www.povovu.com Open in urlscan Pro
2606:4700:3033::ac43:df71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://povovu.com/
Effective URL:
http://www.povovu.com/
Submission Tags: krdprod
Submission: On March 10 via api (March 10th 2022, 1:32:13 am UTC) from JP — Scanned from JP

Summary HTTP 151 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 57 IPs in 8 countries across 54 domains to perform 151 HTTP transactions. The main IP is 2606:4700:3033::ac43:df71, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.povovu.com.

This is the only time www.povovu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2606:4700:303... 2606:4700:3033::ac43:df71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2404:6800:400... 2404:6800:4004:820::2001	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3035::6815:5cf6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2606:2800:248... 2606:2800:248:2f:1d8a:787:dc7:17df	15133 (EDGECAST) (EDGECAST)
7	2606:4700:303... 2606:4700:3038::6815:e9b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::6815:5224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4004:80c::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:81c::2009	15169 (GOOGLE) (GOOGLE)
9	2404:6800:400... 2404:6800:4004:813::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80a::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
4	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	192.229.237.101 192.229.237.101	15133 (EDGECAST) (EDGECAST)
4	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
2	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2404:6800:400... 2404:6800:4004:812::200e	15169 (GOOGLE) (GOOGLE)
1 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
5	51.161.15.93 51.161.15.93	16276 (OVH) (OVH)
2	67.202.94.94 67.202.94.94	32748 (STEADFAST) (STEADFAST)
2	104.18.29.199 104.18.29.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
2	13.225.183.59 13.225.183.59	16509 (AMAZON-02) (AMAZON-02)
1	18.65.200.60 18.65.200.60	16509 (AMAZON-02) (AMAZON-02)
1	99.84.128.57 99.84.128.57	16509 (AMAZON-02) (AMAZON-02)
3	18.65.191.13 18.65.191.13	16509 (AMAZON-02) (AMAZON-02)
2	45.55.120.93 45.55.120.93	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	23.2.3.44 23.2.3.44	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	65.9.42.109 65.9.42.109	16509 (AMAZON-02) (AMAZON-02)
2 10	209.191.163.208 209.191.163.208	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
1	104.18.15.222 104.18.15.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 11	18.177.83.12 18.177.83.12	16509 (AMAZON-02) (AMAZON-02)
4 4	172.217.175.66 172.217.175.66	15169 (GOOGLE) (GOOGLE)
1	54.169.112.177 54.169.112.177	16509 (AMAZON-02) (AMAZON-02)
2 2	161.202.200.118 161.202.200.118	36351 (SOFTLAYER) (SOFTLAYER)
5 6	54.205.227.48 54.205.227.48	14618 (AMAZON-AES) (AMAZON-AES)
1 3	35.213.12.39 35.213.12.39	() ()
1	2600:1f18:444... 2600:1f18:444a:4680:6bbe:49e:bc45:59	() ()
3 4	104.18.101.194 104.18.101.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4004:80b::2002	() ()
1	2404:6800:400... 2404:6800:4008:c01::9b	() ()
1	172.217.161.66 172.217.161.66	() ()
1	2404:6800:400... 2404:6800:4004:81e::2002	() ()
1	2404:6800:400... 2404:6800:4004:81c::2002	() ()
3	2404:6800:400... 2404:6800:4004:822::2001	() ()
1	2607:f8b0:400... 2607:f8b0:4007:814::2004	() ()
1	31.210.76.116 31.210.76.116	() ()
1	2606:4700:20:... 2606:4700:20::681a:ae6	() ()
1	2606:4700:10:... 2606:4700:10::ac43:185c	() ()
1	185.102.219.172 185.102.219.172	() ()
1	109.236.91.24 109.236.91.24	() ()
3 3	67.202.105.24 67.202.105.24	() ()
1 2	46.137.210.206 46.137.210.206	() ()
2 3	103.43.90.179 103.43.90.179	() ()
2 3	107.178.244.193 107.178.244.193	() ()
2 2	52.198.93.235 52.198.93.235	() ()
1	35.190.60.146 35.190.60.146	() ()
1 1	2001:df2:a300... 2001:df2:a300:bbbb::136	() ()
1 1	50.116.239.150 50.116.239.150	() ()
2 2	151.101.130.49 151.101.130.49	() ()
2 2	3.114.95.219 3.114.95.219	() ()
1 1	52.220.230.137 52.220.230.137	() ()
151	57

4 2606:4700:3033::ac43:df71 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

povovu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.povovu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:820::2001 (Australia)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6815:5cf6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.jestspor27.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:248:2f:1d8a:787:dc7:17df (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3038::6815:e9b6 (United States)

ASN13335 (CLOUDFLARENET, US)

icons.iconarchive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:5224 (United States)

ASN13335 (CLOUDFLARENET, US)

www.jestspor35.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:80c::2001 (Australia)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81c::2009 (Australia)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:813::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80a::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.237.101 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:812::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.161.15.93 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns570927.ip-51-161-15.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.29.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.183.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-183-59.nrt57.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.200.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-200-60.nrt57.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.128.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-128-57.nrt57.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.191.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-191-13.nrt57.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.55.120.93 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.2.3.44 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-3-44.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.222.80.231 (Canada) 5 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.42.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-109.nrt12.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 209.191.163.208 (United States) 2 redirects

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.15.222 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-tc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.177.83.12 (Tokyo, Japan) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-83-12.ap-northeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.175.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.169.112.177 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-112-177.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 161.202.200.118 (Tokyo, Japan) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 76.c8.caa1.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.205.227.48 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-227-48.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.12.39 (None, ) 1 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:6bbe:49e:bc45:59 (None, )

ASN- ()

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.101.194 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80b::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c01::9b (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.161.66 (None, )

ASN- ()

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81e::2002 (None, )

ASN- ()

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81c::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:822::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4007:814::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.210.76.116 (None, )

ASN- ()

iaftm.tmgrup.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ae6 (None, )

ASN- ()

cdn.bolgegundem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:185c (None, )

ASN- ()

football-italia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.102.219.172 (None, )

ASN- ()

i2.milimaj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.236.91.24 (None, )

ASN- ()

img.fanatik.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.24 (None, ) 3 redirects

ASN- ()

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.137.210.206 (None, ) 1 redirects

ASN- ()

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.43.90.179 (None, ) 2 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.193 (None, ) 2 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.198.93.235 (None, ) 2 redirects

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (None, )

ASN- ()

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df2:a300:bbbb::136 (None, ) 1 redirects

ASN- ()

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.239.150 (None, ) 1 redirects

ASN- ()

d3961020741418490445-t7183919983975593068.id.amgdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.114.95.219 (None, ) 2 redirects

ASN- ()

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.230.137 (None, ) 1 redirects

