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.94.171 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-94-171.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	crwdcntrl.net 6 redirects tags.crwdcntrl.net sync.crwdcntrl.net bcp.crwdcntrl.net	47 KB
18	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	17 KB
15	inanamiyorumhalaburdasin.cloud inanamiyorumhalaburdasin.cloud	1 MB
14	blogspot.com 4.bp.blogspot.com 3.bp.blogspot.com 1.bp.blogspot.com 2.bp.blogspot.com	10 MB
12	player25.xyz 12 redirects git.player25.xyz	9 KB
8	gstatic.com fonts.gstatic.com	56 KB
8	addthis.com 1 redirects s7.addthis.com m.addthis.com api-public.addthis.com	218 KB
7	onaudience.com 6 redirects pixel.onaudience.com	3 KB
6	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com onetag-geo-grouping.s-onetag.com	23 KB
5	clickagy.com 5 redirects aorta.clickagy.com	4 KB
5	doubleclick.net 4 redirects cm.g.doubleclick.net	1 KB
5	adsrvr.org 4 redirects match.adsrvr.org	2 KB
5	dtscout.com t.dtscout.com	18 KB
4	agkn.com 3 redirects aa.agkn.com d.agkn.com	2 KB
4	demdex.net 4 redirects dpm.demdex.net	4 KB
4	zeotap.com 2 redirects spl.zeotap.com mwzeom.zeotap.com	2 KB
4	bluekai.com tags.bluekai.com	1 KB
3	adnxs.com 3 redirects secure.adnxs.com	3 KB
3	amung.us widgets.amung.us whos.amung.us	7 KB
3	google-analytics.com www.google-analytics.com	40 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	adhigh.net 1 redirects px.adhigh.net	724 B
2	aidata.io 1 redirects x01.aidata.io	937 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	760 B
2	id5-sync.com 2 redirects id5-sync.com	3 KB
2	adform.net 2 redirects c1.adform.net	927 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	616 B
2	tidaltv.com 2 redirects sync.tidaltv.com	684 B
2	avct.cloud 2 redirects ads.avct.cloud	896 B
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	tapad.com 2 redirects pixel.tapad.com	916 B
2	pinterest.com widgets.pinterest.com	441 B
2	dtscdn.com t.dtscdn.com	814 B
2	cloudflare.com cdnjs.cloudflare.com	82 KB
2	jsdelivr.net cdn.jsdelivr.net	171 KB
2	jquery.com code.jquery.com	64 KB
2	clomid24.com www.clomid24.com	22 KB
1	rubiconproject.com token.rubiconproject.com	214 B
1	adgrx.com cm.adgrx.com	408 B
1	lijit.com ce.lijit.com	348 B
1	eyeota.net ps.eyeota.net	344 B
1	pippio.com pippio.com	66 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	cintnetworks.com c.cintnetworks.com	328 B
1	spotxchange.com 1 redirects sync.search.spotxchange.com	605 B
1	truoptik.com dmp.truoptik.com
1	shareaholic.com 1 redirects pixel.shareaholic.com	242 B
1	taboola.com trc.taboola.com	229 B
1	thrtle.com thrtle.com
1	pubmatic.com image6.pubmatic.com	166 B
1	rqtrk.eu wt.rqtrk.eu	356 B
1	turn.com 1 redirects d.turn.com	411 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	mathtag.com 1 redirects sync.mathtag.com	647 B
1	videohub.tv 1 redirects dt-secure.videohub.tv	547 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	628 B
1	ml314.com ml314.com	422 B
1	krxd.net beacon.krxd.net	338 B
1	sharethis.com sync.sharethis.com	232 B
1	avocet.io 1 redirects ads.avocet.io	204 B
1	userreport.com audex.userreport.com	433 B
1	addthisedge.com v1.addthisedge.com	886 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	moatads.com z.moatads.com	1 KB
1	blogger.com www.blogger.com	155 KB
1	upload.ink upload.ink	63 KB
1	waust.at waust.at	8 KB
1	propeciafromcanada.com 1 redirects www.propeciafromcanada.com	828 B
1	lexapro-generic.com 1 redirects www.lexapro-generic.com	842 B
1	escitalopramex.com 1 redirects www.escitalopramex.com	835 B
1	mmfftz.com 1 redirects www.mmfftz.com	760 B
1	augmentinamoxicillin.com 1 redirects www.augmentinamoxicillin.com	832 B
1	tadalafil247.com 1 redirects tadalafil247.com	828 B
0	ib-ibi.com Failed global.ib-ibi.com Failed
0	clrstm.com Failed sync.tag.clrstm.com Failed
0	survata.com Failed px.surveywall-api.survata.com Failed
158	76

	Domain	Requested by
17	sync.crwdcntrl.net	5 redirects bcp.crwdcntrl.net
15	inanamiyorumhalaburdasin.cloud	www.clomid24.com inanamiyorumhalaburdasin.cloud
14	ic.tynt.com	www.clomid24.com inanamiyorumhalaburdasin.cloud
12	git.player25.xyz	12 redirects
11	1.bp.blogspot.com	www.clomid24.com inanamiyorumhalaburdasin.cloud
9	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net
8	fonts.gstatic.com	www.clomid24.com
7	pixel.onaudience.com	6 redirects bcp.crwdcntrl.net
6	tags.crwdcntrl.net	t.dtscout.com tags.crwdcntrl.net
5	aorta.clickagy.com	5 redirects
5	cm.g.doubleclick.net	4 redirects bcp.crwdcntrl.net
5	match.adsrvr.org	4 redirects bcp.crwdcntrl.net
5	t.dtscout.com	waust.at t.dtscout.com widgets.amung.us
4	dpm.demdex.net	4 redirects
4	tags.bluekai.com	www.clomid24.com inanamiyorumhalaburdasin.cloud bcp.crwdcntrl.net
4	s7.addthis.com	1 redirects www.clomid24.com s7.addthis.com
3	secure.adnxs.com	3 redirects
3	aa.agkn.com	2 redirects bcp.crwdcntrl.net
3	api-public.addthis.com	s7.addthis.com
3	www.google-analytics.com	www.clomid24.com www.google-analytics.com www.googletagmanager.com
2	pm.w55c.net	2 redirects
2	px.adhigh.net	1 redirects bcp.crwdcntrl.net
2	x01.aidata.io	1 redirects bcp.crwdcntrl.net
2	sb.scorecardresearch.com	1 redirects bcp.crwdcntrl.net
2	id5-sync.com	2 redirects
2	c1.adform.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	ads.avct.cloud	2 redirects
2	loadm.exelator.com	1 redirects bcp.crwdcntrl.net
2	pixel.tapad.com	2 redirects
2	de.tynt.com	cdn.tynt.com
2	widgets.pinterest.com	www.clomid24.com
2	cdn.tynt.com	waust.at widgets.amung.us
2	mwzeom.zeotap.com	www.clomid24.com inanamiyorumhalaburdasin.cloud
2	spl.zeotap.com	2 redirects
2	t.dtscdn.com	t.dtscout.com
2	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
2	whos.amung.us	waust.at widgets.amung.us
2	onetag-geo.s-onetag.com	get.s-onetag.com
2	get.s-onetag.com	t.dtscout.com
2	cdnjs.cloudflare.com	www.clomid24.com cdnjs.cloudflare.com
2	cdn.jsdelivr.net	www.clomid24.com inanamiyorumhalaburdasin.cloud
2	code.jquery.com	www.clomid24.com
2	www.clomid24.com	www.clomid24.com
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	cm.adgrx.com	bcp.crwdcntrl.net
1	ce.lijit.com	bcp.crwdcntrl.net
1	ps.eyeota.net	bcp.crwdcntrl.net
1	pippio.com	bcp.crwdcntrl.net
1	idsync.rlcdn.com	bcp.crwdcntrl.net
1	d.agkn.com	1 redirects
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	sync.search.spotxchange.com	1 redirects
1	dmp.truoptik.com	bcp.crwdcntrl.net
1	pixel.shareaholic.com	1 redirects
1	trc.taboola.com	bcp.crwdcntrl.net
1	thrtle.com	bcp.crwdcntrl.net
1	image6.pubmatic.com	bcp.crwdcntrl.net
1	wt.rqtrk.eu	bcp.crwdcntrl.net
1	d.turn.com	1 redirects
1	pixel-sync.sitescout.com	bcp.crwdcntrl.net
1	sync.mathtag.com	1 redirects
1	dt-secure.videohub.tv	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	ml314.com	bcp.crwdcntrl.net
1	beacon.krxd.net	bcp.crwdcntrl.net
1	sync.sharethis.com	bcp.crwdcntrl.net
1	ads.avocet.io	1 redirects
1	audex.userreport.com	bcp.crwdcntrl.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	widgets.amung.us	inanamiyorumhalaburdasin.cloud
1	www.googletagmanager.com	inanamiyorumhalaburdasin.cloud
1	z.moatads.com	s7.addthis.com
1	www.blogger.com	www.clomid24.com
1	2.bp.blogspot.com	www.clomid24.com
1	3.bp.blogspot.com	www.clomid24.com
1	upload.ink	www.clomid24.com
1	waust.at	www.clomid24.com
1	4.bp.blogspot.com	www.clomid24.com
1	www.propeciafromcanada.com	1 redirects
1	www.lexapro-generic.com	1 redirects
1	www.escitalopramex.com	1 redirects
1	www.mmfftz.com	1 redirects
1	www.augmentinamoxicillin.com	1 redirects
1	tadalafil247.com	1 redirects
0	global.ib-ibi.com Failed	bcp.crwdcntrl.net
0	sync.tag.clrstm.com Failed	bcp.crwdcntrl.net
0	px.surveywall-api.survata.com Failed	bcp.crwdcntrl.net
158	90

This site contains links to these domains. Also see Links.

Domain
whos.amung.us
bit.ly
www.google.com.tr

Subject Issuer	Validity	Valid
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.blogger.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.dtscdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-04` - `2022-12-04`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
sharethis.com Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.rqtrk.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-18` - `2022-06-18`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.thrtle.com Go Daddy Secure Certificate Authority - G2	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.truoptik.com Entrust Certification Authority - L1K	`2021-10-22` - `2022-10-22`	a year	crt.sh
*.cintnetworks.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-04` - `2022-11-04`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2021-05-28` - `2022-05-28`	a year	crt.sh
pippio.com GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.eyeota.net R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh

This page contains 20 frames:

Primary Page: http://www.clomid24.com/
Frame ID: 1AA251462E030D86CFF8912F204FD6AA
Requests: 57 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betpas.html
Frame ID: D0EE5797042A40EC8FD60F26FAA32DF0
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betpas.html
Frame ID: AFFDAB8F9658783A0A8C46FF2FDCA199
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050bahiscom.html
Frame ID: C7BF31175AB1B3708F604FF6BA16F1BD
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890bahiscom.html
Frame ID: F92C12A5AD4C3E451EA21FB01139FBE9
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrasportboss.html
Frame ID: 1E9EDB868FED0A9FF944094DF386E49A
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890onwin.html
Frame ID: 0F8CC554746B2A7C16FA0B9320156787
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
Frame ID: CB3AAE1F5CDA6BFB7150ED89BCE8FF35
Requests: 12 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890betistcom.html
Frame ID: DC9C0C593F8D9530697142C5183F0228
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890betpas.html
Frame ID: BE976A3585BF7985E806E34748E79BE8
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html
Frame ID: B1FB6C00123668C8AD0B07EA47666C8F
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html
Frame ID: 47A61595A74A333DD34C463D2B443BEE
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/sayac.html
Frame ID: 828F852C6DD83E4DB5D6585FC941AA4B
Requests: 18 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D00163749257405D93015EAE83D73DB
Frame ID: 4A7B24515ECB8C262120FAE0B1554139
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 8D814289C60D3B6FC1F354DD6F2A5125
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 8BDEA2AB5B139E8605FEAD402E80D99A
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 4232CF01B51A56AAD12F09454E932DA6
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Frame ID: 5A54AE14D44F8E2E19B4E07891320851
Requests: 24 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 30C67F3EDA38154017BB31E577C211CA
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Frame ID: 11B7F9A776D8421E9521218B82D269C9
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Taraftarium24 | Canlı maç izle - Taraftarium izle - SportbossFacebookTwitterPrintEmailPinterestAddThisFacebookTwitterPrintEmailAddThis

Page URL History Show full URLs

http://tadalafil247.com/ HTTP 302
http://www.augmentinamoxicillin.com/ HTTP 302
http://www.mmfftz.com/ HTTP 301
http://www.escitalopramex.com/ HTTP 302
http://www.lexapro-generic.com/ HTTP 302
http://www.propeciafromcanada.com/ HTTP 302
http://www.clomid24.com/ Page URL

Page Statistics

158
Requests

66 %
HTTPS

25 %
IPv6

76
Domains

90
Subdomains

53
IPs

10
Countries

12088 kB
Transfer

13404 kB
Size

69
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://whos.amung.us/stats/ligtvmax1/
Title: 2,775

Search URL Search Domain Scan URL

URL: https://bit.ly/bozguncu-apk

Search URL Search Domain Scan URL

URL: https://www.google.com.tr/
Title: Google

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tadalafil247.com/ HTTP 302
http://www.augmentinamoxicillin.com/ HTTP 302
http://www.mmfftz.com/ HTTP 301
http://www.escitalopramex.com/ HTTP 302
http://www.lexapro-generic.com/ HTTP 302
http://www.propeciafromcanada.com/ HTTP 302
http://www.clomid24.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 9

http://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js HTTP 307
https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js

Request Chain 13

http://git.player25.xyz/kutular/300250betpas.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betpas.html

Request Chain 14

http://git.player25.xyz/kutular/300250betpas.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betpas.html

Request Chain 15

http://git.player25.xyz/kutular/100050bahiscom.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050bahiscom.html

Request Chain 16

http://git.player25.xyz/kutular/72890bahiscom.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890bahiscom.html

Request Chain 17

http://git.player25.xyz/pop-kralbet.js HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/pop-kralbet.js

Request Chain 23

http://git.player25.xyz/kutular/72890ultrasportboss.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrasportboss.html

Request Chain 24

http://git.player25.xyz/kutular/72890onwin.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890onwin.html

Request Chain 28

http://git.player25.xyz/cloudbozguncu/god.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html

Request Chain 29

http://git.player25.xyz/kutular/72890betistcom.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890betistcom.html

Request Chain 30

http://git.player25.xyz/kutular/72890betpas.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890betpas.html

Request Chain 31

http://git.player25.xyz/kutular/120600bahiscom.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html

Request Chain 32

http://git.player25.xyz/kutular/120600bahiscom.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html

Request Chain 70

https://pixel.onaudience.com/?partner=137085098&mapped=6D00163749257405D93015EAE83D73DB HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=76b0c695-53d5-4163-ac6a-54415278b8dc&icm HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4384072b7164eb81eeac97f58378d126 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=7eafd98e46a71272 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3e54c885-e49c-4d63-587f-3ce02c46e7cc&reqId=635ea9b1-4e06-4ef8-77b1-2eddbf219acf&zcluid=7eafd98e46a71272&zdid=1332 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3e54c885-e49c-4d63-587f-3ce02c46e7cc&reqId=635ea9b1-4e06-4ef8-77b1-2eddbf219acf&zcluid=7eafd98e46a71272&zdid=1332&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESENg0w-N5LrG3TzwX3LLrTaM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3e54c885-e49c-4d63-587f-3ce02c46e7cc&reqId=635ea9b1-4e06-4ef8-77b1-2eddbf219acf&zcluid=7eafd98e46a71272&zdid=1332