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com	248 KB
11	eyeota.net 6 redirects ps.eyeota.net — Cisco Umbrella Rank: 899	6 KB
10	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 594 ce.lijit.com — Cisco Umbrella Rank: 734	6 KB
10	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2926	207 KB
10	twitter.com platform.twitter.com — Cisco Umbrella Rank: 525 syndication.twitter.com — Cisco Umbrella Rank: 769	201 KB
8	gstatic.com fonts.gstatic.com	103 KB
7	liadm.com 5 redirects i.liadm.com — Cisco Umbrella Rank: 467 i6.liadm.com	3 KB
7	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 176 googleads.g.doubleclick.net stats.g.doubleclick.net	6 KB
7	iconarchive.com icons.iconarchive.com — Cisco Umbrella Rank: 66414	41 KB
6	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 2783 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 3383 onetag-geo-grouping.s-onetag.com — Cisco Umbrella Rank: 31009 data-beacons.s-onetag.com — Cisco Umbrella Rank: 13521 connect-metrics-collector.s-onetag.com Failed	26 KB
6	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 6623 ic.tynt.com — Cisco Umbrella Rank: 3789 de.tynt.com — Cisco Umbrella Rank: 1136	18 KB
5	onaudience.com 5 redirects pixel.onaudience.com — Cisco Umbrella Rank: 1868	2 KB
5	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 2150 bcp.crwdcntrl.net — Cisco Umbrella Rank: 691 sync.crwdcntrl.net	23 KB
5	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 13991	18 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	59 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	208 KB
4	adsymptotic.com 3 redirects p.adsymptotic.com — Cisco Umbrella Rank: 499	746 B
4	33across.com 3 redirects cdn-tc.33across.com — Cisco Umbrella Rank: 12627 dp2.33across.com dp1.33across.com	2 KB
4	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 8530 4.bp.blogspot.com — Cisco Umbrella Rank: 11336	272 KB
4	povovu.com 1 redirects povovu.com www.povovu.com	72 KB
3	tapad.com 2 redirects pixel.tapad.com	1 KB
3	adnxs.com 2 redirects secure.adnxs.com	3 KB
3	bidswitch.net 1 redirects x.bidswitch.net	1 KB
3	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 404	2 KB
3	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1236	1 KB
3	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 49
3	jestspor27.xyz www.jestspor27.xyz	147 KB
2	exelator.com 2 redirects loada.exelator.com	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	695 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	affec.tv 1 redirects map.go.affec.tv	2 KB
2	google.com adservice.google.com www.google.com	2 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 707	997 B
2	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 15718	814 B
2	amung.us whos.amung.us — Cisco Umbrella Rank: 14954	426 B
2	waust.at waust.at — Cisco Umbrella Rank: 46835	14 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 635	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	82 KB
2	jestspor35.xyz www.jestspor35.xyz	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	15 KB
1	amgdgt.com 1 redirects d3961020741418490445-t7183919983975593068.id.amgdgt.com	455 B
1	turn.com 1 redirects d.turn.com	637 B
1	rlcdn.com idsync.rlcdn.com	449 B
1	fanatik.com.tr img.fanatik.com.tr	79 KB
1	milimaj.com i2.milimaj.com	171 KB
1	football-italia.net football-italia.net	495 KB
1	bolgegundem.com cdn.bolgegundem.com	334 KB
1	tmgrup.com.tr iaftm.tmgrup.com.tr	31 KB
1	google.co.jp adservice.google.co.jp	792 B
1	googleadservices.com partner.googleadservices.com	644 B
1	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 1469	173 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	33 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251	33 KB
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 9506	56 KB
151	54

	Domain	Requested by
11	ps.eyeota.net	6 redirects www.jestspor35.xyz
10	mc.yandex.ru	1 redirects www.jestspor35.xyz www.povovu.com mc.yandex.ru
9	pagead2.googlesyndication.com	www.povovu.com pagead2.googlesyndication.com tpc.googlesyndication.com
8	fonts.gstatic.com	www.povovu.com
7	icons.iconarchive.com	www.povovu.com
6	i.liadm.com	5 redirects data-beacons.s-onetag.com
6	ap.lijit.com	2 redirects www.jestspor35.xyz get.s-onetag.com
6	platform.twitter.com	www.povovu.com cdnjs.cloudflare.com platform.twitter.com
5	pixel.onaudience.com	5 redirects
5	t.dtscout.com	waust.at t.dtscout.com
5	www.google-analytics.com	www.jestspor35.xyz www.povovu.com www.google-analytics.com
5	cdnjs.cloudflare.com	www.povovu.com
4	p.adsymptotic.com	3 redirects www.jestspor35.xyz
4	ce.lijit.com	www.jestspor35.xyz
4	cm.g.doubleclick.net	4 redirects
4	syndication.twitter.com	platform.twitter.com
3	pixel.tapad.com	2 redirects www.jestspor35.xyz
3	secure.adnxs.com	2 redirects www.jestspor35.xyz
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	x.bidswitch.net	1 redirects www.jestspor35.xyz
3	tags.bluekai.com	www.jestspor35.xyz de.tynt.com
3	tags.crwdcntrl.net	t.dtscout.com cdn-tc.33across.com tags.crwdcntrl.net
3	cdn.syndication.twimg.com	platform.twitter.com
3	lh3.googleusercontent.com	www.povovu.com
3	www.jestspor27.xyz	www.povovu.com
3	1.bp.blogspot.com	www.povovu.com
3	www.povovu.com	www.povovu.com cdnjs.cloudflare.com
2	loada.exelator.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	dpm.demdex.net	2 redirects
2	map.go.affec.tv	1 redirects www.jestspor35.xyz
2	dp2.33across.com	2 redirects
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	um.simpli.fi	2 redirects
2	data-beacons.s-onetag.com	get.s-onetag.com
2	t.dtscdn.com	t.dtscout.com
2	get.s-onetag.com	t.dtscout.com
2	de.tynt.com	cdn.tynt.com
2	ic.tynt.com	www.jestspor35.xyz
2	cdn.tynt.com	waust.at
2	whos.amung.us	waust.at
2	waust.at	www.jestspor35.xyz
2	static.xx.fbcdn.net	www.facebook.com
2	connect.facebook.net	www.povovu.com connect.facebook.net
2	www.jestspor35.xyz	www.povovu.com cdnjs.cloudflare.com
2	www.facebook.com	www.povovu.com cdnjs.cloudflare.com
1	sync.crwdcntrl.net	1 redirects
1	dp1.33across.com	1 redirects
1	d3961020741418490445-t7183919983975593068.id.amgdgt.com	1 redirects
1	d.turn.com	1 redirects
1	idsync.rlcdn.com	www.jestspor35.xyz
1	img.fanatik.com.tr
1	i2.milimaj.com
1	football-italia.net
1	cdn.bolgegundem.com
1	iaftm.tmgrup.com.tr
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.jp	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	i6.liadm.com	www.jestspor35.xyz
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn-tc.33across.com	de.tynt.com
1	spl.zeotap.com	www.jestspor35.xyz
1	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	code.jquery.com	www.povovu.com
1	ajax.googleapis.com	www.povovu.com
1	www.blogger.com	www.povovu.com
1	4.bp.blogspot.com	www.povovu.com
1	povovu.com	1 redirects
0	connect-metrics-collector.s-onetag.com Failed	get.s-onetag.com
151	73

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
twitter.com
jestyayin40.tumblr.com
clbanners12.com
www.facebook.com
www.instagram.com
t.me
tr.pinterest.com
p
clbanners1.com

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-17` - `2022-03-17`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-24` - `2023-01-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.s-onetag.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.dtscdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-04` - `2022-12-04`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.tmgrup.com.tr Sectigo RSA Domain Validation Secure Server CA	`2021-12-01` - `2022-12-21`	a year	crt.sh
*.bolgegundem.com E1	`2022-03-02` - `2022-05-31`	3 months	crt.sh
*.football-italia.net R3	`2022-01-25` - `2022-04-25`	3 months	crt.sh
*.milimaj.com AlphaSSL CA - SHA256 - G2	`2021-04-01` - `2022-04-17`	a year	crt.sh
*.fanatik.com.tr AlphaSSL CA - SHA256 - G2	`2021-12-23` - `2023-01-24`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.liadm.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh

This page contains 16 frames:

Primary Page: http://www.povovu.com/
Frame ID: E4E16AB450D5688B06834F2CC8D1487C
Requests: 64 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/justitv1&layout=button_count&show_faces=true&width=90&action=like&font=arial&colorscheme=light&height=21
Frame ID: D11B1A4B7EEE0C3E0370DC6DC403DFB2
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.ab4ec33f73214445796a87ce54aee452.tr.html
Frame ID: 595E0748C4F26E19A6F20E49D1836E30
Requests: 4 HTTP requests in this frame

Frame: http://www.jestspor35.xyz/sayac.html
Frame ID: 516DE41160D0E49B41254B2BFA5F2568
Requests: 32 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=10401646875922D12244DA511358CB62
Frame ID: B1B3C7CE3B35924C331E448FEE5F7E7C
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 8E1D0F12C10E34E58B9DDF7A5C002AF8
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220303/r20190131/zrt_lookup.html
Frame ID: 4B14F60BB45529B0127B80604F3E64B7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/justitv1&layout=button_count&show_faces=true&width=90&action=like&font=arial&colorscheme=light&height=21
Frame ID: 22710EFEFC780852A82E07C609D64C34
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.ab4ec33f73214445796a87ce54aee452.tr.html
Frame ID: 2C2E67942D341D9D6706B20102D07810
Requests: 4 HTTP requests in this frame

Frame: http://www.jestspor35.xyz/sayac.html
Frame ID: 8F150424E12CA6C41C7EC25768E9771C
Requests: 31 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=http%3A%2F%2Fwww.povovu.com
Frame ID: 8C4CA6541B8A37B81FB68A31834CA63D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9832462885799500&output=html&adk=3823276793&adf=47290185&lmt=1646863230&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.povovu.com%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&dt=1646875926012&bpp=3&bdt=5731&idt=239&shv=r20220303&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3049301146992&frm=20&pv=2&ga_vid=843372225.1646875926&ga_sid=1646875926&ga_hid=145969004&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758396%2C31065469%2C31065574%2C31063246&oid=2&pvsid=2876157433711805&pem=567&tmod=594382338&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: 17B4AB2EB25E43E5430B1FEA5558D42C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.a58e82e150afc25eb5372dd55a98b778.tr.html
Frame ID: 269971C44198DEA1AB06AEA6F891985F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E1083F101755D3ECC2B611764ED0B720
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2866A6DC54BA36722129A7F5F014FB0F
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=119007412593016&ret=html&random=1646875928
Frame ID: 7FB2A6CFDAB9F3E07B0423B6B22C8398
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Canlı maç izle - Jestyayın izle - Taraftarium24 izle - Justintv izle - Netspor izle

Page URL History Show full URLs

https://povovu.com/ HTTP 301
http://www.povovu.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

151
Requests

74 %
HTTPS

44 %
IPv6

54
Domains

73
Subdomains

57
IPs

8
Countries

3035 kB
Transfer

5387 kB
Size

27
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/c/Jestyayin

Search URL Search Domain Scan URL

URL: https://twitter.com/jestyayin1

Search URL Search Domain Scan URL

URL: https://jestyayin40.tumblr.com/

Search URL Search Domain Scan URL

URL: https://clbanners12.com/_MbsQzViLYdVIB4xHuyYkGWNd7ZgqdRLk/707/
Title: Üye olan Herkese 5000 TL'ye kadar Hosgeldin Bonusu Extra Oranlı Maçlar Aynı Maça Kombine Bahis Sadece Bets10'da! Hemen Üye Ol!

Search URL Search Domain Scan URL

URL: https://clbanners12.com/_MbsQzViLYdVIB4xHuyYkGWNd7ZgqdRLk/706

Search URL Search Domain Scan URL

URL: https://www.facebook.com/jestyayin1

Search URL Search Domain Scan URL

URL: https://www.instagram.com/taraftarium24_izle

Search URL Search Domain Scan URL

URL: https://t.me/jestyayin_izle

Search URL Search Domain Scan URL

URL: https://tr.pinterest.com/canlimacizlesene27/

Search URL Search Domain Scan URL

URL: http://p/trgoals-izle.html
Title: Bein sport max 1

Search URL Search Domain Scan URL

URL: https://www.instagram.com/taraftarium24_izle/?hl=tr
Title: İinstagram'da takip et!

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/JestYay%C4%B1n
Title: Youtube kanalımıza katıl!

Search URL Search Domain Scan URL

URL: https://www.instagram.com/izlejestyayin/?hl=tr
Title: İnstagram'da takip et!

Search URL Search Domain Scan URL

URL: https://clbanners1.com/_MbsQzViLYdVluoR410hC7GNd7ZgqdRLk/708

Search URL Search Domain Scan URL

URL: https://clbanners12.com/_MbsQzViLYdVIB4xHuyYkGWNd7ZgqdRLk/707

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/jestyayin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://povovu.com/ HTTP 301
http://www.povovu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/fontawesome.min.css HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/fontawesome.min.css

Request Chain 60

https://pixel.onaudience.com/?partner=137085098&mapped=10401646875922D12244DA511358CB62 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=8d5f073a21b0d6f0