Request Chain 76

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.clomid24.com%2F&callback=window._ate.cbs.rcb_iqe00 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.clomid24.com%2F&callback=window._ate.cbs.rcb_iqe00

Request Chain 77

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.clomid24.com%2F&callback=window._ate.cbs.rcb_aqk90 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.clomid24.com%2F&callback=window._ate.cbs.rcb_aqk90

Request Chain 79

https://pixel.onaudience.com/?partner=137085098&mapped=6D00163749257405D93015EAE83D73DB HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=76b0c695-53d5-4163-ac6a-54415278b8dc&icm HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4384072b7164eb81eeac97f58378d126 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=7eafd98e46a71272 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4b2e44a-2a90-457e-519e-808316dec4ae&reqId=dc9eb6e1-e7e6-47ec-742d-16d36dad6790&zcluid=7eafd98e46a71272&zdid=1332 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4b2e44a-2a90-457e-519e-808316dec4ae&reqId=dc9eb6e1-e7e6-47ec-742d-16d36dad6790&zcluid=7eafd98e46a71272&zdid=1332&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESENdlH5UjyXAvQNj9M-AjI_Q&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4b2e44a-2a90-457e-519e-808316dec4ae&reqId=dc9eb6e1-e7e6-47ec-742d-16d36dad6790&zcluid=7eafd98e46a71272&zdid=1332

Request Chain 114

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=4384072b7164eb81eeac97f58378d126&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=4384072b7164eb81eeac97f58378d126&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=42e4ce01-ffcd-4e18-86ee-a3f38cab84c7

Request Chain 115

https://loadm.exelator.com/load/?p=204&g=260&buid=4384072b7164eb81eeac97f58378d126&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=260&buid=4384072b7164eb81eeac97f58378d126&j=0&xl8blockcheck=1

Request Chain 116

https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=051ad981-f557-49e3-a946-8766c647b9a6

Request Chain 118

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=4384072b7164eb81eeac97f58378d126&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=4384072b7164eb81eeac97f58378d126&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=57394720596031767801401165459515940626

Request Chain 123

https://aa.agkn.com/adscores/g.pixel?sid=9202276048 HTTP 302
https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164850503977000161716

Request Chain 125

https://sync.srv.stackadapt.com/sync?nid=lotame HTTP 302
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-2f06219f-9fc1-424e-54ca-b05d74cfe14f$ip$185.213.155.169

Request Chain 126

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=29aa890d-3291-41a6-a958-0f10ca2a18a3?gdpr=1&gdpr_consent=

Request Chain 127

https://dt-secure.videohub.tv/v1/usync/lo HTTP 303
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-9482fc1df455cf43e0f5d6f3ac18e9d8

Request Chain 128

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=3c33619a-2761-4000-9152-47bb5503adb6

Request Chain 130

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YZonYQAGL7mfzwBR HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YZonYQAGL7mfzwBR&_test=YZonYQAGL7mfzwBR

Request Chain 133

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/4384072b7164eb81eeac97f58378d126/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8564095190868966493

Request Chain 134

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=447300670%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D447300670%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=447300670/tpid=5907677987901563007/tp=ANXS

Request Chain 137

https://c1.adform.net/serving/cookie/match?party=1040 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1040 HTTP 302
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=7271959224854895763

Request Chain 139

https://id5-sync.com/s/19/9.gif?puid=4384072b7164eb81eeac97f58378d126&gdpr=1 HTTP 302
https://id5-sync.com/c/19/19/9/1.gif?puid=4384072b7164eb81eeac97f58378d126&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://tags.bluekai.com/site/5907?limit=0&id=3f09bfce3bb87c171afc4009294f38a5&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=

Request Chain 142

https://pixel.shareaholic.com/sync?r=https://sync.crwdcntrl.net/map/c=9193/tp=SHLC/tpid=$u_id HTTP 302
https://sync.crwdcntrl.net/map/c=9193/tp=SHLC/tpid=000000000000000000000000000000000000

Request Chain 144

https://sync.search.spotxchange.com/audience_sync/7?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D16299%2Ftp%3DSPXC%2Ftpid%3D%24SPOTX_AUDIENCE_ID HTTP 302
https://sync.crwdcntrl.net/map/c=16299/tp=SPXC/tpid=956c9c5e-4aba-11ec-bdda-10ffbde80506

Request Chain 147

https://sb.scorecardresearch.com/p?c1=9&c2=6635176&c3=2&cs_xi=4384072b7164eb81eeac97f58378d126&rn=[TIMESTAMP] HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=6635176&c3=2&cs_xi=4384072b7164eb81eeac97f58378d126&rn=%5BTIMESTAMP%5D

Request Chain 148

https://aorta.clickagy.com/pixel.gif?ch=120&cm=4384072b7164eb81eeac97f58378d126 HTTP 302
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:8291b7795f5a6a3abf10608dceb26d27&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=57394720596031767801401165459515940626 HTTP 302
https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:8291b7795f5a6a3abf10608dceb26d27/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm=4384072b7164eb81eeac97f58378d126 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:8291b7795f5a6a3abf10608dceb26d27&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
https://d.agkn.com/pixel/10751/?che=1637492544&ip=185.213.155.169&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D164850503977000161716 HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=164850503977000161716 HTTP 302
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:8291b7795f5a6a3abf10608dceb26d27&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=57394720596031767801401165459515940626 HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27

Request Chain 149

https://x01.aidata.io/0.gif?pid=LOTAME&id=4384072b7164eb81eeac97f58378d126 HTTP 302
https://x01.aidata.io/0.gif?pid=LOTAME&id=4384072b7164eb81eeac97f58378d126&bounce=1

Request Chain 150

https://px.adhigh.net/p/cm/lotame HTTP 302
https://px.adhigh.net/p/cm/lotame?bounced=1

Request Chain 156

https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=C5tRTsNA1MOKCB5

Request Chain 158

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=822452051%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=822452051/tpid=5907677987901563007/tp=ANXS

158 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.clomid24.com/
Redirect Chain

http://tadalafil247.com/
http://www.augmentinamoxicillin.com/
http://www.mmfftz.com/
http://www.escitalopramex.com/
http://www.lexapro-generic.com/
http://www.propeciafromcanada.com/
http://www.clomid24.com/

78 KB
20 KB

155ms
140ms

Document
text/html

2606:4700:3031::ac43:8fbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.clomid24.com/

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:8fbf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a1c546d435ee7d9a46edd7a5496953d3faa0ef3d73264c287148db43bdd463b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
expires: Sun, 21 Nov 2021 11:02:54 GMT
cache-control: private, max-age=0
last-modified: Sun, 21 Nov 2021 00:23:40 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkU35mf4L%2ByjOIHL%2B0P5%2BKjjHaCXuUAasxzxUqqvS6Av9Axveh8Kf8JXkV%2FBScIravUdmg0Bm%2BM%2Fj%2F%2BvIaf5SlY3Tn9v8kNWmyDVuy8J90MFTDMnokG7ao7UaEmF6ceB9XvpinrPisuSC8tbmT%2FF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6b196dabe9ac2c01-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://www.clomid24.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MB0OwpNQepOC3C12Tzv0e72AiVH7rIwCWcfohvjW3KjOSIOeOuC09FqoIf8QF8n21BCLfVjCw4eTpiuUROmV7ATculcdhjk1sBrIy3GvWFZfcLOI0w69SNM7sM0wz%2BE1j0Okc3P7OBQcdyMv0n2Jb4kgWPiRFVNNlg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196dab9a30145a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 302ms
16ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:54 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1637492574.dop011.am5.t,1637492574.cds228.am5.hn,1637492574.cds203.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 311ms
31ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:54 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:18:54 GMT
server: nginx
etag: W/"573f46fe-17b8b"
vary: Accept-Encoding
x-hw: 1637492574.dop011.am5.t,1637492574.cds228.am5.hn,1637492574.cds302.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H2 200 t24.png
4.bp.blogspot.com/-hpxx39ZkAXU/YD2HnYDLCOI/AAAAAAAAAks/hgISr2HYKo8TuoptFH3BuOuHG1mc0ezuQCK4BGAYYCw/s1600/ 16 KB
17 KB 469ms
41ms Image
image/png 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-hpxx39ZkAXU/YD2HnYDLCOI/AAAAAAAAAks/hgISr2HYKo8TuoptFH3BuOuHG1mc0ezuQCK4BGAYYCw/s1600/t24.png

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

993e67aa4c9d3f60ffed856922f5c9788cc7925a0a1ae1364f1f0d6cf27f8960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 07:06:10 GMT
x-content-type-options: nosniff
age: 14204
content-disposition: inline;filename="t24.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16733
x-xss-protection: 0
server: fife
etag: "v24c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 23:24:17 GMT

GET
H/1.1 200
OK d.js Show response
waust.at/ 13 KB
8 KB 39ms
24ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/d.js
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2429
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 03 May 2021 17:48:07 GMT
Server: cloudflare
etag: W/"60903757-3444"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L54drdFdtNt1nf9hCKcD5bEcmjMqwk1ruMjo%2B2tXc1NHoApCN%2BQMkQ%2B8MsbwV8JDIO6S0MMxQnkLGl781E1sPw0loUWHPbZA8vhbUVUaIR%2F%2FwGi%2B9YQ1U7wZqUBORoTeyYlaCvir"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
CF-RAY: 6b196daf1c014303-FRA
expires: Mon, 22 Nov 2021 10:22:25 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

39ms
19ms

Script
application/javascript

104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Sun, 21 Nov 2021 11:02:54 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H/1.1 200
OK derbi.gif
upload.ink/images/2021/11/21/ 62 KB
63 KB 53ms
30ms Image
image/gif 2606:4700:3036::6815:4ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://upload.ink/images/2021/11/21/derbi.gif

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

HTTP/1.1

Server

2606:4700:3036::6815:4ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b2f80cdd07d8b8ca1cd61bb834b08790f53765ae479a0605ff10d2081cadc69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
x-content-type-options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3056
x-cache-status: MISS
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 63634
last-modified: Sat, 20 Nov 2021 22:09:46 GMT
Server: cloudflare
etag: "f892-5d13fa648620c"
vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJ4C9gc34yr21zVZD3D2bGud7IvEPFaQ8hr9BwP5w8PVH4KQ%2BtK2HE%2Bsvm6735a9xWlU20SC4ftzP2jb736KKmEd59ENnKMdlmS%2BpNG6e1vwsAvnk2ER0nK22N9Zbhy0ezM%2FbVNQB%2Ffe"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=300
Accept-Ranges: bytes
CF-RAY: 6b196daf2b10433f-FRA
expires: Sun, 21 Nov 2021 10:12:06 GMT

GET
H2 200 G%25C3%25B6nl%25C3%25BCn%25C3%25BCz%2BRahat%2BOlarak%2BMa%25C3%25A7%2BSeyredeceksiniz.jpg
3.bp.blogspot.com/-L9hPWOoLIho/WJSeD7X5BdI/AAAAAAAAC0Y/bh9qXQsGysQJuO4PJ7yhEPO-ZnplM56XQCLcB/w500/ 30 KB
30 KB 466ms
37ms Image
image/jpeg 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-L9hPWOoLIho/WJSeD7X5BdI/AAAAAAAAC0Y/bh9qXQsGysQJuO4PJ7yhEPO-ZnplM56XQCLcB/w500/G%25C3%25B6nl%25C3%25BCn%25C3%25BCz%2BRahat%2BOlarak%2BMa%25C3%25A7%2BSeyredeceksiniz.jpg

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

b5bf565f25e79997d1e4b59acc300f849f166f4c50a782edd5d2832bc33af76e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 10:53:59 GMT
x-content-type-options: nosniff
age: 535
content-disposition: inline;filename="G_nl_n_z Rahat Olarak Ma_ Seyredeceksiniz.jpg";filename*=UTF-8''G%C3%B6nl%C3%BCn%C3%BCz%20Rahat%20Olarak%20Ma%C3%A7%20Seyredeceksiniz.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30341
x-xss-protection: 0
server: fife
etag: "vb4a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 21:07:38 GMT

GET
H2 200 Futbol%2BMa%25C3%25A7larina%2BPara%2B%25C3%2596detmeyen%2BKanal.jpg
1.bp.blogspot.com/-TH3jsZiGWio/WGRFQ0HFosI/AAAAAAAACM8/jKU_Tsmm_C08nuRB8PmFHWsGHuzHiERvgCLcB/w500/ 35 KB
35 KB 1398ms
975ms Image
image/jpeg 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-TH3jsZiGWio/WGRFQ0HFosI/AAAAAAAACM8/jKU_Tsmm_C08nuRB8PmFHWsGHuzHiERvgCLcB/w500/Futbol%2BMa%25C3%25A7larina%2BPara%2B%25C3%2596detmeyen%2BKanal.jpg

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

9d66f0b2a4bc8669520d988f51c359c30b3b25bcd004cafe571c0f971dab1cb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 09:23:45 GMT
x-content-type-options: nosniff
age: 5949
content-disposition: inline;filename="Futbol Ma_larina Para _detmeyen Kanal.jpg";filename*=UTF-8''Futbol%20Ma%C3%A7larina%20Para%20%C3%96detmeyen%20Kanal.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35620
x-xss-protection: 0
server: fife
etag: "v8d1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 11:48:30 GMT

GET
H2 200 Taraftarium%2BKanalinda%2BFarkinizi%2BOlus%25CC%25A7turacaksiniz.jpg
2.bp.blogspot.com/-Om0iuh4AurA/WeHT4CQmNdI/AAAAAAAAAO8/_wYHHLL-sy0698NefqPnR7x6IW_fRYiAgCLcBGAs/w500/ 36 KB
37 KB 463ms
40ms Image
image/jpeg 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-Om0iuh4AurA/WeHT4CQmNdI/AAAAAAAAAO8/_wYHHLL-sy0698NefqPnR7x6IW_fRYiAgCLcBGAs/w500/Taraftarium%2BKanalinda%2BFarkinizi%2BOlus%25CC%25A7turacaksiniz.jpg

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

4d87f1e55938b19beb35026e259331b59c3de0a2d6e81063dc97661c3bc1e6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 07:06:10 GMT
x-content-type-options: nosniff
age: 14204
content-disposition: inline;filename="Taraftarium24 Kanalinda Farkinizi Olus_turacaksiniz.jpg";filename*=UTF-8''Taraftarium24%20Kanalinda%20Farkinizi%20Olus%CC%A7turacaksiniz.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36895
x-xss-protection: 0
server: fife
etag: "vf0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 11:48:30 GMT

GET
H2

200

jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/
Redirect Chain

http://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js
https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js

87 KB
32 KB

46ms
26ms

Script
application/javascript

2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2244463
x-jsd-version: 3.5.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19129-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b196daf2a81d6d1-FRA

Redirect headers

Location: https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js
Non-Authoritative-Reason: HSTS

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 41ms
20ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 816634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qc1ZaQ4MeC0c8UdIdp1yVNPGI7%2FbIozFa4nTHDfwwReX8uNVCq2%2F7yNyP7%2FFk%2BlUAPFupI%2FScOT4vW3bU9E8njxYzn0fVgF2nlymwSZdaxQf%2F8sFf4VuGIR99nEzU%2FJr%2F2LT4VwO6eoRQIyMgGJcQggr"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b196daf1d050629-FRA
expires: Fri, 11 Nov 2022 11:02:54 GMT

GET
H/1.1 200
OK cookienotice.js Show response
www.clomid24.com/js/ 6 KB
3 KB 21ms
21ms Script
text/javascript 2606:4700:3031::ac43:8fbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.clomid24.com/js/cookienotice.js

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:8fbf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: HIT
Age: 81224
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 2026
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 11:49:51 GMT
Server: cloudflare
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
cache-control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 6b196daf48912c01-FRA
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 27 Nov 2021 12:29:10 GMT

GET
H2 200 2809169260-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
155 KB 466ms
40ms Script
text/javascript 142.250.185.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2809169260-widgets.js

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f9.1e100.net

Software

sffe /

Resource Hash

20a41052830e544178c2064d309d07956759b0716daa85b4c83f7b49927c6757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 01:55:36 GMT
x-content-type-options: nosniff
age: 378438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158116
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 00:55:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 17 Nov 2022 01:55:36 GMT

GET
H/1.1

200
OK

300250betpas.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame D0EE
Redirect Chain

http://git.player25.xyz/kutular/300250betpas.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betpas.html

355 B
1 KB

58ms
52ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betpas.html
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 271b2cd63a677800da1d3902b61741fdd8f20eadf8cc82306c56f222ce13edc8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:49 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1226
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtv9QbRSYFzYjR0Nh969pjHpUZopHoS7cZZ1%2BDuCMU83ScUjyydW%2FKiAEQPhc1HYhVcftp58xYtBMylQKyzaM2T%2FU8EOMtaFmM7Vz6uJeZatfHM8qG3i7rGcz6vgM139V5uLjBWBNHNd5cI8WqqDaw35yd3ftfkjJsxQwdI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196daf6aa46955-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betpas.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWoAAGeA73yWmq7nRWRJ7Hm1EOG00YEk46pID2OaOkBY0EugJLlsoRzx8%2FpN3U6AFFcJxxq5V%2Fckj%2FX1u1MXwuGzhO6h8W2tQ2w4FuWHfvjBtever0gThhaikyGBsSvmRUv2EQwzm3unV9sUyrE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196daf2ad42c2a-FRA

GET
H/1.1

200
OK

300250betpas.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame AFFD
Redirect Chain

http://git.player25.xyz/kutular/300250betpas.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betpas.html

355 B
1 KB

59ms
38ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betpas.html
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 271b2cd63a677800da1d3902b61741fdd8f20eadf8cc82306c56f222ce13edc8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:49 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1226
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTMIK8V3XjdvfOJstebKbyuc%2FuxdmIXyI%2FOWJr%2BGkXRudgZrS%2BwjwP3o71Ft94W3quJUklnLiI%2FzUtZEIiERVoC02gUWl6A8w1fxGcpa9PhWLMJzrt%2FCfKetodOahcpDwBLs0hw7GnG75LPmd73Ocg%2FdYUQ%2FnCI04NDx0SY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196daf6cf4d6b9-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betpas.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1Tzt6ywygr7Ux8Uwl2CjKNqifOZgyY31MAwT41JVeJgZTQt0CgafN98D3%2BfvaH6ooiw%2BcT%2F3qabxHXrIQshYGRCoLLXVTFglrZmD6DrXFx6b%2FIsFaWlZjGVOBVF0uxdBuYioXLX7oR4jF0f06U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196daf2e9f2b71-FRA

GET
H/1.1

200
OK

100050bahiscom.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame C7BF
Redirect Chain

http://git.player25.xyz/kutular/100050bahiscom.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050bahiscom.html

350 B
1 KB

37ms
21ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050bahiscom.html
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd5a3050f58ca2c052f38fa7bafa204b7285c0ad72cf897f1632784b5a0c41d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:47 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1296
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4I8Y%2FcUqrsbtKzZB1goSFd5RhssWj7ahd4rCmmbxz372fwQNeaEsWHnuK5DpCuYGCUJE2BreRRI0pBc73X3RqvHb6H%2FUmkgq5Pnj9sAMHp9ilfwUPXXegpqMJWqlxU80T3NOMxY79y1bP1hy6cJVXDmFTeNT0rS6DIgVJY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196daf6881e003-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050bahiscom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn18yS5THgbSb4%2BqX%2FfWS5jcgVOeGbEwgu8YJT8He%2F3Vi8HOa7j46zbex3PECWWyCVbR4LLy%2F83lao5GE21BPlMjU9r5uaCfm5XNcsWQQoNzgOa6psjqwRXzLVvY65qy%2FipmbkqqD3ExXUwhs9g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196daf2d2e6983-FRA

GET
H/1.1

200
OK

72890bahiscom.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame F92C
Redirect Chain

http://git.player25.xyz/kutular/72890bahiscom.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890bahiscom.html

352 B
1 KB

44ms
26ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890bahiscom.html
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81624e91d2552c17ce5b56a62626870c11ef9b3906d1347ea8bce6bf78e0611a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:50 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1298
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqTjOuXEuCGGHkX%2BSGSL1Yp%2BysjYDo7dNkJvE8b6PsrSRy4wTWb4SUIr8Hyz3cR3JhwCVWPCykA82AH4penNqr69uJn3PYpLdUceMTCY2DSuYXRuIG3gdRlJeazPnU10U6IgTRWPP6%2Flg6TtavXGc4RManXeVGHIuqnHXkg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196daf6d96c286-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890bahiscom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gF6%2BsL4bKGjRXsgytfK%2BlZ8OvOLuKOqLTVKIlbRBqpd5D4IvcsE1AjCvzdoAEgXlx%2FhCHgLcQ4wGzH5JvUglmU2AcvlHjDC%2BNNoZAdNXBtO%2FnL%2FiaMB9icJLinlgEIK2JHJgzYWqGw%2B%2BdOUxnro%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196daf29d85caa-FRA

GET
H/1.1

200
OK

pop-kralbet.js Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/
Redirect Chain

http://git.player25.xyz/pop-kralbet.js
http://inanamiyorumhalaburdasin.cloud/futbolcafe/pop-kralbet.js

1 KB
2 KB

65ms
41ms

Script
application/javascript

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/pop-kralbet.js
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb0e13d9c01d5e20173fd5bd580f33102a5aa448ddef63486841d145e719841d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1244
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 21 Nov 2021 00:09:41 GMT
Server: cloudflare
etag: W/"61998e45-5d7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PI%2F%2FLpj1e%2FV82SstlLi4wtrtwf2xFZ2TEoD%2BoWPl2xg1noi4jK11WOvlPTwDv0dVf4Ms9Jb5tvrPzj8dlFEMrW%2B%2BZCvuELtYSt1V4bt9C%2B0ej2TtDYhDP%2FsKYthx1AaGxi6tD57rgNEbLsQQ40EC9wqO5sPCAHp8Ytq3tWQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-RAY: 6b196daf698ad6f1-FRA

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7AdeTaNYLCCtsEnnru%2B0wvu7yi%2Ft%2BI9IEfyh5bG6VQzrO7Prf6k03TzCCs1mRDz6yiL5aRzN%2FeQxxuT3mBfAHA8AlTkneDkKiygzLAYVGaTbwYnI%2FQqw7ZAQr99PUquQVrqxYPGp8s372heJ08%3D"}],"group":"cf-nel","max_age":604800}
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/pop-kralbet.js
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6b196daf2e906931-FRA
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 468ms
50ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.clomid24.com/
Origin: http://www.clomid24.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:07:14 GMT
x-content-type-options: nosniff
age: 197741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 04:07:14 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 510ms
95ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.clomid24.com/
Origin: http://www.clomid24.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 21:14:29 GMT
x-content-type-options: nosniff
age: 481706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 21:14:29 GMT

GET
H2 200 1000elli-min.gif
1.bp.blogspot.com/-95oh5_SkCJE/YT3-mA9TavI/AAAAAAAAH3Q/GG3b53uTmak53vSXq22MTWnXgyPymhRhgCLcBGAsYHQ/s0/ Frame C7BF 504 KB
504 KB 541ms
220ms Image
image/gif 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-95oh5_SkCJE/YT3-mA9TavI/AAAAAAAAH3Q/GG3b53uTmak53vSXq22MTWnXgyPymhRhgCLcBGAsYHQ/s0/1000elli-min.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050bahiscom.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

a33a72bb693a439fd43c49560204b82692ac53260c87bd037aad2199d2725cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 07:48:29 GMT
x-content-type-options: nosniff
age: 11665
content-disposition: inline;filename="1000elli-min.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516161
x-xss-protection: 0
server: fife
etag: "v1f77"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 23:26:07 GMT

GET
H2 200 728doksan-min.gif
1.bp.blogspot.com/-tmdkKg1QdAg/YT3-mW1a86I/AAAAAAAAH3Y/1bR8V41yZy4rRQDe5tfCj8IQdvAvl6MDgCLcBGAsYHQ/s0/ Frame F92C 700 KB
701 KB 364ms
42ms Image
image/gif 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tmdkKg1QdAg/YT3-mW1a86I/AAAAAAAAH3Y/1bR8V41yZy4rRQDe5tfCj8IQdvAvl6MDgCLcBGAsYHQ/s0/728doksan-min.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890bahiscom.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

461bfca3168213eb5c5606abc0b3da8b9d3cbd6b911881ba53ae7fc156cf13c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 10:09:49 GMT
x-content-type-options: nosniff
age: 3185
content-disposition: inline;filename="728doksan-min.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 716810
x-xss-protection: 0
server: fife
etag: "v1f79"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 19 Nov 2021 10:06:51 GMT

GET
H2 200 ucikieli.gif
1.bp.blogspot.com/-Rh1pQ_Ap-xg/YPbUuWCBCbI/AAAAAAAAHzA/H6oz3S9PGNIlfoATgyRSR4ZqmY-b7ysSwCLcBGAsYHQ/s0/ Frame AFFD 1 MB
1 MB 1295ms
981ms Image
image/gif 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Rh1pQ_Ap-xg/YPbUuWCBCbI/AAAAAAAAHzA/H6oz3S9PGNIlfoATgyRSR4ZqmY-b7ysSwCLcBGAsYHQ/s0/ucikieli.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betpas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

47d6353091202be41771db8e74fe3877188dc7df7d664bdf2838e7f0bc414fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 08:39:08 GMT
x-content-type-options: nosniff
age: 8627
content-disposition: inline;filename="ucikieli.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1424237
x-xss-protection: 0
server: fife
etag: "v1f34"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 27 Oct 2021 23:36:46 GMT

GET
H/1.1

200
OK

72890ultrasportboss.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 1E9E
Redirect Chain

http://git.player25.xyz/kutular/72890ultrasportboss.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrasportboss.html

375 B
1 KB

16ms
16ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrasportboss.html
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ad5d206abc910d20fffc8c9d9f01500d1da53d6fd66f05bf7b5a8c5c257f2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:52 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1220
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yxb8a%2BRhEaXIjAc0Q8rVegfH6M6v47Hj6b7%2Bogzz21%2Fmit3eLTHwIW9ZU9c6biLTX4Aee5kQsWQL86MVp4OKfgIMnWQVtbGY32A%2BI4vyHVro%2Be%2BmvA9gevmQlMGyOoc00ir3uQ%2BOBCRJPvTg1d4LbWLijtNJOmARYf85u0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196dafea2ad6f1-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrasportboss.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzUtOgfnW67y5Ooh09Z1BT1KEtoqQ%2Bc4gxUsUsSJVZlxu6lzJUx9n7r%2BzrQwgv8H7OUFMZ2EBhqPro%2FTt9LrhxyHBvCjsPzf56M3cbagJwTpCkUS25X9H7UJdE3EN%2FLrIEBlypBnFiEG9kAfBvA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196dafcc612c2a-FRA

GET
H/1.1

200
OK

72890onwin.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 0F8C
Redirect Chain

http://git.player25.xyz/kutular/72890onwin.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890onwin.html

360 B
1 KB

28ms
28ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890onwin.html
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36cdc7368c1b7bcad1843027150be26de9d4bf5418d6b79844c5ba14395e8923

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:51 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1275
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7sB%2BU6RS2cWXEO0bxfecsMt8QM76YhfmK%2B0JzAIlYocp38hAketyP4KUPNAa5OY3rpr3%2FQ49AUrraBeFqGCPksD9peyOcm9w0MmdX5mYUFM5KfB6HxdiANJFInjPoexPl5dna%2B2xIxxiSrqPPBk%2Fub5fEJ9INrSCIQmPzw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196dafcbad6955-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890onwin.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2c89YyVGLjKFU0s5xYUuxt7Zl6t%2B0S0MzuVXjTQhubg%2Fm6kaZLComHY61bYIt%2FV7tYVPU6DCFiMDXz7%2FQHijDhmE7LkvmSTJmH7x99FMAw6VNBTj3Ftwecml1sZu%2BOTdu9Fh24saN%2FiWGVe026c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196dafbec26983-FRA

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 8 KB
8 KB 346ms
98ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.clomid24.com%2F&j=
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 59c60db7267a03883a7caa58d86fe3f538b839b59a8aa66795bb44e75b4ff930

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
X-T: 1.094
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Sun, 21 Nov 2021 11:02:53 GMT

GET
H2 200 ucikieli.gif
1.bp.blogspot.com/-Rh1pQ_Ap-xg/YPbUuWCBCbI/AAAAAAAAHzA/H6oz3S9PGNIlfoATgyRSR4ZqmY-b7ysSwCLcBGAsYHQ/s0/ Frame D0EE 1 MB
1 MB 1272ms
978ms Image
image/gif 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Rh1pQ_Ap-xg/YPbUuWCBCbI/AAAAAAAAHzA/H6oz3S9PGNIlfoATgyRSR4ZqmY-b7ysSwCLcBGAsYHQ/s0/ucikieli.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betpas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

47d6353091202be41771db8e74fe3877188dc7df7d664bdf2838e7f0bc414fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 08:39:08 GMT
x-content-type-options: nosniff
age: 8627
content-disposition: inline;filename="ucikieli.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1424237
x-xss-protection: 0
server: fife
etag: "v1f34"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 27 Oct 2021 23:36:46 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 29ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:54 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=21248
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1

200
OK

god.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/ Frame CB3A
Redirect Chain

http://git.player25.xyz/cloudbozguncu/god.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html

4 KB
3 KB

19ms
19ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3ca996d3bb6b1a13c3374664af570708158f461c645ba7d3cc74b232ab209f0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:10:05 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1276
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yj2yTmI19HCNhM7ZIyfCIAtIsvXeRFDpjME89TZaYR22auV%2FJr0l%2FC2EFrMwO3p797%2BIj48LpTaVXPHh1JWduR2pvSKKDIWm4JB3nstB1uVqlgzNgQzalhfR%2BQt5ba%2FEN27OkD%2FkuPCoxKGlLQZdFaQSv6SrdyWcy8x0nkI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196db06aacd6f1-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7VrcSIHo8%2BanpyxfB3rk1Q8wQQOe5LIU1AYVCHZc%2FH81h8GTJLWK1vJWpNw0xTvs9NdS9hmkn5TRAcMMhabZ3zdWME%2Fr%2BYHJgZxkUU5BTydVvLt4CXjqrVWMkkMwFEbQH%2Bx%2Fzpy6zPFDvHIcHg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196db00d1d2c2a-FRA

GET
H/1.1

200
OK

72890betistcom.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame DC9C
Redirect Chain

http://git.player25.xyz/kutular/72890betistcom.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890betistcom.html