Request Chain 61

https://mc.yandex.ru/watch/57545116?wmode=7&page-url=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&page-ref=http%3A%2F%2Fwww.povovu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnrnrlmt4hr%3Afu%3A0%3Aen%3Awindows-1252%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A522982806239%3Ahid%3A1061845982%3Az%3A0%3Ai%3A20220310013202%3Aet%3A1646875923%3Ac%3A1%3Arn%3A997959968%3Arqn%3A1%3Au%3A1646875923458510399%3Aw%3A1x2%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1646875920558%3Ads%3A381%2C1%2C498%2C1%2C0%2C0%2C%2C36%2C0%2C%2C%2C%2C918%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646875923%3At%3A&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/57545116/1?wmode=7&page-url=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&page-ref=http%3A%2F%2Fwww.povovu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnrnrlmt4hr%3Afu%3A0%3Aen%3Awindows-1252%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A522982806239%3Ahid%3A1061845982%3Az%3A0%3Ai%3A20220310013202%3Aet%3A1646875923%3Ac%3A1%3Arn%3A997959968%3Arqn%3A1%3Au%3A1646875923458510399%3Aw%3A1x2%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1646875920558%3Ads%3A381%2C1%2C498%2C1%2C0%2C0%2C%2C36%2C0%2C%2C%2C%2C918%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646875923%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 64

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 65

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 67

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&33random=1646875923399.1&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&33random=1646875923399.1&cat=33across HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mkk4VDVRdVBnajBRSFVQMGZ3YVBFM3VRN0ZsbW83UlpwMThhaGxkRnkyQUU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mkk4VDVRdVBnajBRSFVQMGZ3YVBFM3VRN0ZsbW83UlpwMThhaGxkRnkyQUU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEMnujTyfu_NChXkSML_NbNU&google_cver=1

Request Chain 68

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&33random=1646875923399.3&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&33random=1646875923399.3&cat=33across HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mkk4VDVRdVBnajBRSFVQMGZ3YVBFM3VRN0ZsbW83UlpwMThhaGxkRnkyQUU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mkk4VDVRdVBnajBRSFVQMGZ3YVBFM3VRN0ZsbW83UlpwMThhaGxkRnkyQUU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEMpHv2kT5Mse2kHgovBLHwE&google_cver=1

Request Chain 71

https://um.simpli.fi/lj_match?r=49992 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=E0FCB75453D44A23872C967F540DB227

Request Chain 72

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=d1043e28c187ea68068b8ced HTTP 303
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=d1043e28c187ea68068b8ced&_li_chk=true&previous_uuid=549d632657524821b88092e8985ae9d3 HTTP 303
https://x.bidswitch.net/sync?dsp_id=42&user_id= HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

Request Chain 73

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=569cfa46f2865fb71b10f199 HTTP 303
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=569cfa46f2865fb71b10f199&_li_chk=true&previous_uuid=3cb5f64531f842c9a87fbc5e60f844fe HTTP 303
https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=569cfa46f2865fb71b10f199

Request Chain 74

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_puhttp://www.povovu.com/&_puuid=569cfa46f2865fb71b10f199&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=23178 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_puhttp://www.povovu.com/&_puuid=569cfa46f2865fb71b10f199&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=23178&_expected_cookie=7739997ed007449b5232496f41c5aa32 HTTP 302
https://ce.lijit.com/merge?pid=5014&3pid=7739997ed007449b5232496f41c5aa32

Request Chain 134

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1646875927036.5&r=true HTTP 302
https://tags.bluekai.com/site/27519?id=119007412593016&ret=html&random=1646875928

Request Chain 136

https://map.go.affec.tv/map/3a/?pid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&ts=1646875927036.2 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D622955bced7a1b000192b06a%26chc%3Dtt%26floc%3D%26redirect_url%3D HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D622955bced7a1b000192b06a%2526chc%253Dtt%2526floc%253D%2526redirect_url%253D HTTP 302
https://map.go.affec.tv/map/an/669571665044954898?ch=622955bced7a1b000192b06a&chc=tt&floc=&redirect_url=

Request Chain 137

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&random=1646875927036.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&random=1646875927036.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://dpm.demdex.net/ibs:dpid=540&dpuuid=3aa59f06-a747-45b6-b391-3d3eec059664&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D3aa59f06-a747-45b6-b391-3d3eec059664%252C HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=3aa59f06-a747-45b6-b391-3d3eec059664&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D3aa59f06-a747-45b6-b391-3d3eec059664%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=35163451030643850391041060649203553490&pt=3aa59f06-a747-45b6-b391-3d3eec059664%2C

Request Chain 138

https://dp2.33across.com/ps/?pid=1205&random=1646875927036.4&r=true HTTP 302
https://idsync.rlcdn.com/405716.gif?partner_uid=211619329485022

Request Chain 139

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&33random=1646875927036.6&cat=33across HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
https://d3961020741418490445-t7183919983975593068.id.amgdgt.com/r/telco/tuid/7183919983975593068/duid/3961020741418490445/url/https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D1mpjpn0%26turn_id%3D7183919983975593068%26newuser%3D1%26dc_rc%3D1%26dc_mr%3D1%26dc_orig%3Dc9gd671%26%26referrer_pid%3Dc9gd671 HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7183919983975593068&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671

Request Chain 140

https://dp1.33across.com/ps/?pid=669&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&random=1646875927036.7&r=true HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=117561044139592&seg_code=33x&random=1646875928

Request Chain 141

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&33random=1646875927036.8&cat=33across HTTP 302
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D1%26dc_mr%3D1%26dc_orig%3Dc9gd671%26%26referrer_pid%3Dc9gd671 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D1%26dc_mr%3D1%26dc_orig%3Dc9gd671%26%26referrer_pid%3Dc9gd671&_test=YilVFwAL4ujjIwBB HTTP 302
https://ps.eyeota.net/match?uid=YilVFwAL4ujjIwBB&bid=0rijhbu&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671&_test=YilVFwAL4ujjIwBB

Request Chain 147

https://pixel.onaudience.com/?partner=137085098&mapped=10401646875922D12244DA511358CB62 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=abb75f1f169dff214b15289b841278c8&gdpr=1 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b80301e3664a476950561d31cfab4d0f&gdpr=Y&gdpr_consent=${gdpr_consent} HTTP 302
https://pixel.onaudience.com/?partner=190&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=3b2cb90&t=gif&uid=8251668b2b2ab71f

Request Chain 151

https://um.simpli.fi/lj_match?r=8833 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=E0FCB75453D44A23872C967F540DB227

Request Chain 152

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=569cfa46f2865fb71b10f199 HTTP 303
https://x.bidswitch.net/sync?dsp_id=42&user_id=

Request Chain 154

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_puhttp://www.povovu.com/&_puuid=569cfa46f2865fb71b10f199&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=88043 HTTP 302
https://ce.lijit.com/merge?pid=5014&3pid=7739997ed007449b5232496f41c5aa32

151 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.povovu.com/
Redirect Chain

https://povovu.com/
http://www.povovu.com/

254 KB
51 KB

279ms
259ms

Document
text/html

2606:4700:3033::ac43:df71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.povovu.com/

Protocol

HTTP/1.1

Server

2606:4700:3033::ac43:df71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7718afebcc24c5e2066e5b3615d60743faa77088cf62b8d6a0a48cde9eb8536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