261 B
1 KB

14ms
14ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890betistcom.html
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 200eb26540915e9089a970a62b387866ab63b142699d3abc7e5c465af60e3fb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:50 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1276
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYwUYZ59cZhvkzgXKr1g1Oz9Hn5cUG%2BNBK7yPJtPpSCIEAwoKJ4Xu823Cb7uebQatP93thJiT9erspn9oAI6EXXbekwiqsFhfj6JGAMEr%2Fno%2FfR28zMEkcsT8pyUg9PUR7r5fwyPD%2FNV0oM53vQvUimg5UO9ITryuelIMqo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196db02e00d6b9-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890betistcom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5k6WcEVMzvD9epGmuo79vTDLnB3dlcKeMX088van3oKZR0kcfa235XlcDgIpqLmUzZQtLjYQijFw%2Bs%2BmFGhzw2Hch9AlxjjF95fjBB4jGAUURGwmz%2FbxBGmnXoFDhHaLhZYlgsm%2FhBIT%2FjkOWc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196db00fee6983-FRA

GET
H/1.1

200
OK

72890betpas.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame BE97
Redirect Chain

http://git.player25.xyz/kutular/72890betpas.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890betpas.html

344 B
1 KB

21ms
21ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890betpas.html
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b6f737a023a208605b46d4864058f6ab290ea10c5b37cc8d5ebb1786817af6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:51 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1272
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjWrkH9zywGhMIizVfZx2Yp%2BDvPFuylLb4awNtYoUWKcPPCH8RvZC8CgQnAfhPGww%2B3hycAybOPIvSrnZkGvMAGEdvMcbsWDLDu3ZLSjAUgtfL5qQIYxwZIqQ7uV9LtYd97sP6l3Ym9fzTSwkPnua9N4hXnRnZoOgCfR6OE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196db02a62d6f1-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890betpas.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1egYLAZ0uA4sun9VeeQeOXxuBjLb96Hvhf5vpFHE74OKSCIEJDkHykxc0FB4Eh34y2pIsyw6EbnQ1RS%2BdWT18tS4PAU4%2BjEkeqYSelANzou%2FCZESId93tdYBNAQOLpCdbZ5nx%2BjHsUeU%2F1FoqM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196db00c0a5caa-FRA

GET
H/1.1

200
OK

120600bahiscom.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame B1FB
Redirect Chain

http://git.player25.xyz/kutular/120600bahiscom.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html

354 B
1 KB

15ms
15ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8d8a6a37b6d395ef7370ed88a55ddf9431098b66f0c4e084e44576f78467e26

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:49 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1298
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4XFadJfnoGaILQe7Jc6Lh%2Bf4yS5uJfEHGhg4nKV3LdebyeUiOaUJc2QHuRFDBMqhKjz%2FyV2GrA%2BLbv9LXOWyBdaQQQ1tmTtPwYta20MEX2x08GkJfXxt14Wupwp7YUQQ%2FvQ0v%2BBnW4mWb1%2FkTL%2B36HnRqomucQCJJv38N0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196db02ca56955-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgjB1%2BGTGiIT9h%2FuK9GWmrv9A1rhYe4afbCY%2FIb4xWxstrqdHyWwmfaeLpIkQdMj1Vgyt9g0Jlzs09AxT76Wpbdrp%2BB9ekB4uEYmWDDd%2FairqNFPThZ8EJJVi%2Fpr%2FutqVXWgqz62KC%2Bm%2FfDVTNk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196db018532b71-FRA

GET
H/1.1

200
OK

120600bahiscom.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 47A6
Redirect Chain

http://git.player25.xyz/kutular/120600bahiscom.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html

354 B
1 KB

14ms
14ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8d8a6a37b6d395ef7370ed88a55ddf9431098b66f0c4e084e44576f78467e26

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:49 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1298
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFVE71LL%2Br9y6vhc0%2BCF%2Bhi5mvfM%2BusgWazf7PDpMGxDDsg%2F37JZAq1Tf015l6GgrSo%2FzrRgDzgJqEk89ND887yhw5oyfvuA5DuKayU9H4c1438LxW9W507Im%2BKbxOi9k8ajLcYApcSHZakVdJFKQRj%2B5PzTcP0U4cvRjz8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196db02ecfc286-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BpewJ3O6wRu6LbsGOCqpRpxFuY5fuz34QS1Zl3MGX%2B1FNgadWLzYI3dupQ1T1R72LnC5n69MFm3c1%2FArQ%2B04QlkKg3Ow4UtToEray0xXQW0Bd%2Bxi9otxXgcrbn%2B2DwHIFpuBOOSRyjly9gSy%2Fs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196db018c36931-FRA

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 300ms
39ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.clomid24.com/
Origin: http://www.clomid24.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:20:35 GMT
x-content-type-options: nosniff
age: 196940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 04:20:35 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 337ms
76ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.clomid24.com/
Origin: http://www.clomid24.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 21:35:21 GMT
x-content-type-options: nosniff
age: 480454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 21:35:21 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 372ms
111ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.clomid24.com/
Origin: http://www.clomid24.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 18:17:53 GMT
x-content-type-options: nosniff
age: 319502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7848
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 18:17:53 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2
fonts.gstatic.com/s/poppins/v15/ 5 KB
5 KB 372ms
120ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

c1304cbfa7bedd386c7e80c75708876a46d6cf870828cecc9d02ed631f303ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.clomid24.com/
Origin: http://www.clomid24.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 17:23:20 GMT
x-content-type-options: nosniff
age: 409175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5488
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 17:23:20 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
fonts.gstatic.com/s/poppins/v15/ 5 KB
5 KB 335ms
87ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

c5014bc291cc9b56d9f11547d9814ab1acc30793e09c0974ca0779badded5562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.clomid24.com/
Origin: http://www.clomid24.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:11:34 GMT
x-content-type-options: nosniff
age: 373881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5396
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 03:11:34 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v15/ 5 KB
5 KB 351ms
105ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJnecmNE.woff2

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

738cb7aba1703ee4705776436452858e9832ef81847f0f646ed83949c7763c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.clomid24.com/
Origin: http://www.clomid24.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:19:00 GMT
x-content-type-options: nosniff
age: 164635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5504
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:19:00 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 28ms
16ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://www.clomid24.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3572608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjMxKTjzA%2FESuX6xNlAP8ZHT1MaBUracdzxtIhSYgTfqSlTV6yGGaGuBnk3aEkYRUjZv3l1Za5NNhvVR8qssAuRHLQzC4nJbSHHOmbxYEeSvhyqy%2BrSo1X%2BaSHRHqSjD1pWuzvlh5bpyPOvH5%2FaCu8Uj"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b196db07dca2c52-FRA
expires: Fri, 11 Nov 2022 11:02:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 428ms
39ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f142.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 108
date: Sun, 21 Nov 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 21 Nov 2021 13:01:07 GMT

GET
H2 200 728doksan.gif
1.bp.blogspot.com/-lmnSQYlAMbg/YTx0SFAJahI/AAAAAAAAL6g/YE2yjyge_V4IhvKBvyzoyX-ytdtw4D8YgCLcBGAsYHQ/s0/ Frame 0F8C 2 MB
2 MB 377ms
213ms Image
image/gif 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-lmnSQYlAMbg/YTx0SFAJahI/AAAAAAAAL6g/YE2yjyge_V4IhvKBvyzoyX-ytdtw4D8YgCLcBGAsYHQ/s0/728doksan.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890onwin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

b5ecd10f91a13900069a0c606287bb3d92a69f953d622093acd09954eae80de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 08:37:43 GMT
x-content-type-options: nosniff
age: 8711
content-disposition: inline;filename="728doksan.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1681140
x-xss-protection: 0
server: fife
etag: "v2fab"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 20:01:00 GMT

GET
H2 200 yedidoksan.gif
1.bp.blogspot.com/-SgVt46jfREI/YMSS8HbrntI/AAAAAAAAAng/Sh351QTg2G4cyd3jtYx9gfmacI2gqi5wQCLcBGAsYHQ/s0/ Frame 1E9E 837 KB
837 KB 339ms
176ms Image
image/gif 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SgVt46jfREI/YMSS8HbrntI/AAAAAAAAAng/Sh351QTg2G4cyd3jtYx9gfmacI2gqi5wQCLcBGAsYHQ/s0/yedidoksan.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrasportboss.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

32f52e9a2e9d531909edbf07d33bf175a6ec34cdce894e665c06b276536d352e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 07:16:42 GMT
x-content-type-options: nosniff
age: 13572
content-disposition: inline;filename="yedidoksan.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 856865
x-xss-protection: 0
server: fife
etag: "v27a"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 19 Nov 2021 06:34:21 GMT

GET
H/1.1 200
OK yedi28doksan.gif
inanamiyorumhalaburdasin.cloud/futbolcafe/ Frame DC9C 1 MB
1 MB 17ms
17ms Image
image/gif 2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/yedi28doksan.gif
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890betistcom.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51c0c0229f08c6fdcc592b577ef9db475873eac81cf44c57290c4e4dfb413f7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890betistcom.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1297
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 1145649
last-modified: Sun, 21 Nov 2021 00:09:47 GMT
Server: cloudflare
etag: "61998e4b-117b31"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DR8OWq4PfhtVd69317Tu8d9m2We5Q3cXf8eHwHofWXxzaHTIje0PVsRJFC67FRv3C69vQtOpPnkaIJuyJ8ID9YMpLDMrlaOpo%2FijNZJQbG1nqQ64a7LYk%2Fkfhfwe9VtPJEQeO4eVJA2J1Yz46P3ImhfEmRSweFT%2BzkudzQo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
access-control-allow-origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6b196db09af8d6f1-FRA

GET
H2 200 bahiscom160-min.gif
1.bp.blogspot.com/-Jx-63CeYEdc/YTkMc5at8EI/AAAAAAAAL5I/iJa3nJyCjj4GnPpDeQsSJjvGdeE3vPtSQCLcBGAsYHQ/s0/ Frame B1FB 1 MB
1 MB 408ms
247ms Image
image/gif 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Jx-63CeYEdc/YTkMc5at8EI/AAAAAAAAL5I/iJa3nJyCjj4GnPpDeQsSJjvGdeE3vPtSQCLcBGAsYHQ/s0/bahiscom160-min.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

48daed2d590f7df15cf306fcdb22d7ad42198248d8e655a5797dc96676cd95c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 09:44:19 GMT
x-content-type-options: nosniff
age: 4716
content-disposition: inline;filename="bahiscom160-min.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1137518
x-xss-protection: 0
server: fife
etag: "v2f94"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 12:45:43 GMT

GET
H2 200 bahiscom160-min.gif
1.bp.blogspot.com/-Jx-63CeYEdc/YTkMc5at8EI/AAAAAAAAL5I/iJa3nJyCjj4GnPpDeQsSJjvGdeE3vPtSQCLcBGAsYHQ/s0/ Frame 47A6 1 MB
1 MB 266ms
105ms Image
image/gif 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Jx-63CeYEdc/YTkMc5at8EI/AAAAAAAAL5I/iJa3nJyCjj4GnPpDeQsSJjvGdeE3vPtSQCLcBGAsYHQ/s0/bahiscom160-min.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

48daed2d590f7df15cf306fcdb22d7ad42198248d8e655a5797dc96676cd95c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 09:44:19 GMT
x-content-type-options: nosniff
age: 4715
content-disposition: inline;filename="bahiscom160-min.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1137518
x-xss-protection: 0
server: fife
etag: "v2f94"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 12:45:43 GMT

GET
H2 200 altikirk.gif
1.bp.blogspot.com/-rjCdSWy9SSo/YPbZWgrZkcI/AAAAAAAAHzc/79TIVAe-aVkmFttAjZBS7xFLA2_gzX_ygCLcBGAsYHQ/s0/ Frame BE97 1 MB
1 MB 349ms
188ms Image
image/gif 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rjCdSWy9SSo/YPbZWgrZkcI/AAAAAAAAHzc/79TIVAe-aVkmFttAjZBS7xFLA2_gzX_ygCLcBGAsYHQ/s0/altikirk.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890betpas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

fb066b15d91be6433f0a20c93466e6cee2a389a7e8b6b54d0cc05772ad3d592a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 08:16:05 GMT
x-content-type-options: nosniff
age: 10009
content-disposition: inline;filename="altikirk.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1124851
x-xss-protection: 0
server: fife
etag: "v1f38"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 19 Nov 2021 20:09:05 GMT

GET
H/1.1 200
OK pop-tipobet.js Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/ Frame CB3A 1 KB
2 KB 20ms
19ms Script
application/javascript 2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/pop-tipobet.js
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fa298f1f5091e4f045c1ea60d1a15e73c2746409dd275c1e38bf4bca38b00b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:54 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1284
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 21 Nov 2021 00:09:44 GMT
Server: cloudflare
etag: W/"61998e48-5e9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FxRHx4DklLln%2F2a3G0ZMjycD5RahZ1ZCD6mspkWZmkqEj4AxS%2BRXhphERC89deGPyI2rU0bem1urqewLHiw3hFY1rT3Du%2BD6e9F%2BmPThMDzDvuDXcuUmkEKcjxhrW%2BeSz%2Bs5dWmUK9B%2FjoYlTt%2F8w71U%2F%2FwSIXuR0%2FSm1E%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-RAY: 6b196db0af79c286-FRA

GET
H3 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame CB3A 513 KB
139 KB 76ms
63ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8090
x-jsd-version: 0.3.13
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19154-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6b196db0bb6c6907-FRA

GET
H2 200 katil%2B%25281%2529.png
1.bp.blogspot.com/--tZ4xQROe8c/X8IpMA2I64I/AAAAAAAAAw4/HSy-HEmx_gkjx-PfBuAdWai_OLDtL2FdgCLcBGAsYHQ/s0/ Frame CB3A 4 KB
4 KB 918ms
617ms Image
image/png 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--tZ4xQROe8c/X8IpMA2I64I/AAAAAAAAAw4/HSy-HEmx_gkjx-PfBuAdWai_OLDtL2FdgCLcBGAsYHQ/s0/katil%2B%25281%2529.png

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

832f92edfa65c94575b1ee0f4228acc37dbbd2b0979afb6f1501f25729f1ce94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 08:32:18 GMT
x-content-type-options: nosniff
age: 9037
content-disposition: inline;filename="katil (1).png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4289
x-xss-protection: 0
server: fife
etag: "v30f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 11:18:10 GMT

GET
H/1.1 200
OK sayac.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/ Frame 828F 759 B
1 KB 17ms
16ms Document
text/html 2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/sayac.html
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c649e281c6fac1b22f773bbbaaec51fae3f89c4f0654fc4545c4ed5d362f896

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html

Response headers

Date: Sun, 21 Nov 2021 11:02:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:45 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1298
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPi%2BbNP7c3XjWo6LdapuVSh7sVsmzHPOVdfcMJJlsmuLa0pcKE%2BCQvaY64JdoTXONEojZHW8JvtgKLe%2B7oy%2FGUQtmJ94jDNvFlDGpK0pan3PqEYSTid3Al9MjMgAzK7k03RBxkWd%2F1Y7mHacoWl47faWbYh%2FY7Up%2FD7tWdo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b196db21cacd6f1-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame 4A7B 1 KB
751 B 354ms
152ms Document
text/html 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D00163749257405D93015EAE83D73DB
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.clomid24.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0df5d431e0a8e15f68096e362082942e15fa01ed2b50c56c9fd9d0f11851af34

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Sun, 21 Nov 2021 11:02:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Sun, 21 Nov 2021 11:02:54 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 48ms
8ms Script
text/javascript 13.225.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.clomid24.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-44.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 24611
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sun, 21 Nov 2021 04:12:45 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: B4vRjpt_bmML94iZ5-o_ozettJ2LEiNee5psiRh8dJmov_Jw33zlDA==

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 382ms
157ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=clomid24.com&_ss=6tx8a6b8eu&_pv=1&_ls=0&_u1=1&_u3=1&_cc=a1&_pl=d&_cbid=24mi&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.clomid24.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9a32c2f720fd5233650b70772604f01da8888611bab9722812734ab85094fba4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:55 GMT
X-T: 0.197
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sun, 21 Nov 2021 11:02:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 828F 90 KB
36 KB 692ms
197ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-74068698-18

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/sayac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

948ef903552aea980035593f523f5aba1e841fd291d28a40a5f8cc0c3930ea98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36138
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Nov 2021 11:02:55 GMT

GET
H2 200 classic.js Show response
widgets.amung.us/ Frame 828F 12 KB
7 KB 74ms
29ms Script
application/x-javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.amung.us/classic.js
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/sayac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 03 May 2021 17:48:39 GMT
server: cloudflare
age: 1381
etag: W/"60903777-2f8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6b196db2baf65b26-FRA
expires: Mon, 22 Nov 2021 10:39:54 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
970 B 35ms
9ms Fetch
application/json 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 16:04:56 GMT
via: 1.1 5626bf35345f32d3e58fb8d33ec4d967.cloudfront.net (CloudFront), 1.1 0c39e892d8c809025c8f47425847f681.cloudfront.net (CloudFront)
age: 68279
x-amzn-requestid: 54473a16-7b00-4b1c-8cc8-f5156b7e4ecf
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P3, FRA56-P5
x-amz-apigw-id: JHFqZFulCYcFYUg=
content-length: 555
x-amz-cf-id: XcbUi-coz5D1wexkLScjnyaSbtAtxEa5BCAksSYc-z8lBdj95j2p_A==

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 30 B
214 B 317ms
154ms Script
text/javascript 67.202.94.86
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=ligtvmax1&t=Taraftarium24%20%7C%20Canl%C4%B1%20ma%C3%A7%20izle%20-%20Taraftarium%20izle%20-%20Sportboss&c=d&x=http%3A%2F%2Fwww.clomid24.com%2F&y=&a=0&v=27&r=4964
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 67.202.94.86 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: c2e0db81885e10612f9ffdf3c30876386955138cb699fe4e18c151677ff84f14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:55 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-560073d44f3102aa/ 2 KB
886 B 107ms
106ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-560073d44f3102aa/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8e36922eb0ab057a9211ed44d69abcd3b1d745cd3779433285e417a84960bc03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:55 GMT
content-encoding: gzip
etag: 101149016--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=26, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 712

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 391ms
383ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=619a275e00340458&bkl=0&bl=1&pdt=831&sid=619a275e00340458&pub=ra-560073d44f3102aa&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.clomid24.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=taraftarium24%2Ctaraftarium%2024%20izle%2Ctaraftarium24%20HD%20izle%2Ctaraftarium%2024%2Ctaraftarium%2Ccanl%C4%B1%20ma%C3%A7%20izle%2Clig%20tv%20izle&colc=1637492575205&jsl=1&uvs=619a275ee317c684000&skipb=1&callback=addthis.cbs.jsonp__152696286586141650
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ccff41bf2f8c3bf9c495b6de588657d4c95535dc0806fe2fdc5f81ce1e86d80d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:55 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 8D81 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 8BDE 71 KB
26 KB 23ms
22ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 21 Nov 2021 11:02:55 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ Frame 828F 8 KB
8 KB 437ms
150ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fsayac.html&j=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: de0ba202196c72ef8182613804b8096c495d2bab49f97db70501cabb3bd68512

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:55 GMT
X-T: 0.566
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Sun, 21 Nov 2021 11:02:54 GMT

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ Frame 828F 29 B
213 B 846ms
672ms Script
text/javascript 67.202.94.86
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=ligtvmax&t=&c=c&x=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fsayac.html&y=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html&a=0&d=0.064&v=27&r=8028
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: HTTP/1.1
Server: 67.202.94.86 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: a42a5933c315db01553e0883d923bd719060874a9d8b299ce2acbbb9ab313ba7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:55 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 399ms
98ms XHR
text/plain 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1041833109&t=pageview&_s=1&dl=http%3A%2F%2Fwww.clomid24.com%2F&ul=en-us&de=UTF-8&dt=Taraftarium24%20%7C%20Canl%C4%B1%20ma%C3%A7%20izle%20-%20Taraftarium%20izle%20-%20Sportboss&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1756369665&gjid=843980489&cid=642720189.1637492575&tid=UA-74068698-11&_gid=1384460789.1637492575&_r=1&_slc=1&z=858050676

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f142.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.clomid24.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.clomid24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 68ms
67ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 21 Nov 2021 11:02:55 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
829 B 136ms
65ms Fetch
application/json 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 12:27:01 GMT
content-encoding: gzip
server: restify
age: 81354
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: http://www.clomid24.com
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: ASoH2psMHTJ7l8m4IE7Tu1EUbNKpcT4y4dt1edF7QUYoRZNsFDMivw==
via: 1.1 0c39e892d8c809025c8f47425847f681.cloudfront.net (CloudFront)

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 41 KB
13 KB 343ms
60ms Script
text/javascript 13.225.78.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.clomid24.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f5ef4bce0b6ede888121257c121d7fa0c4ad318d41a42cf5363aaf38887b4cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 21 Nov 2021 04:36:15 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 14:47:15 GMT
server: AmazonS3
age: 23201
etag: W/"4af0bf22ab119df74dc485a800a7d249"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: tsB0JN78_987jv7rOdiRCRJmsHdzwEvx441l_GT3V622Ee_80k9j2A==

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
407 B 673ms
125ms Script
application/javascript 159.203.161.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=6D00163749257405D93015EAE83D73DB&nid=0&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2Fwww.clomid24.com%2F&r=
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.clomid24.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.203.161.83 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: lb4.ny1.dtscdn.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 10:47:32 GMT
X-T: 0.87
x-server: web16.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Sun, 21 Nov 2021 10:47:31 GMT

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ 62 B
425 B 527ms
174ms Image
image/gif 104.79.88.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=6D00163749257405D93015EAE83D73DB&ret=html&phint=__bk_t%3DTaraftarium24%20%7C%20Canl%C4%B1%20ma%C3%A7%20izle%20-%20Taraftarium%20izle%20-%20Sportboss&phint=__bk_k%3Dtaraftarium24%2Ctaraftarium%2024%20izle%2C%20taraftarium24%20HD%20izle%2C%20taraftarium%2024%2C%20taraftarium%2C%20canl%C4%B1%20ma%C3%A7%20izle%2C%20lig%20tv%20izle&phint=__bk_l%3Dhttp%3A%2F%2Fwww.clomid24.com%2F&r=41174790
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.88.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Nov 2021 11:02:55 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 2a03
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=6D00163749257405D93015EAE83D73DB
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=76b0c695-53d5-4163-ac6a-54415278b8dc&icm
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4384072b7164eb81eeac97f58378d126
https://spl.zeotap.com/?zdid=1332&zcluid=7eafd98e46a71272
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3e54c885-e49c-4d63-587f-3ce02c46e7cc&reqId=635ea9b1-4e06-4ef8-77b1-2eddbf219acf&zclui...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3e54c885-e49c-4d63-587f-3ce02c46e7cc&reqId=635ea9b1-4e06-4ef8-77b1-2eddbf219acf&zclu...
https://mwzeom.zeotap.com/mw?google_gid=CAESENg0w-N5LrG3TzwX3LLrTaM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3e54c885-e49c-4d63-587f-3ce02c46e7cc&reqId=635ea9b1-4e06-4ef8-77b1-2ed...

95 B
164 B

40ms
31ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESENg0w-N5LrG3TzwX3LLrTaM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3e54c885-e49c-4d63-587f-3ce02c46e7cc&reqId=635ea9b1-4e06-4ef8-77b1-2eddbf219acf&zcluid=7eafd98e46a71272&zdid=1332
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: http://www.clomid24.com
access-control-allow-credentials: true
cf-ray: 6b196dbdb8214a74-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESENg0w-N5LrG3TzwX3LLrTaM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3e54c885-e49c-4d63-587f-3ce02c46e7cc&reqId=635ea9b1-4e06-4ef8-77b1-2eddbf219acf&zcluid=7eafd98e46a71272&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 301ms
51ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
age: 207764
etag: W/"6129520b-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b196db68e63c29f-FRA
expires: Wed, 24 Nov 2021 11:02:55 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 35 B
285 B 359ms
230ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.clomid24.com%2F&callback=_ate.cbs.rcb_81820

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

fb11ed485c474e45365712df9f182a3fc815c5878d4a7258a0bf42913fa4d94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.clomid24.com/
last-modified: Sun, 21 Nov 2021 11:02:55 GMT
server: nginx/1.15.8
date: Sun, 21 Nov 2021 11:02:55 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 55

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
256 B 179ms
50ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.clomid24.com%2F

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.clomid24.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.clomid24.com/
last-modified: Sun, 21 Nov 2021 10:00:00 GMT
server: nginx/1.15.8
date: Sun, 21 Nov 2021 11:02:55 GMT
content-type: application/json
access-control-allow-origin: http://www.clomid24.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 35 B
285 B 344ms
215ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.clomid24.com%2F&callback=_ate.cbs.rcb_5u690

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

358d89ee184f6b1b5ed528527dc4e522d4cbd159f04875fef94fa35480065571

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.clomid24.com/
last-modified: Sun, 21 Nov 2021 11:02:55 GMT
server: nginx/1.15.8
date: Sun, 21 Nov 2021 11:02:55 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 55

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.clomid24.com%2F&callback=window._ate.cbs.rcb_iqe00
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.clomid24.com%2F&callback=window._ate.cbs.rcb_iqe00

71 B
299 B

176ms
17ms

Script
application/javascript

151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.clomid24.com%2F&callback=window._ate.cbs.rcb_iqe00

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8dfca2a6649ea9249bf32f97adec462f805d7b9aa646d31c1aa77660e42f9bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 1472295889259789
expires: Sun, 21 Nov 2021 11:17:17 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.clomid24.com%2F&callback=window._ate.cbs.rcb_iqe00
Non-Authoritative-Reason: HSTS

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.clomid24.com%2F&callback=window._ate.cbs.rcb_aqk90
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.clomid24.com%2F&callback=window._ate.cbs.rcb_aqk90

72 B
142 B

176ms
18ms

Script
application/javascript

151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.clomid24.com%2F&callback=window._ate.cbs.rcb_aqk90

Requested by

Host: www.clomid24.com
URL: http://www.clomid24.com/

Protocol

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a2398aa6f622e4467f2ecc59f38f11eba41d7785506c2d6582056393c363445

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 2582682027338276
expires: Sun, 21 Nov 2021 11:17:17 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.clomid24.com%2F&callback=window._ate.cbs.rcb_aqk90
Non-Authoritative-Reason: HSTS

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 828F 41 KB
13 KB 114ms
65ms Script
text/javascript 13.225.78.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fsayac.html&j=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f5ef4bce0b6ede888121257c121d7fa0c4ad318d41a42cf5363aaf38887b4cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 21 Nov 2021 04:36:15 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 14:47:15 GMT
server: AmazonS3
age: 23201
etag: W/"4af0bf22ab119df74dc485a800a7d249"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: MxadSSpiuodrc8n4SjlQv-V1KMqjumaNya4kyIw4nE4cmH6PWkOZkA==

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 828F
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=6D00163749257405D93015EAE83D73DB
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=76b0c695-53d5-4163-ac6a-54415278b8dc&icm
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4384072b7164eb81eeac97f58378d126
https://spl.zeotap.com/?zdid=1332&zcluid=7eafd98e46a71272
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4b2e44a-2a90-457e-519e-808316dec4ae&reqId=dc9eb6e1-e7e6-47ec-742d-16d36dad6790&zclui...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4b2e44a-2a90-457e-519e-808316dec4ae&reqId=dc9eb6e1-e7e6-47ec-742d-16d36dad6790&zclu...
https://mwzeom.zeotap.com/mw?google_gid=CAESENdlH5UjyXAvQNj9M-AjI_Q&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4b2e44a-2a90-457e-519e-808316dec4ae&reqId=dc9eb6e1-e7e6-47ec-742d-16d...

95 B
153 B

46ms
37ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESENdlH5UjyXAvQNj9M-AjI_Q&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4b2e44a-2a90-457e-519e-808316dec4ae&reqId=dc9eb6e1-e7e6-47ec-742d-16d36dad6790&zcluid=7eafd98e46a71272&zdid=1332
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/sayac.html
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: http://inanamiyorumhalaburdasin.cloud
access-control-allow-credentials: true
cf-ray: 6b196dbdb81c4a74-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESENdlH5UjyXAvQNj9M-AjI_Q&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4b2e44a-2a90-457e-519e-808316dec4ae&reqId=dc9eb6e1-e7e6-47ec-742d-16d36dad6790&zcluid=7eafd98e46a71272&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ Frame 828F 0
407 B 486ms
137ms Script
application/javascript 159.203.161.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=6D00163749257405D93015EAE83D73DB&nid=0&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fsayac.html&r=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fsayac.html&j=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.203.161.83 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: lb4.ny1.dtscdn.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 09:59:21 GMT
X-T: 1.48
x-server: web14.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Sun, 21 Nov 2021 09:59:20 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 828F 30 KB
10 KB 62ms
62ms Script
text/javascript 13.225.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fsayac.html&j=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-44.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 24611
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sun, 21 Nov 2021 04:12:45 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ju8ggEPVEbKuU_BqJwiTCapv7Jji6PbKxtscdxQJtDwpvftpNCrH9w==

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ Frame 828F 50 B
318 B 122ms
122ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=inanamiyorumhalaburdasin.cloud&_ss=6wix7x3kzo&_pv=1&_ls=0&_u1=1&_u3=1&_cc=a1&_pl=d&_cbid=5ofl&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fsayac.html&j=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fcloudbozguncu%2Fgod.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ed84218018b27d07eddddcd8ac0310ed325e84a7244bb1f01d81b5cb4952a501

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:55 GMT
X-T: 0.224
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sun, 21 Nov 2021 11:02:54 GMT

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ Frame 828F 62 B
425 B 312ms
194ms Image
image/gif 104.79.88.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=6D00163749257405D93015EAE83D73DB&ret=html&phint=__bk_l%3Dhttp%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fsayac.html&r=71207446
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/sayac.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.88.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Nov 2021 11:02:55 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 5608
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 828F 555 B
968 B 45ms
45ms Fetch
application/json 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 20:16:12 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront), 1.1 0c39e892d8c809025c8f47425847f681.cloudfront.net (CloudFront)
age: 53203
x-amzn-requestid: 2a8af8d5-969c-4673-ab6d-68e423f6c7a0
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1, FRA56-P5
x-amz-apigw-id: JHqd6HEYCYcFvBw=
content-length: 555
x-amz-cf-id: 0RKsjj7dSTgG3kBwxgQtccN5q2AN8lVnNJkc-eokm4ABKpavaQPa5g==