Date: Thu, 10 Mar 2022 01:32:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 10 Mar 2022 01:32:00 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 09 Mar 2022 22:00:30 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=832yQQqvvr3wuDfBHKUhNgo%2FeOcB4vXbthTrumLeTM5XmopBDQ2rPjyY9DrznIrMriFCRivBNCRQ4dLxeXpTiEC8XF6t%2BLI3rilXHpa%2BFGTbeU6lMGxzayzPfNN2Xrac%2F0HJTLl1f0hHkPTbOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6e984b4419ad0af4-NRT
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 10 Mar 2022 01:31:59 GMT
location: http://www.povovu.com/
cache-control: max-age=3600
expires: Thu, 10 Mar 2022 02:31:59 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kk%2FgwPHkqGrD7c9H0THi3bs%2BJ7oxqKxP5MZCEatOOWElMStkrfbZV8BFlkzJRAYeEqCMWZI0Pcz6SjJJYlWS5WOdjkRLgHiHuGoKeoV1OQccTvE9gDPR%2BsuMvDYTsju2bbrEXZR%2FmvBl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e984b43dfcd80d8-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

fontawesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/fontawesome.min.css
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/fontawesome.min.css

57 KB
11 KB

127ms
9ms

Stylesheet
text/css

2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/fontawesome.min.css

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a0f0322dfe91f9af8ddcfb7e3253822bab9b946d28051078877bdb2a0e0378a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2959089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10266
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e238"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyfmprTUYbT2imTMC0yHXuejZ0AKS2PEF0zdQZhugzndy%2FugpP11EEAzP8noDb%2FCz9PMKGtykDlndjOYeAVu21nLDkRhVhPf77xedeXoWhS%2Fhf6HJaJfF5%2Bjhw%2BWgfy6oWDsYYUqUVju1A0dM52JWwdk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e984b46c815204d-NRT
expires: Tue, 28 Feb 2023 01:32:00 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/fontawesome.min.css
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 canli-mac-izle.jpg
1.bp.blogspot.com/--GXh6MhuRCQ/YSZNb6ld1XI/AAAAAAAAAyo/QZyLXGAgXJgtY7CiE0fhUsGoDm4KiCb0ACLcBGAsYHQ/s1080/ 170 KB
170 KB 213ms
44ms Image
image/jpeg 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--GXh6MhuRCQ/YSZNb6ld1XI/AAAAAAAAAyo/QZyLXGAgXJgtY7CiE0fhUsGoDm4KiCb0ACLcBGAsYHQ/s1080/canli-mac-izle.jpg

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6b940385a1b41e83b570892b20ef145168d1d9fa19a7d3c816d4d645338ea128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="canli-mac-izle.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 173825
x-xss-protection: 0
server: fife
etag: "v32b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 10 Mar 2022 18:10:25 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v17/ 15 KB
15 KB 47ms
7ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.povovu.com/
Origin: http://www.povovu.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 13:12:32 GMT
x-content-type-options: nosniff
age: 130768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Mar 2023 13:12:32 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 77 KB
77 KB 26ms
20ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.povovu.com/
Origin: http://www.povovu.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1804847
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78460
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-1327c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pp7YjVCz1qGs%2BFPCV6CpL%2BM6zvTXd4BXK6B61n41mewM0KY5oUelo8tXazDfe6RgKsmzHXK7iFIUEsdRW%2Fbn%2BvZ926ceU72Wb9gJihfKV7RiVHMbwJUIZS5mcY4MfUsXgVN6EwZHwDhIL9BLBJ13%2BgNd"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e984b470ebf8a72-NRT
expires: Tue, 28 Feb 2023 01:32:00 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v17/ 14 KB
14 KB 43ms
7ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.povovu.com/
Origin: http://www.povovu.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 23:27:18 GMT
x-content-type-options: nosniff
age: 266682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:30:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Mar 2023 23:27:18 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v17/ 11 KB
12 KB 40ms
8ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOXOhpOqc.woff2

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d8ea031a330add9781fc795e3eb65238b4f3501647ea40558035d5d5fad268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.povovu.com/
Origin: http://www.povovu.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 01:08:41 GMT
x-content-type-options: nosniff
age: 260599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:31:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 01:08:41 GMT

GET
H/1.1 200
OK v3.webp
www.jestspor27.xyz/V/bets10/ 96 KB
97 KB 1531ms
1318ms Image
image/webp 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.jestspor27.xyz/V/bets10/v3.webp
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32596229238340542bdbd8d48dcc8daae2dbf2d690b7c90e827a2e12d7a4c759

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:02 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 02 Dec 2021 18:07:53 GMT
Server: cloudflare
ETag: "aff8bb86a7e7d71:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXWAZruXQ6yG7tl0og8hzkl4a8fPUGAleDMjxpxJumcuINbhWt%2BLjDZZxvog8TeRxowcqYTGiG6ebTZpMV%2BCXJd0dn64pNc0vbJrvkOFW2wblXd4FqFGw3vZOApgFR%2BcxvSe0Hfla1GRqbzvbcCEpn0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e984b4869a91ec8-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 98244

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame D11B 15 KB
9 KB 256ms
248ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/justitv1&layout=button_count&show_faces=true&width=90&action=like&font=arial&colorscheme=light&height=21

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68a7091a9a6d2d109e25b1f1b1e9079bde772919372b8a8b990ac113590b0e31

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: hhiupde3rY4je3gyilzEfzBbVr6ZKnDgnLX+swTwyGxWiUp5PT2MvedrMW3VdUxJODgsZ/XALOn4MxFMWF0CPA==
date: Thu, 10 Mar 2022 01:32:00 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK follow_button.ab4ec33f73214445796a87ce54aee452.tr.html Show response
platform.twitter.com/widgets/ Frame 595E 35 KB
14 KB 428ms
10ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.ab4ec33f73214445796a87ce54aee452.tr.html
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (itm/7511) /
Resource Hash: 202443d6ff9c3ce999f86e0e8da214066bb52146b65ccc12dc0f7e0b8cc09cb2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 338773
Cache-Control: public, max-age=315569260
Content-Type: text/html; charset=utf-8
Date: Thu, 10 Mar 2022 01:32:00 GMT
Etag: "3a07261c09dc26c2aab6b4b9cada462f+gzip"
Last-Modified: Tue, 08 Dec 2015 21:35:23 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (itm/7511)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13831

GET
H/1.1 200
OK facebook-icon.png
icons.iconarchive.com/icons/danleech/simple/128/ 1 KB
2 KB 17ms
11ms Image
image/png 2606:4700:3038::6815:e9b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://icons.iconarchive.com/icons/danleech/simple/128/facebook-icon.png
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:e9b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c250c380e0accabb2dfc9a70334cdc20002ecc19627011cd077ba2126c48b433

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:00 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6241
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1426
last-modified: Wed, 08 Jul 2020 23:28:07 GMT
Server: cloudflare
etag: "5f065687-592"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zjFPItlAmpU5DLiQ4LRPv4Hhjn%2Fs91jhrJSmVrAMcJgmoJK9xaSc1kMrMENkwtXuc8BnXz4MQmmJYynaVhwWJrFHsYdx2Gu6QGTuodGzdTePZ497l4LOpBZ9uT2NSMcL%2FVrohKoP8uh36SBOBFGSnAoL6M%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6e984b471d541f93-NRT