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 437ms
157ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637492575836&dn=TC&iso=0&img=https%3A%2F%2F3.bp.blogspot.com%2F-L9hPWOoLIho%2FWJSeD7X5BdI%2FAAAAAAAAC0Y%2Fbh9qXQsGysQJuO4PJ7yhEPO-ZnplM56XQCLcB%2Fw1200-h630-p-k-no-nu%2FG%2525C3%2525B6nl%2525C3%2525BCn%2525C3%2525BCz%252BRahat%252BOlarak%252BMa%2525C3%2525A7%252BSeyredeceksiniz.jpg&t=Taraftarium24%20%7C%20Canl%C4%B1%20ma%C3%A7%20izle%20-%20Taraftarium%20izle%20-%20Sportboss&cu=http%3A%2F%2Fwww.clomid24.com%2F
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 828F 49 KB
20 KB 387ms
87ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74068698-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f142.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 109
date: Sun, 21 Nov 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 21 Nov 2021 13:01:07 GMT

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ Frame 828F 1 KB
840 B 23ms
23ms Fetch
application/json 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 16:32:02 GMT
content-encoding: gzip
server: restify
age: 66654
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: http://inanamiyorumhalaburdasin.cloud
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: yzIOV4XbZAdp-wal-XB-vP_aPcn3w9AmGTf0nYCZG0gCRyzXiZn6Qg==
via: 1.1 0c39e892d8c809025c8f47425847f681.cloudfront.net (CloudFront)

GET
H2 200 tc.js Show response
cdn.tynt.com/ Frame 828F 17 KB
7 KB 66ms
65ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
age: 207765
etag: W/"6129520b-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b196db8b9c0c29f-FRA
expires: Wed, 24 Nov 2021 11:02:56 GMT

GET
DATA 200
OK truncated
/ Frame 828F 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 162ms
109ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!ligtvmax1&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:55 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Mon, 22 Nov 2021 11:02:56 GMT

GET
H2 204 p
ic.tynt.com/b/ Frame CB3A 0
227 B 104ms
104ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637492576216&dn=TC&iso=1&r=http%3A%2F%2Fwww.clomid24.com%2F&t=inanamiyorumhalaburdasin.cloud
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 104ms
104ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637492575836&dn=TC&iso=0&img=https%3A%2F%2F3.bp.blogspot.com%2F-L9hPWOoLIho%2FWJSeD7X5BdI%2FAAAAAAAAC0Y%2Fbh9qXQsGysQJuO4PJ7yhEPO-ZnplM56XQCLcB%2Fw1200-h630-p-k-no-nu%2FG%2525C3%2525B6nl%2525C3%2525BCn%2525C3%2525BCz%252BRahat%252BOlarak%252BMa%2525C3%2525A7%252BSeyredeceksiniz.jpg&t=Taraftarium24%20%7C%20Canl%C4%B1%20ma%C3%A7%20izle%20-%20Taraftarium%20izle%20-%20Sportboss&cu=http%3A%2F%2Fwww.clomid24.com%2F
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame CB3A 0
227 B 104ms
104ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637492576216&dn=TC&iso=1&r=http%3A%2F%2Fwww.clomid24.com%2F&t=inanamiyorumhalaburdasin.cloud
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
104ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637492575836&dn=TC&iso=0&img=https%3A%2F%2F3.bp.blogspot.com%2F-L9hPWOoLIho%2FWJSeD7X5BdI%2FAAAAAAAAC0Y%2Fbh9qXQsGysQJuO4PJ7yhEPO-ZnplM56XQCLcB%2Fw1200-h630-p-k-no-nu%2FG%2525C3%2525B6nl%2525C3%2525BCn%2525C3%2525BCz%252BRahat%252BOlarak%252BMa%2525C3%2525A7%252BSeyredeceksiniz.jpg&t=Taraftarium24%20%7C%20Canl%C4%B1%20ma%C3%A7%20izle%20-%20Taraftarium%20izle%20-%20Sportboss
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame CB3A 0
227 B 106ms
106ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637492576216&dn=TC&iso=1&r=http%3A%2F%2Fwww.clomid24.com%2F&t=inanamiyorumhalaburdasin.cloud
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 123ms
122ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637492575836&dn=TC&iso=0&img=https%3A%2F%2F3.bp.blogspot.com%2F-L9hPWOoLIho%2FWJSeD7X5BdI%2FAAAAAAAAC0Y%2Fbh9qXQsGysQJuO4PJ7yhEPO-ZnplM56XQCLcB%2Fw1200-h630-p-k-no-nu%2FG%2525C3%2525B6nl%2525C3%2525BCn%2525C3%2525BCz%252BRahat%252BOlarak%252BMa%2525C3%2525A7%252BSeyredeceksiniz.jpg
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame CB3A 4 B
202 B 125ms
125ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!ligtvmax&dn=TC&cc=1&r=http%3A%2F%2Fwww.clomid24.com%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Mon, 22 Nov 2021 11:02:56 GMT

GET
H2 204 p
ic.tynt.com/b/ Frame CB3A 0
227 B 127ms
126ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637492576216&dn=TC&iso=1&r=http%3A%2F%2Fwww.clomid24.com%2F
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 113ms
113ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637492575836&dn=TC&iso=0&img=https%3A%2F%2F3.bp.blogspot.com%2F-L9hPWOoLIho%2FWJSeD7X5BdI%2FAAAAAAAAC0Y%2Fbh9qXQsGysQJuO4PJ7yhEPO-ZnplM56XQCLcB%2Fw1200-h630-p-k-no-nu%2FG%2525C3%2525B6nl%2525C3%2525BCn%2525C3%2525BCz%252BRahat%252BOlarak%252BMa%2525C3%2525A7%252BSeyredeceksiniz.jpg
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame CB3A 0
227 B 118ms
118ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637492576216&dn=TC&iso=1
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 122ms
122ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637492575836&dn=TC&iso=0&img=https%3A%2F%2F3.bp.blogspot.com%2F-L9hPWOoLIho%2FWJSeD7X5BdI%2FAAAAAAAAC0Y%2Fbh9qXQsGysQJuO4PJ7yhEPO-ZnplM56XQCLcB%2Fw1200-h630-p-k-no-nu%2FG%2525C3%2525B6nl%2525C3%2525BCn%2525C3%2525BCz%252BRahat%252BOlarak%252BMa%2525C3%2525A7%252BSeyredeceksiniz.jpg
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame CB3A 0
227 B 104ms
104ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637492576216&dn=TC&iso=1
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 108ms
108ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637492575836&dn=TC&iso=0
Requested by: Host: www.clomid24.com
URL: http://www.clomid24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame CB3A 0
227 B 104ms
104ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637492576216&dn=TC&iso=1
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/cloudbozguncu/god.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 828F 4 KB
1 KB 25ms
7ms XHR
application/json 13.225.78.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: http://inanamiyorumhalaburdasin.cloud/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 21 Nov 2021 00:59:47 GMT
content-encoding: gzip
age: 36190
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 14:47:15 GMT
server: AmazonS3
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 9JddY4ONrJKwXDsx9K506VmNKBFhbxGbdSA-OaDbomwTbpG9mZeyfg==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame 828F 235 B
1019 B 85ms
78ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 910d708b5265c1d8380385809a85e3d8e8b7abcec01d31dd7c453bfd27717d38

Request headers

Referer: http://inanamiyorumhalaburdasin.cloud/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://inanamiyorumhalaburdasin.cloud
cache-control: no-cache
x-server: 10.45.17.200
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 235
expires: 0

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 8ms
8ms XHR
application/json 13.225.78.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: http://www.clomid24.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 20 Nov 2021 12:27:08 GMT
content-encoding: gzip
age: 81348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 14:47:15 GMT
server: AmazonS3
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: f-uVyo3vCx-pPFzyCzNf993P46hIhqw8FfW7_higzxTFsWTjRE9t9g==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 240 B
1014 B 101ms
101ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a90eb2400f9fa41612be705afca5dd511a51c857af60e12cd812f7feda87e55a

Request headers

Referer: http://www.clomid24.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://www.clomid24.com
cache-control: no-cache
x-server: 10.45.13.185
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 240
expires: 0

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 4232 2 KB
1 KB 9ms
7ms Document
text/html 13.225.78.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/

Response headers

content-type: text/html
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 21 Nov 2021 06:05:16 GMT
cache-control: max-age: 86400
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: iHDbqv2EtJe81NSa4JeYQez3j77HaWSAsMXy0kSeSgLY0HRFKOItYA==
age: 17862

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 5A54 3 KB
3 KB 30ms
30ms Document
text/html 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: d2f90323db73fb87fc0f544db102927d26d107aca026a40b587996be3e1acfbf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Sun, 21 Nov 2021 11:02:57 GMT
content-type: text/html
content-length: 3116
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.25.213
server: Jetty(9.4.38.v20210224)

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 30C6 2 KB
1 KB 10ms
10ms Document
text/html 13.225.78.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.clomid24.com/

Response headers

content-type: text/html
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 21 Nov 2021 06:05:16 GMT
cache-control: max-age: 86400
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: lho_qTJNLdoDKtRdyGs1O7Ism5awC9wDBkmSjxAHBRSGMMTLkVQsjA==
age: 17862

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5A54 70 B
264 B 31ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK ltm
audex.userreport.com/sync/put/ Frame 5A54 43 B
433 B 69ms
11ms Image
image/gif 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/ltm?ltmid=4384072b7164eb81eeac97f58378d126
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:57 GMT
Via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: 0fKW0UPG_alEXaj5pfQUGwY4JZRSmkf8UtxUE-c_k2_J8ZIOwVln1g==

GET
H2

200

tpid=42e4ce01-ffcd-4e18-86ee-a3f38cab84c7
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 5A54
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=4384072b7164eb81eeac97f58378d126&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=4384072b7164eb81eeac97f58378d126&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=42e4ce01-ffcd-4e18-86ee-a3f38cab84c7

49 B
264 B

36ms
36ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=42e4ce01-ffcd-4e18-86ee-a3f38cab84c7
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.43
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=42e4ce01-ffcd-4e18-86ee-a3f38cab84c7
date: Sun, 21 Nov 2021 11:02:57 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

/
loadm.exelator.com/load/ Frame 5A54
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=260&buid=4384072b7164eb81eeac97f58378d126&j=0
https://loadm.exelator.com/load/?p=204&g=260&buid=4384072b7164eb81eeac97f58378d126&j=0&xl8blockcheck=1

0
751 B

38ms
30ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=260&buid=4384072b7164eb81eeac97f58378d126&j=0&xl8blockcheck=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:57 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sun, 21 Nov 2021 11:02:57 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=260&buid=4384072b7164eb81eeac97f58378d126&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

403

tpid=051ad981-f557-49e3-a946-8766c647b9a6
sync.crwdcntrl.net/map/c=10492/tp=AVCT/ Frame 5A54
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=051ad981-f557-49e3-a946-8766c647b9a6

49 B
269 B

34ms
34ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=051ad981-f557-49e3-a946-8766c647b9a6
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.13.102
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=051ad981-f557-49e3-a946-8766c647b9a6
date: Sun, 21 Nov 2021 11:02:57 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 111
content-type: text/html; charset=utf-8

GET t
px.surveywall-api.survata.com/ Frame 5A54 0
0

GET
H2

200

tpid=57394720596031767801401165459515940626
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 5A54
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=4384072b7164eb81eeac97f58378d126&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=4384072b7164eb81eeac97f58378d126&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=57394720596031767801401165459515940626

49 B
265 B

31ms
31ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=57394720596031767801401165459515940626
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.22.145
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-irl1-1-v019-0f2e8014a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 7gAhCjUoSbM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=57394720596031767801401165459515940626
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET sync
sync.tag.clrstm.com/lotame/ Frame 5A54 0
0

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame 5A54 42 B
232 B 56ms
9ms Image
image/gif 52.29.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/lotame?uid=4384072b7164eb81eeac97f58378d126&gdpr=1

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-0-64.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:57 GMT
Connection: keep-alive
Content-Length: 42
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 5A54 0
338 B 152ms
28ms Image
text/plain 52.19.142.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=4384072b7164eb81eeac97f58378d126
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.142.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=100 t=1637492577
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET image.sbxx
global.ib-ibi.com/ Frame 5A54 0
0

GET
H2

200

tpid=164850503977000161716
bcp.crwdcntrl.net/5/c=368/tp=NEUS/ Frame 5A54
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9202276048
https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164850503977000161716

49 B
510 B

48ms
42ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164850503977000161716
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.190
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164850503977000161716
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame 5A54 43 B
422 B 147ms
31ms Image
image/gif 52.208.138.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=4384072b7164eb81eeac97f58378d126&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.138.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Nov 2021 11:02:56 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Mon, 22 Nov 2021 06:02:57 GMT

GET
H2

200

tpid=0-2f06219f-9fc1-424e-54ca-b05d74cfe14f$ip$185.213.155.169
bcp.crwdcntrl.net/map/c=6569/tp=STKA/ Frame 5A54
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-2f06219f-9fc1-424e-54ca-b05d74cfe14f$ip$185.213.155.169

49 B
264 B

34ms
34ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-2f06219f-9fc1-424e-54ca-b05d74cfe14f$ip$185.213.155.169
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.3.14
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Location: https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-2f06219f-9fc1-424e-54ca-b05d74cfe14f$ip$185.213.155.169
Date: Sun, 21 Nov 2021 11:02:57 GMT
Connection: keep-alive
Content-Length: 130
Content-Type: text/html; charset=utf-8

GET
H2

200

tpid=29aa890d-3291-41a6-a958-0f10ca2a18a3
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame 5A54
Redirect Chain

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=29aa890d-3291-41a6-a958-0f10ca2a18a3?gdpr=1&gdpr_consent=

49 B
265 B

33ms
33ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=29aa890d-3291-41a6-a958-0f10ca2a18a3?gdpr=1&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.190
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Apache-Coyote/1.1
location: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=29aa890d-3291-41a6-a958-0f10ca2a18a3?gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

tpid=CI-9482fc1df455cf43e0f5d6f3ac18e9d8
bcp.crwdcntrl.net/map/c=6220/tp=TRMR/ Frame 5A54
Redirect Chain

https://dt-secure.videohub.tv/v1/usync/lo
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-9482fc1df455cf43e0f5d6f3ac18e9d8

49 B
265 B

34ms
34ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-9482fc1df455cf43e0f5d6f3ac18e9d8
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.234
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Location: https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-9482fc1df455cf43e0f5d6f3ac18e9d8
Date: Sun, 21 Nov 2021 11:02:57 GMT
useSecure: true
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 5A54
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=3c33619a-2761-4000-9152-47bb5503adb6

49 B
265 B

35ms
34ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=3c33619a-2761-4000-9152-47bb5503adb6
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.27.192
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Sun, 21 Nov 2021 11:02:57 GMT
Server: MT3 4103 f8fad19 master zrh-pixel-x13 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=3c33619a-2761-4000-9152-47bb5503adb6
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 21 Nov 2021 11:02:56 GMT

GET
H2 204 usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame 5A54 0
191 B 108ms
22ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

tpid=YZonYQAGL7mfzwBR&_test=YZonYQAGL7mfzwBR
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 5A54
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YZonYQAGL7mfzwBR
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YZonYQAGL7mfzwBR&_test=YZonYQAGL7mfzwBR

49 B
265 B

32ms
32ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YZonYQAGL7mfzwBR&_test=YZonYQAGL7mfzwBR
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.13.185
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637492578.537162,VS0,VE0
x-served-by: cache-hhn4036-HHN
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YZonYQAGL7mfzwBR&_test=YZonYQAGL7mfzwBR
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 5A54 170 B
188 B 57ms
51ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame 5A54 62 B
304 B 174ms
172ms Image
image/gif 104.79.88.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=3f09bfce3bb87c171afc4009294f38a5
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.88.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:57 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

tpid=8564095190868966493
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 5A54
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/4384072b7164eb81eeac97f58378d126/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8564095190868966493