GET
H/1.1 200
OK twitter-icon.png
icons.iconarchive.com/icons/danleech/simple/128/ 3 KB
3 KB 316ms
310ms Image
image/png 2606:4700:3038::6815:e9b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://icons.iconarchive.com/icons/danleech/simple/128/twitter-icon.png
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:e9b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5036ec69fdb369374fe25352d1803d66abd38eeb1913c3b39db578ef82b31b9c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:00 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 08 Jul 2020 23:28:07 GMT
Server: cloudflare
ETag: "5f065687-af6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvdsz4iaiK%2BSYXw%2BY9U1j1L0xYJWRRTixqiKeR4xxyZGRFxZ4DS5YHsOPdjjwQdIa6RKVMjcBFiJWQsZvwTJsXe%2FZIXSson2O%2By6v62v5BfxjI9C%2BxFi8jyDKaQ8NpxQ0sS9TPlev10BU5zwJeQEQ0HYmcE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e984b471f2834d5-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2806

GET
H/1.1 200
OK youtube-icon.png
icons.iconarchive.com/icons/danleech/simple/128/ 4 KB
5 KB 19ms
13ms Image
image/png 2606:4700:3038::6815:e9b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://icons.iconarchive.com/icons/danleech/simple/128/youtube-icon.png
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:e9b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb463ae79e70866c2dbc9131cbfb5e68b7ee1b48f29ea76b4ecf9b13b1f47ab6

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:00 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5517
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4376
Last-Modified: Wed, 08 Jul 2020 23:28:07 GMT
Server: cloudflare
ETag: "5f065687-1118"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLUnC2MQmWQvzqbjT5r3mDy%2FSJ3RM2Lc8NueQrHaCTK7fcscWFe7gegQB3unbhBhAD7A%2BDX%2BBbj1vdPXd5ExM1IElda1b%2BMyKnVlEVXEfsAg5KGC38S5wbYzSUZXn1fRe0lFkNDfuLGi5mAzwUUB1erVlgc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6e984b4719403487-NRT

GET
H2 200 Instagram-icon.png
icons.iconarchive.com/icons/limav/flat-gradient-social/96/ 7 KB
7 KB 321ms
305ms Image
image/png 2606:4700:3038::6815:e9b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.iconarchive.com/icons/limav/flat-gradient-social/96/Instagram-icon.png
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17d7c3242a0cb155383308fb2ce1961ecc904e1914019d74e807bf64b909f4fd

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 08 Jul 2020 23:51:15 GMT
server: cloudflare
etag: "5f065bf3-1b76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKGs1yS3asAraahdEB%2FceFBKEPFRPy%2BSENlu3YD%2B3xRAxHo%2FI2i3aGPJ6njuH1M6kAXuSvl0UySD5QmpkT85wnohaCWpeILxuhZHNX5WbURHoi48I12ml28jeBSSumFzVU0TYPSHFPuWt%2By96oemUZqaZ6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e984b4728fb8a5a-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7030

GET
H2 200 web-telegram-icon.png
icons.iconarchive.com/icons/bokehlicia/captiva/96/ 8 KB
8 KB 324ms
308ms Image
image/png 2606:4700:3038::6815:e9b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.iconarchive.com/icons/bokehlicia/captiva/96/web-telegram-icon.png
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa6afc797b942447a614ba707e8c758522594248a1a928dee12e9a37e8e30be

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 08 Jul 2020 23:25:08 GMT
server: cloudflare
etag: "5f0655d4-1e56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pc%2F%2F%2FMP4Tw6gmxWAXjWRoNntCHqOJ75K2%2FPLI%2BmaeA%2BsLADS6i0ezlfQatZavGV%2FGHsxxb5RTsb%2F5YOwb8fXMVNWNOzpDF9hBA5%2B%2FgvsaagFuWbHpoGBpzCwjM3%2F2iwvbRoZK9rJ2mUdmkswvDBoVtrxQnw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e984b4728fd8a5a-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7766

GET
H2 200 pinterest-icon.png
icons.iconarchive.com/icons/graphics-vibe/classic-3d-social/96/ 8 KB
9 KB 176ms
160ms Image
image/png 2606:4700:3038::6815:e9b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.iconarchive.com/icons/graphics-vibe/classic-3d-social/96/pinterest-icon.png
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85bd45b6a028d6be43f3849c12d41e59d3c72bd5fec88a990cd4b4600a0270a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
cf-cache-status: MISS
last-modified: Wed, 08 Jul 2020 23:41:48 GMT
server: cloudflare
etag: "5f0659bc-1fdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cQvzY03STTOy9Rl20n84bkVga8x0VXYvYUc1ToFFposSbbJ60K4g8TsJi%2FJuMIHYLXizRugMXKGkF4uysmiLKvoIRz%2Br8d4Fjkk9aokHuV6cRl9vg%2B49ARxm6i6iAKzML%2BM96DCx3hBNwa7TEig3jhBbEU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e984b4728ff8a5a-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8156

GET
H2 200 Tumblr-icon.png
icons.iconarchive.com/icons/designbolts/3d-social/96/ 6 KB
6 KB 320ms
304ms Image
image/png 2606:4700:3038::6815:e9b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.iconarchive.com/icons/designbolts/3d-social/96/Tumblr-icon.png
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 920fbbeffb167f3922f614bc4868d5ebae78ed7c6688e710e11e4e1102d48c45

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 08 Jul 2020 23:30:50 GMT
server: cloudflare
etag: "5f06572a-1871"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpgFHibQ4gnvp3SX3YvXhhY%2BbwSMXkINBBg2%2FubCkSWx5R%2BSvEfR2QMX%2BheBksZH2hTzzAzEqoeO%2BVQFWXy4BkvO8TenmJfYoX%2Fc2xNi8B2Z8QfMpD2CfWs4UDiZZ3Oeu8ifSYgNGTWCoQKWqArF%2FaLtwuE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e984b4729028a5a-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6257

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v17/ 15 KB
15 KB 23ms
5ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.povovu.com/
Origin: http://www.povovu.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 01:22:31 GMT
x-content-type-options: nosniff
age: 173369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:30:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Mar 2023 01:22:31 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKXGUdhrIqM.woff2
fonts.gstatic.com/s/opensans/v17/ 14 KB
14 KB 24ms
6ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKXGUdhrIqM.woff2

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10879c90d675623954d308fa8d34ab038c915646aa4167764fd8bb02804cbbf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.povovu.com/
Origin: http://www.povovu.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:19:33 GMT
x-content-type-options: nosniff
age: 148347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13852
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:31:00 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Mar 2023 08:19:33 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 78 KB
79 KB 9ms
9ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.povovu.com/
Origin: http://www.povovu.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1237185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80300
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-139ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIWhe4bd29ZTZTubBORSY1rdsNTsdzL7sQq7Y51afV4bzWF0ZToKkI0lAXwUvofaavmPJikkd6mscgwrJ4pc4L53uqHZqiLgtCjG5ZaylN7NlU2Dat4Axd7UQR%2BqIMyN%2FXKF56hrfgBaHKxP8nzHHSFn"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e984b472ef18a72-NRT
expires: Tue, 28 Feb 2023 01:32:00 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFW50bbck.woff2
fonts.gstatic.com/s/opensans/v17/ 11 KB
12 KB 13ms
4ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFW50bbck.woff2

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.povovu.com/
Origin: http://www.povovu.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 00:02:36 GMT
x-content-type-options: nosniff
age: 264564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11316
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:30:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 00:02:36 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v17/ 11 KB
12 KB 14ms
8ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.povovu.com/
Origin: http://www.povovu.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:13:02 GMT
x-content-type-options: nosniff
age: 127138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11708
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:30:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Mar 2023 14:13:02 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKXGUdhlIqOjjg.woff2
fonts.gstatic.com/s/opensans/v17/ 11 KB
11 KB 8ms
8ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKXGUdhlIqOjjg.woff2

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02271fa02eef799a926e06e0c06f551258ed86817d5c6d3e5ed5c14f14e220e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.povovu.com/
Origin: http://www.povovu.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 12:43:21 GMT
x-content-type-options: nosniff
age: 391719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11148
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 12:43:21 GMT

GET
H/1.1 200
OK sayac.html Show response
www.jestspor35.xyz/ Frame 516D 1 KB
1 KB 880ms
498ms Document
text/html 2606:4700:3033::6815:5224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.jestspor35.xyz/sayac.html
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:5224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8749bf897f2e4ee34ad92ec866f5042c22a4593cbc47fad1a17fa345c744c1b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/

Response headers

Date: Thu, 10 Mar 2022 01:32:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 20 Feb 2022 12:29:06 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2oOEzfeyf3OTbDn6fa1xrE4tQlggukMNq2IvWKMNXOXBlwh0%2FYx4FKsbBc8c7ZyZi9PQhpFO0XtDy5vuVbm9iZ0VS2s4Y0xWs6skHda27UQSrXGvmGBbwvWVPASE7ZGms9eSWacbQBHu2WAkce8gwY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6e984b49df3c80cb-NRT
Content-Encoding: gzip

GET
H2 403 ABLy4Ew0nybAaGlHs8cRG3p5dlnlQUlaALiTy56T-Fm7-ubpvpIBevoWcM_zhRBYm3oEuVDI0bOJttFaKeA3Y_S9-fTchUEYqkUynVl9Q8bOToYG6mS8tFZ4awlxUCKVsjhudnqBXbKCBtqhiUBtGaaIX5wVzP32NnUDKPpo4PJR3PdKQO-gmvIQcGdiW8v0qSQFV...
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 111ms
71ms Image
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4Ew0nybAaGlHs8cRG3p5dlnlQUlaALiTy56T-Fm7-ubpvpIBevoWcM_zhRBYm3oEuVDI0bOJttFaKeA3Y_S9-fTchUEYqkUynVl9Q8bOToYG6mS8tFZ4awlxUCKVsjhudnqBXbKCBtqhiUBtGaaIX5wVzP32NnUDKPpo4PJR3PdKQO-gmvIQcGdiW8v0qSQFVKnDrhliX5ihbSAr9P0DnpTQB1FC_bvuJLADaq3ZzBMIo5_1Q6Gp59HWJYRCVbDBCN_FcfSLODi5MVNDlhaTQng7P2INnsa6WWaBKdkUWDdmbgfX8ibmAQVmOPKPIGRE_FfJ_eO6=w680
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 403 ABLy4EypccecdWIoiHegXc5tObtSb_HCfGpeg31MnKdFhHpIy4F3Q1TBHeiw3ry1bW_pwHA3uZy5YWACVnYs1ktAydTiR6wew-lMmUUDjU_zvqR18dM=w680
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 111ms
71ms Image
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EypccecdWIoiHegXc5tObtSb_HCfGpeg31MnKdFhHpIy4F3Q1TBHeiw3ry1bW_pwHA3uZy5YWACVnYs1ktAydTiR6wew-lMmUUDjU_zvqR18dM=w680
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 403 ABLy4EwrTdl5Q4lKlz1Tn54Gy-FP362gz88sOwzszTkIM356Qtp-MBlflP0zQxQDxMEhmLWBh-9rFqwZGvzqlU-X25lQMjBETwT-sBF0Sbfj4VRnMLFyGJgRHAKKmXlB1meteeUNLxizS6eB89A60T1sWYR0CGeVrP0Lkw8=w680
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 77ms
37ms Image
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EwrTdl5Q4lKlz1Tn54Gy-FP362gz88sOwzszTkIM356Qtp-MBlflP0zQxQDxMEhmLWBh-9rFqwZGvzqlU-X25lQMjBETwT-sBF0Sbfj4VRnMLFyGJgRHAKKmXlB1meteeUNLxizS6eB89A60T1sWYR0CGeVrP0Lkw8=w680
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK v4.webp
www.jestspor27.xyz/V/mobil/ 20 KB
21 KB 1149ms
1009ms Image
image/webp 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.jestspor27.xyz/V/mobil/v4.webp
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59314372ce656ec81c1bc860851debd7b1e54572fe8543597feccbd8e4cc6766

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:01 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 12 Jan 2022 10:13:29 GMT
Server: cloudflare
ETag: "56cc85b9d7d81:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek%2Bdl4uOUTtI08apwwv3R2%2BBXSeXOORhCNRwmbbg8lKwZmixM13g8NUfUIPkW8kHNobpJgSoJ45BgnPP7dgApKz7sPUIQn9OI%2BbVYT83KUnqphR8LhS3%2FDSw0vYlxB5gF%2FfI0%2BYXxW8i5ZY1zTH9d%2B0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e984b486a6c2035-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 20560

GET
H/1.1 200
OK v3.webp
www.jestspor27.xyz/V/mobil/ 28 KB
29 KB 659ms
519ms Image
image/webp 2606:4700:3035::6815:5cf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.jestspor27.xyz/V/mobil/v3.webp
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:5cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f24e217dfe6ccadfbb27563f70339233f5096913cd814377510bdc242014661

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:01 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 02 Dec 2021 18:08:25 GMT
Server: cloudflare
ETag: "edfdec99a7e7d71:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeXxP81i8H7vRMokeke5IsUNE8VpuRe82%2BHERv4OPArJzG4dBkg6MQ4vj2fxUDYj9rc7DTAY%2BTUyxlQ6Obnk8SxPxMx%2BDjNyOuWdsXruKnN0qhw%2F%2FPSW%2BjGD6O%2F8kpTzFbi4SD%2FC12KimI3OtLQ%2Bij0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e984b486a198a84-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 29112