49 B
264 B

37ms
37ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8564095190868966493
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.5.156
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8564095190868966493
pragma: no-cache
date: Sun, 21 Nov 2021 11:02:56 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=447300670/tpid=5907677987901563007/ Frame 5A54
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=447300670%2Ftpid%3D%24UID%2Ftp%3DANXS
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D447300670%252Ftpid%253D%2524UID%252Ftp%253DANXS
https://sync.crwdcntrl.net/map/c=281/rand=447300670/tpid=5907677987901563007/tp=ANXS

49 B
264 B

31ms
31ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=447300670/tpid=5907677987901563007/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C100%2C97%2C95%2C94%2C90%2C81%2C80%2C78%2C65%2C61%2C54%2C50%2C45%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.5.102
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 21 Nov 2021 11:02:57 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 78217d6c-cc78-4cde-a9aa-60e7aaf15b37
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=447300670/tpid=5907677987901563007/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 11B7 4 KB
4 KB 29ms
29ms Document
text/html 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 988d7d371564a135ff94043c461b0e5454d67f6411af56a906019b726d3ea47f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Sun, 21 Nov 2021 11:02:57 GMT
content-type: text/html
content-length: 3604
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.10.135
server: Jetty(9.4.38.v20210224)

GET
H/1.1 200
OK /
wt.rqtrk.eu/ Frame 11B7 43 B
356 B 108ms
29ms Image
image/gif 54.36.172.109
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=555788461&gdpr=1&gdpr_consent=&gdpr_pd=0&uid=4384072b7164eb81eeac97f58378d126
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.36.172.109 , France, ASN16276 (OVH, FR),
Reverse DNS: pl01.roqad.pl
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Nov 2021 11:02:57 GMT
Server: openresty
P3P: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 21 Nov 2021 11:02:56 GMT

GET
H2

200

tpid=7271959224854895763
sync.crwdcntrl.net/map/c=6466/tp=ADFM/ Frame 11B7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1040
https://c1.adform.net/serving/cookie/match?CC=1&party=1040
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=7271959224854895763

49 B
265 B

36ms
36ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=7271959224854895763
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.25.218
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: nginx
location: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=7271959224854895763
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 11B7 0
166 B 81ms
17ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

5907
tags.bluekai.com/site/ Frame 11B7
Redirect Chain

https://id5-sync.com/s/19/9.gif?puid=4384072b7164eb81eeac97f58378d126&gdpr=1
https://id5-sync.com/c/19/19/9/1.gif?puid=4384072b7164eb81eeac97f58378d126&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpui...
https://tags.bluekai.com/site/5907?limit=0&id=3f09bfce3bb87c171afc4009294f38a5&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=

62 B
304 B

184ms
184ms

Image
image/gif

104.79.88.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=3f09bfce3bb87c171afc4009294f38a5&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: HTTP/1.1
Server: 104.79.88.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:57 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://tags.bluekai.com/site/5907?limit=0&id=3f09bfce3bb87c171afc4009294f38a5&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
cache-control: no-cache
x-server: 10.45.15.208
content-length: 0
expires: 0

GET
H2 404 insync
thrtle.com/ Frame 11B7 0
0 308ms
99ms Image
text/html 3.215.242.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=4384072b7164eb81eeac97f58378d126
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.242.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-242-19.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 cm
trc.taboola.com/sg/lotame/1/ Frame 11B7 43 B
229 B 61ms
26ms Image
image/gif 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lotame/1/cm
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
via: 1.1 varnish
server: nginx
x-timer: S1637492577.254542,VS0,VE9
x-served-by: cache-hhn4046-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

tpid=000000000000000000000000000000000000
sync.crwdcntrl.net/map/c=9193/tp=SHLC/ Frame 11B7
Redirect Chain

https://pixel.shareaholic.com/sync?r=https://sync.crwdcntrl.net/map/c=9193/tp=SHLC/tpid=$u_id
https://sync.crwdcntrl.net/map/c=9193/tp=SHLC/tpid=000000000000000000000000000000000000

49 B
265 B

39ms
38ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9193/tp=SHLC/tpid=000000000000000000000000000000000000
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.19.203
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=9193/tp=SHLC/tpid=000000000000000000000000000000000000
pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'

GET
H2 403 sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 11B7 0
0 53ms
22ms Image
text/html 104.16.112.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.112.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2

200

tpid=956c9c5e-4aba-11ec-bdda-10ffbde80506
sync.crwdcntrl.net/map/c=16299/tp=SPXC/ Frame 11B7
Redirect Chain

https://sync.search.spotxchange.com/audience_sync/7?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D16299%2Ftp%3DSPXC%2Ftpid%3D%24SPOTX_AUDIENCE_ID
https://sync.crwdcntrl.net/map/c=16299/tp=SPXC/tpid=956c9c5e-4aba-11ec-bdda-10ffbde80506

49 B
265 B

33ms
32ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=16299/tp=SPXC/tpid=956c9c5e-4aba-11ec-bdda-10ffbde80506
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.17.200
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Sun, 21 Nov 2021 11:02:57 GMT
Server: nginx
Location: https://sync.crwdcntrl.net/map/c=16299/tp=SPXC/tpid=956c9c5e-4aba-11ec-bdda-10ffbde80506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 12
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame 11B7 0
328 B 433ms
25ms Image
text/plain 51.144.7.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&id=Lotame:4384072b7164eb81eeac97f58378d126
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:57 GMT
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
Arr-Disable-Session-Affinity: true
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5
Content-Length: 0

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 11B7 35 B
248 B 97ms
95ms Image
image/gif 51.79.83.225
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?mapped=4384072b7164eb81eeac97f58378d126&partner=104
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.83.225 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: pikafka-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2

200

p2
sb.scorecardresearch.com/ Frame 11B7
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=6635176&c3=2&cs_xi=4384072b7164eb81eeac97f58378d126&rn=[TIMESTAMP]
https://sb.scorecardresearch.com/p2?c1=9&c2=6635176&c3=2&cs_xi=4384072b7164eb81eeac97f58378d126&rn=%5BTIMESTAMP%5D

64 B
330 B

10ms
10ms

Image
image/gif

143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=9&c2=6635176&c3=2&cs_xi=4384072b7164eb81eeac97f58378d126&rn=%5BTIMESTAMP%5D
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:57 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 9pUpeJOd8vsl0s7W-zaFDq63ldd8L5YCk2AkcSpV7xHCVqDgrqvbYQ==

Redirect headers

date: Sun, 21 Nov 2021 11:02:57 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=9&c2=6635176&c3=2&cs_xi=4384072b7164eb81eeac97f58378d126&rn=%5BTIMESTAMP%5D
content-length: 136
x-amz-cf-id: wuO96SEONKdT3bnyhSJniGA30vjuJ-J_D19KAqJQgYE3RyL1yGp1iw==

GET
H2

451

420246.gif
idsync.rlcdn.com/ Frame 11B7
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=120&cm=4384072b7164eb81eeac97f58378d126
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:8291b7795f5a6a3abf10608dceb26d27&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=57394720596031767801401165459515940626
https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:8291b7795f5a6a3abf10608dceb26d27/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm=4384072b7164eb81eeac97f58378d126
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:8291b7795f5a6a3abf10608dceb26d27&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
https://d.agkn.com/pixel/10751/?che=1637492544&ip=185.213.155.169&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D164850503977000161716
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=164850503977000161716
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:8291b7795f5a6a3abf10608dceb26d27&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=57394720596031767801401165459515940626
https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27

0
66 B

84ms
19ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:58 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Sun, 21 Nov 2021 11:02:58 GMT
server: Aorta/20211029.2f91d75
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
Content-Type: application/json
Location: https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-22-145.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H2

204

0.gif
x01.aidata.io/ Frame 11B7
Redirect Chain

https://x01.aidata.io/0.gif?pid=LOTAME&id=4384072b7164eb81eeac97f58378d126
https://x01.aidata.io/0.gif?pid=LOTAME&id=4384072b7164eb81eeac97f58378d126&bounce=1

0
433 B

46ms
46ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LOTAME&id=4384072b7164eb81eeac97f58378d126&bounce=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
last-modified: Sun, 21 Nov 2021 11:02:56 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Sun, 21 Nov 2021 11:02:56 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
last-modified: Sun, 21 Nov 2021 11:02:56 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://x01.aidata.io/0.gif?pid=LOTAME&id=4384072b7164eb81eeac97f58378d126&bounce=1
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sun, 21 Nov 2021 11:02:56 GMT

GET
H2

200

lotame
px.adhigh.net/p/cm/ Frame 11B7
Redirect Chain

https://px.adhigh.net/p/cm/lotame
https://px.adhigh.net/p/cm/lotame?bounced=1

49 B
325 B

45ms
45ms

Image
image/gif

193.232.148.140
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/lotame?bounced=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Server: 193.232.148.140 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp1.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: nginx
x-backend-id: f1-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f1-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/p/cm/lotame?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 451 sync
pippio.com/api/ Frame 11B7 0
66 B 185ms
119ms Image
text/plain 107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?pid=1311&it=1&iv=4384072b7164eb81eeac97f58378d126
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:02:57 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 11B7 0
344 B 65ms
11ms Image
text/plain 3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=51mdg9u&uid=4384072b7164eb81eeac97f58378d126
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 11:02:57 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 204
No Content merge
ce.lijit.com/ Frame 11B7 0
348 B 450ms
141ms Image
text/plain 63.251.14.14
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=4384072b7164eb81eeac97f58378d126&gdpr=1&location=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D5436%2Ftp%3DSVRN%2Ftpid%3D%5BSOVRNID%5D
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Nov 2021 11:02:57 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1sea1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 11B7 43 B
408 B 177ms
37ms Image
image/gif 173.231.181.122
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Nov 2021 11:02:57 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-3
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 11B7 0
214 B 41ms
9ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=4384072b7164eb81eeac97f58378d126&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

tpid=C5tRTsNA1MOKCB5
sync.crwdcntrl.net/map/c=1818/tp=DTXU/ Frame 11B7
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_
https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=C5tRTsNA1MOKCB5

49 B
264 B

50ms
50ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=C5tRTsNA1MOKCB5
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.1.208
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 21 Nov 2021 11:02:57 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=C5tRTsNA1MOKCB5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame 11B7 103 B
416 B 46ms
19ms Script
application/json 18.169.90.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.90.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-90-17.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: application/json
content-length: 103
expires: 0

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=822452051/tpid=5907677987901563007/ Frame 11B7
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=822452051%2Ftpid%3D%24UID%2Ftp%3DANXS
https://sync.crwdcntrl.net/map/c=281/rand=822452051/tpid=5907677987901563007/tp=ANXS

49 B
265 B

44ms
44ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=822452051/tpid=5907677987901563007/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C145%2C136%2C135%2C125%2C108%2C105%2C104%2C103%2C92%2C89%2C87%2C79%2C76%2C71%2C70%2C49%2C43%2C42%2C31%2C30%2C8%2C2&c=3825
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:02:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.17.202
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 21 Nov 2021 11:02:57 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 47c65584-8cb9-42b6-bcb7-213f0e96d6cb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=822452051/tpid=5907677987901563007/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/t

Domain: sync.tag.clrstm.com
URL: https://sync.tag.clrstm.com/lotame/sync?uid=4384072b7164eb81eeac97f58378d126

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=4384072b7164eb81eeac97f58378d126

Verdicts & Comments Add Verdict or Comment

288 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dtscout.com/	1970-01-20 01:15:32	Name: df Value: 1637492574
.dtscout.com/	1970-01-20 00:58:15	Name: l Value: 6D00163749257405D93015EAE83D73DB
www.clomid24.com/	1970-01-20 08:20:20	Name: __atuvc Value: 1%7C47
www.clomid24.com/	1970-01-19 22:51:34	Name: __atuvs Value: 619a275ee317c684000
.addthis.com/	1970-01-20 08:20:20	Name: uvc Value: 1%7C47
.clomid24.com/	1970-01-20 16:22:44	Name: _ga Value: GA1.2.642720189.1637492575
.clomid24.com/	1970-01-19 22:52:58	Name: _gid Value: GA1.2.1384460789.1637492575
.clomid24.com/	1970-01-19 22:51:32	Name: _gat_blogger Value: 1
.clomid24.com/	1970-01-20 00:56:49	Name: __dtsu Value: 6D00163749257405D93015EAE83D73DB
.addthis.com/	1970-01-20 08:20:20	Name: loc Value: MDAwMDBFVURFTlcyMzIyMTg4ODAwMjAwMDBDSA==
.dtscout.com/	1970-01-19 22:51:37	Name: m Value: 2
.dtscout.com/	1970-01-19 22:51:50	Name: b Value: 2
.dtscout.com/	1970-01-19 22:51:46	Name: oa Value: 2
.clomid24.com/	1970-01-19 22:51:32	Name: lotame_domain_check Value: clomid24.com
.onaudience.com/	1970-01-19 22:52:58	Name: done_redirects147 Value: 1
.onaudience.com/	1970-01-20 07:37:08	Name: cookie Value: 7eafd98e46a71272
.adsrvr.org/	1970-01-20 07:37:08	Name: TDID Value: 76b0c695-53d5-4163-ac6a-54415278b8dc
.dtscdn.com/	1970-01-20 03:09:18	Name: uid Value: 6D00163749257405D93015EAE83D73DB
.adsrvr.org/	1970-01-20 07:37:08	Name: TDCPM Value: CAEYBSABKAIyCwj08-K_prqWOhAFOAE.
.onaudience.com/	1970-01-19 22:52:58	Name: done_redirects104 Value: 1
.crwdcntrl.net/	1970-01-20 05:20:20	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:20:20	Name: _cc_id Value: 4384072b7164eb81eeac97f58378d126
.onaudience.com/	1970-01-19 22:52:58	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 07:37:08	Name: zc Value: 3e54c885-e49c-4d63-587f-3ce02c46e7cc
.zeotap.com/	1970-01-19 22:52:58	Name: zsc Value: %11T%EA%87%40%F3%E4g%3C%F1w%CD%A6%19%81%06%0D%2A%EC%015%F6%B4%BB%B5L%28cMl%9DI%9D%86t%5D%1B3%85%AF%D4%98Ut%C8X%26%D7%AE%24%06%D15y%A1rAJJU%DB%B2h%BE%98%8CuV%A5p2%FD%0B%14%11%A8%80b1%08tW%CA
.doubleclick.net/	1970-01-20 08:13:08	Name: IDE Value: AHWqTUkYUpQf3QrZaowL0w2Ek_61-HktxUHVewhlGlcQXoaUREQOg0Z1577S3xip2aE
.crwdcntrl.net/	1970-01-20 05:20:20	Name: _cc_cc Value: "ACZ4XmNQMDG2MDEwN0oyNzQzSU2yMExNTUy2NE8ztTA2t0gxNDJjAILEWeqJ%2F4GAH8QBA57%2Bz191GD%2FKMvxnZGQ4vmkKC4z98bMlXPjoIWYY%2B9KpR2ww9u59lwVg7A8N9%2BHsw4vnwI2ZfkIdpuTdEoTw1R9r4bau2fCUG6YGAFBEQcw%3D"
.clomid24.com/	1970-01-20 05:20:20	Name: _cc_id Value: 4384072b7164eb81eeac97f58378d126
.clomid24.com/	1970-01-19 22:52:58	Name: panoramaId_expiry Value: 1637578977023
.tapad.com/	1970-01-20 00:17:56	Name: TapAd_TS Value: 1637492577197
.tapad.com/	1970-01-20 00:17:56	Name: TapAd_DID Value: 42e4ce01-ffcd-4e18-86ee-a3f38cab84c7
.tapad.com/	1970-01-20 00:17:56	Name: TapAd_3WAY_SYNCS Value:
.exelator.com/	1970-01-20 01:44:20	Name: EE Value: "93db63e02e94d6fe908b6a56abbc99a3"
.demdex.net/	1970-01-20 03:10:44	Name: demdex Value: 57394720596031767801401165459515940626
.id5-sync.com/	1970-01-19 22:51:32	Name: cf Value:
.id5-sync.com/	1970-01-19 22:51:32	Name: cip Value:
.id5-sync.com/	1970-01-19 22:51:32	Name: cnac Value:
.id5-sync.com/	1970-01-19 22:51:32	Name: car Value:
.id5-sync.com/	1970-01-19 22:51:32	Name: gdpr Value:
.id5-sync.com/	1970-01-19 22:51:32	Name: id5 Value: b29f4a7c-c650-45ac-bec2-5c986167023b#1637492559867#1
.id5-sync.com/	1970-01-19 22:51:32	Name: callback Value:
.id5-sync.com/	1970-01-20 01:01:08	Name: 3pi Value: 19#1637492559890#1166139836#4384072b7164eb81eeac97f58378d126
.krxd.net/	1970-01-20 03:10:44	Name: _kuid_ Value: OfrH3JJB
.spotxchange.com/	1970-01-20 07:37:12	Name: audience Value: 956c9c5e-4aba-11ec-bdda-10ffbde80506
.exelator.com/	1970-01-20 01:44:20	Name: ud Value: "eJxrXxzq6XKLQcHSOCXJzDjVwCjV0iTFLC3V0sAiySzR1CwxKSnZ0jLReHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F71soCgCfYypL"
.dpm.demdex.net/	1970-01-20 03:10:44	Name: dpm Value: 57394720596031767801401165459515940626
.crwdcntrl.net/	1970-01-20 05:20:20	Name: _cc_aud Value: "ABR4XmNgYGBInKWeCKQggJmBYVErmMk1A0QyPqwHkgBWDgSx"
.scorecardresearch.com/	1970-01-20 16:08:20	Name: UID Value: 1WUO96SEONKDT3BNYHSJNIg1637492577
ads.avct.cloud/	1970-01-20 07:37:08	Name: uuid Value: 051ad981-f557-49e3-a946-8766c647b9a6
.adform.net/	1970-01-19 23:34:44	Name: C Value: 1
.mathtag.com/	1970-01-20 08:17:27	Name: uuid Value: 3c33619a-2761-4000-9152-47bb5503adb6
.adform.net/	1970-01-20 00:17:56	Name: uid Value: 7271959224854895763
.eyeota.net/	1970-01-19 22:51:33	Name: SERVERID Value: 18573~DM
.tidaltv.com/	1970-01-20 07:37:08	Name: tidal_ttid Value: 29aa890d-3291-41a6-a958-0f10ca2a18a3
.aidata.io/	1970-01-20 16:22:44	Name: __upin Value: qhH8UNVCQbfRhja0Eny5JA
.aidata.io/	1970-01-20 16:22:44	Name: __upints Value: 1637492577
.turn.com/	1970-01-20 03:10:44	Name: uid Value: 8564095190868966493
.tidaltv.com/	1970-01-20 07:37:08	Name: sync-his Value: "H4sIAAAAAAAAADM0sjQxtjI0NAAAL1OBBgkAAAA="
.adnxs.com/	1970-01-20 01:01:08	Name: uuid2 Value: 5907677987901563007
.everesttech.net/	1970-01-20 07:37:08	Name: everest_g_v2 Value: g_surferid~YZonYQAGL7mfzwBR
.w55c.net/	1970-01-20 08:20:20	Name: wfivefivec Value: C5tRTsNA1MOKCB5
.w55c.net/	1970-01-19 23:34:44	Name: matchlotame Value: 5
.videohub.tv/	1970-01-20 07:37:08	Name: UIXX_UPDT Value: "UILO=1637492577568"
.videohub.tv/	1970-01-20 07:37:08	Name: uid Value: CI-9482fc1df455cf43e0f5d6f3ac18e9d8
.adhigh.net/	1970-01-20 07:37:08	Name: gi_u Value: sc3W4jBgwJa.AikABlF9QinVbA
sync.srv.stackadapt.com/	1970-01-20 07:37:08	Name: sa-user-id Value: s%3A0-2f06219f-9fc1-424e-54ca-b05d74cfe14f.S%2BJs%2BPlWMPkSxpyLYrvUpZwp2ul2pqKlOv4Wj1fdMsE
.srv.stackadapt.com/	1970-01-20 07:37:08	Name: sa-user-id-v2 Value: s%3A0-2f06219f-9fc1-424e-54ca-b05d74cfe14f%24ip%24185.213.155.169.WYL%2BekmcqQHnRfxfvfDgE9ZvkDuLzSFYunKGcN%2BRsjg
.agkn.com/	1970-01-20 07:37:08	Name: ab Value: 0001%3AMEw7JOEu5DfUp3O7uX6OpQTnd%2F0%2Fi%2Fxe
.agkn.com/	1970-01-20 07:37:08	Name: u Value: C\|0AAAAAAAAKSzj4gAAAAAA

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.clomid24.com/(Line 738) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://git.player25.xyz/pop-kralbet.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.clomid24.com/(Line 738) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://git.player25.xyz/pop-kralbet.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://px.surveywall-api.survata.com/t Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=051ad981-f557-49e3-a946-8766c647b9a6 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=4384072b7164eb81eeac97f58378d126 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pippio.com/api/sync?pid=1311&it=1&iv=4384072b7164eb81eeac97f58378d126 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=4384072b7164eb81eeac97f58378d126 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
aa.agkn.com
ads.avct.cloud
ads.avocet.io
aorta.clickagy.com
api-public.addthis.com
audex.userreport.com
bcp.crwdcntrl.net
beacon.krxd.net
c.cintnetworks.com
c1.adform.net
cdn.jsdelivr.net
cdn.tynt.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
d.agkn.com
d.turn.com
de.tynt.com
dmp.truoptik.com
dpm.demdex.net
dt-secure.videohub.tv
fonts.gstatic.com
get.s-onetag.com
git.player25.xyz
global.ib-ibi.com
ic.tynt.com
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
inanamiyorumhalaburdasin.cloud
loadm.exelator.com
m.addthis.com
match.adsrvr.org
ml314.com
mwzeom.zeotap.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pippio.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.shareaholic.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
px.adhigh.net
px.surveywall-api.survata.com
s7.addthis.com
sb.scorecardresearch.com
secure.adnxs.com
spl.zeotap.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.sharethis.com
sync.srv.stackadapt.com
sync.tag.clrstm.com
sync.tidaltv.com
t.dtscdn.com
t.dtscout.com
tadalafil247.com
tags.bluekai.com
tags.crwdcntrl.net
thrtle.com
token.rubiconproject.com
trc.taboola.com
upload.ink
v1.addthisedge.com
waust.at
whos.amung.us
widgets.amung.us
widgets.pinterest.com
wt.rqtrk.eu
www.augmentinamoxicillin.com
www.blogger.com
www.clomid24.com
www.escitalopramex.com
www.google-analytics.com
www.googletagmanager.com
www.lexapro-generic.com
www.mmfftz.com
www.propeciafromcanada.com
x01.aidata.io
z.moatads.com
global.ib-ibi.com
px.surveywall-api.survata.com
s7.addthis.com
sync.tag.clrstm.com
104.16.112.154
104.18.29.199
104.75.88.126
104.79.88.178
107.178.254.65
13.225.78.44
13.225.78.47
141.95.3.10
142.250.184.227
142.250.185.130
142.250.185.137
142.250.185.193
142.250.186.104
143.204.98.3
143.204.98.87
151.101.128.84
151.101.130.49
158.69.139.225
159.203.161.83
172.217.16.142
173.231.181.122
18.169.90.17
18.196.159.27
18.66.112.41
185.29.132.245
185.33.220.242
185.94.180.126
193.232.148.140
198.47.127.19
199.127.207.188
2.18.235.40
2001:4de0:ac18::1:a:1a
2001:678:cb4:bbbb::13
2606:4700:10::6816:1857
2606:4700:10::ac43:88d
2606:4700:20::681a:170
2606:4700:20::681a:507
2606:4700:3030::ac43:d36d
2606:4700:3031::ac43:8fbf
2606:4700:3032::6815:5144
2606:4700:3032::ac43:825e
2606:4700:3033::6815:d39
2606:4700:3033::ac43:befc
2606:4700:3034::6815:16cb
2606:4700:3036::6815:4ad0
2606:4700:3037::ac43:b2c5
2606:4700::6810:135e
2606:4700::6810:5914
2a04:4e42::300
2a05:d018:24:b002:2591:850:d183:b9b4
3.124.210.90
3.215.242.19
34.232.235.22
34.254.143.3
35.227.248.159
35.244.174.68
35.71.131.137
37.157.5.142
51.144.7.192
51.79.83.225
52.19.142.33
52.208.138.90
52.211.70.246
52.215.102.174
52.29.0.64
52.45.122.28
52.58.94.171
54.194.211.3
54.36.172.109
54.87.192.123
63.251.14.14
66.155.71.25
67.202.105.31
67.202.94.86
69.173.144.138
89.108.119.43
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07ad5d206abc910d20fffc8c9d9f01500d1da53d6fd66f05bf7b5a8c5c257f2a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c649e281c6fac1b22f773bbbaaec51fae3f89c4f0654fc4545c4ed5d362f896
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0df5d431e0a8e15f68096e362082942e15fa01ed2b50c56c9fd9d0f11851af34
200eb26540915e9089a970a62b387866ab63b142699d3abc7e5c465af60e3fb6
20a41052830e544178c2064d309d07956759b0716daa85b4c83f7b49927c6757
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
271b2cd63a677800da1d3902b61741fdd8f20eadf8cc82306c56f222ce13edc8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32f52e9a2e9d531909edbf07d33bf175a6ec34cdce894e665c06b276536d352e
358d89ee184f6b1b5ed528527dc4e522d4cbd159f04875fef94fa35480065571
36cdc7368c1b7bcad1843027150be26de9d4bf5418d6b79844c5ba14395e8923
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
3a2398aa6f622e4467f2ecc59f38f11eba41d7785506c2d6582056393c363445
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45fa298f1f5091e4f045c1ea60d1a15e73c2746409dd275c1e38bf4bca38b00b
461bfca3168213eb5c5606abc0b3da8b9d3cbd6b911881ba53ae7fc156cf13c5
47d6353091202be41771db8e74fe3877188dc7df7d664bdf2838e7f0bc414fbf
48daed2d590f7df15cf306fcdb22d7ad42198248d8e655a5797dc96676cd95c3
4d87f1e55938b19beb35026e259331b59c3de0a2d6e81063dc97661c3bc1e6aa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5ef4bce0b6ede888121257c121d7fa0c4ad318d41a42cf5363aaf38887b4cf
51c0c0229f08c6fdcc592b577ef9db475873eac81cf44c57290c4e4dfb413f7e
59c60db7267a03883a7caa58d86fe3f538b839b59a8aa66795bb44e75b4ff930
5b2f80cdd07d8b8ca1cd61bb834b08790f53765ae479a0605ff10d2081cadc69
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a1c546d435ee7d9a46edd7a5496953d3faa0ef3d73264c287148db43bdd463b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
72b6f737a023a208605b46d4864058f6ab290ea10c5b37cc8d5ebb1786817af6
738cb7aba1703ee4705776436452858e9832ef81847f0f646ed83949c7763c53
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
81624e91d2552c17ce5b56a62626870c11ef9b3906d1347ea8bce6bf78e0611a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832f92edfa65c94575b1ee0f4228acc37dbbd2b0979afb6f1501f25729f1ce94
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfca2a6649ea9249bf32f97adec462f805d7b9aa646d31c1aa77660e42f9bda
8e36922eb0ab057a9211ed44d69abcd3b1d745cd3779433285e417a84960bc03
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
910d708b5265c1d8380385809a85e3d8e8b7abcec01d31dd7c453bfd27717d38
948ef903552aea980035593f523f5aba1e841fd291d28a40a5f8cc0c3930ea98
988d7d371564a135ff94043c461b0e5454d67f6411af56a906019b726d3ea47f
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
993e67aa4c9d3f60ffed856922f5c9788cc7925a0a1ae1364f1f0d6cf27f8960
9a32c2f720fd5233650b70772604f01da8888611bab9722812734ab85094fba4
9d66f0b2a4bc8669520d988f51c359c30b3b25bcd004cafe571c0f971dab1cb9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a33a72bb693a439fd43c49560204b82692ac53260c87bd037aad2199d2725cf1
a42a5933c315db01553e0883d923bd719060874a9d8b299ce2acbbb9ab313ba7
a90eb2400f9fa41612be705afca5dd511a51c857af60e12cd812f7feda87e55a
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5bf565f25e79997d1e4b59acc300f849f166f4c50a782edd5d2832bc33af76e
b5ecd10f91a13900069a0c606287bb3d92a69f953d622093acd09954eae80de1
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
c1304cbfa7bedd386c7e80c75708876a46d6cf870828cecc9d02ed631f303ca4
c2e0db81885e10612f9ffdf3c30876386955138cb699fe4e18c151677ff84f14
c3ca996d3bb6b1a13c3374664af570708158f461c645ba7d3cc74b232ab209f0
c5014bc291cc9b56d9f11547d9814ab1acc30793e09c0974ca0779badded5562
ccff41bf2f8c3bf9c495b6de588657d4c95535dc0806fe2fdc5f81ce1e86d80d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d2f90323db73fb87fc0f544db102927d26d107aca026a40b587996be3e1acfbf
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
dd5a3050f58ca2c052f38fa7bafa204b7285c0ad72cf897f1632784b5a0c41d6
de0ba202196c72ef8182613804b8096c495d2bab49f97db70501cabb3bd68512
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d8a6a37b6d395ef7370ed88a55ddf9431098b66f0c4e084e44576f78467e26
eb0e13d9c01d5e20173fd5bd580f33102a5aa448ddef63486841d145e719841d
ed84218018b27d07eddddcd8ac0310ed325e84a7244bb1f01d81b5cb4952a501
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb066b15d91be6433f0a20c93466e6cee2a389a7e8b6b54d0cc05772ad3d592a
fb11ed485c474e45365712df9f182a3fc815c5878d4a7258a0bf42913fa4d94d

www.clomid24.com Open in urlscan Pro 2606:4700:3031::ac43:8fbf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

158 Requests

66 %HTTPS

25 %IPv6

76 Domains

90 Subdomains

53 IPs

10 Countries

12088 kBTransfer

13404 kBSize

69 Cookies

3 Outgoing links

Page URL History

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.clomid24.com Open in urlscan Pro
2606:4700:3031::ac43:8fbf Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

66 %
HTTPS

25 %
IPv6

76
Domains

90
Subdomains

53
IPs

10
Countries

12088 kB
Transfer

13404 kB
Size

69
Cookies

158 HTTP transactions
2 data transactions