GET
H2 200 nth.png
4.bp.blogspot.com/-O3EpVMWcoKw/WxY6-6I4--I/AAAAAAAAB2s/KzC0FqUQtkMdw7VzT6oOR_8vbZO6EJc-ACK4BGAYYCw/w680/ 4 KB
4 KB 117ms
3ms Image
image/png 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-O3EpVMWcoKw/WxY6-6I4--I/AAAAAAAAB2s/KzC0FqUQtkMdw7VzT6oOR_8vbZO6EJc-ACK4BGAYYCw/w680/nth.png

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd7739e2674c5fe13e0a51140a51189b82c5bbaf087c18a04d30b62fad9648a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 00:47:50 GMT
x-content-type-options: nosniff
age: 2650
content-disposition: inline;filename="nth.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3725
x-xss-protection: 0
server: fife
etag: "v76c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 21 Feb 2022 23:26:58 GMT

GET
H2 200 Galatasaray-%25E2%2580%2593-Randers-Kapak.jpg
1.bp.blogspot.com/-FLPwGf2puo8/YSdZDCPDF-I/AAAAAAAAA_U/c6x9iQO-a-Mv_d1AYiXVLTS4F8dCwhmDgCLcBGAsYHQ/w680/ 89 KB
89 KB 128ms
51ms Image
image/jpeg 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-FLPwGf2puo8/YSdZDCPDF-I/AAAAAAAAA_U/c6x9iQO-a-Mv_d1AYiXVLTS4F8dCwhmDgCLcBGAsYHQ/w680/Galatasaray-%25E2%2580%2593-Randers-Kapak.jpg

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5613cf991b6c4e786acb1641f29398c55c0b9d6a5eba767b0dfdec9a6b3250ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Galatasaray-_-Randers-Kapak.jpg";filename*=UTF-8''Galatasaray-%E2%80%93-Randers-Kapak.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90765
x-xss-protection: 0
server: fife
etag: "v3f6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 10 Mar 2022 18:10:25 GMT

GET
H2 200 canli-mac-izle.jpg
1.bp.blogspot.com/-v1xhGN_sJYA/YSZNrzhPScI/AAAAAAAAAyw/FDzN9WhZvr430OMmuFCI93z1F_u_G9ksgCLcBGAsYHQ/s150/ 10 KB
10 KB 119ms
43ms Image
image/jpeg 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-v1xhGN_sJYA/YSZNrzhPScI/AAAAAAAAAyw/FDzN9WhZvr430OMmuFCI93z1F_u_G9ksgCLcBGAsYHQ/s150/canli-mac-izle.jpg

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8b676577446b599c91115b2d52fd095b5c1950ea9fb9e1a480de5d90aa5ce664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="canli-mac-izle.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9822
x-xss-protection: 0
server: fife
etag: "v32d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 10 Mar 2022 18:10:25 GMT

GET
H/1.1 200
OK rocket-loader.min.js Show response
www.povovu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 6ms
5ms Script
application/javascript 2606:4700:3033::ac43:df71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.povovu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

HTTP/1.1

Server

2606:4700:3033::ac43:df71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 07 Mar 2022 14:41:33 GMT
Server: cloudflare
ETag: W/"6226199d-302c"
X-Frame-Options: DENY
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1V9P9VbfbwKqksrfP3NBkHI3v01hPMZl1dlVf59gn45ikwPnbz3yyzL1IwbmhW3nhZ3cIQCt47v1Q2NnPUHsGRiRIMP2Bn89a%2FR4F9DaVdlDwVV%2B3663tCraI5rw5BCsUxeBih4P6L%2FNgAAtw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=172800, public
CF-RAY: 6e984b478c360af4-NRT
Expires: Sat, 12 Mar 2022 01:32:00 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 13 KB
14 KB 9ms
9ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.povovu.com/
Origin: http://www.povovu.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 611723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13548
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-34ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AuNPqE8A9IWO25hdyxgwwHlKOKUHyD5tf9Xq8S37ltUJ9YHnnGAkcaBpdarVfmq%2B20D3wCTxQ%2ByRdAqmp0AdoYnc928fdN3GND4NU8L3bJNhXF%2FBu5tJt4rnpkqfbDrMAH5wSL68R4Z4CZvnsnC0bXz"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e984b479f9a8a72-NRT
expires: Tue, 28 Feb 2023 01:32:00 GMT

GET
H2 200 2016452510-widgets.js Show response
www.blogger.com/static/v1/widgets/ 155 KB
56 KB 230ms
3ms Script
text/javascript 2404:6800:4004:81c::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2016452510-widgets.js

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2009 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e61fbd650dbc740263f431b77f1d17a11cda8421f65058e11bfb927105bbc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57088
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 00:00:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 04 Mar 2023 02:48:38 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 84 KB
27 KB 14ms
8ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1918853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26909
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgfbyCv4EbL6UKFkL9r6Bl9LDhf35NAKCpT6Hdk7JYPzcCsZYCPn9o96c338mJEAHrfTp89cSReFeRRijMyW0GtAptW2WuIwnpWOAYO4irpN%2FpQe0UZGpR5YMuMXJ6uDiPRg8iDGZNVCxOnTVBbq3kiz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e984b47bb1833f0-NRT
expires: Tue, 28 Feb 2023 01:32:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
54 KB 208ms
168ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

678ba9b9bf2d137aa1d3ed8b3250dfc2549eaf9a239b0e8a79f2bb698bead22b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54683
x-xss-protection: 0
server: cafe
etag: 14541700393801658259
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 01:32:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 41ms
3ms Script
text/javascript 2404:6800:4004:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 08:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 08:29:31 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 684ms
229ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:01 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-17b8b"
vary: Accept-Encoding
x-hw: 1646875921.dop031.pa1.t,1646875921.cds222.pa1.hn,1646875921.cds223.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c5f24c182eb56a8a12d3bb1ff937169927ce271dec6da71c82a590a03101fcec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.povovu.com/
Origin: http://www.povovu.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kcnzjZDYIKf4Z/HQB+weDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 10 Mar 2022 01:47:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: UxFAGQZVCTG5C4NHq00d6oZ5bH+hn6agxeRaW/EpvlG3rTCz6Gxp1ngnASWqbNh2Fz0C1orOltJkdKp2q7Z/aw==
x-fb-trip-id: 382461245
x-fb-content-md5: 6b5ff657da473a81c8958c0317ecf052
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 10 Mar 2022 01:32:00 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "84111571438fe1ff77125fdcd34226be"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 2aNL_2X5bzb.css
static.xx.fbcdn.net/rsrc.php/v3/yi/l/1,cross/ Frame D11B 45 KB
11 KB 3ms
2ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/l/1,cross/2aNL_2X5bzb.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/justitv1&layout=button_count&show_faces=true&width=90&action=like&font=arial&colorscheme=light&height=21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

edc5e8698a9f51960e950dfb8d0f91007b2a2ced46d724707b8dfae1715acaa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: R+IYuLu0DgK/teGjQNbrZQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10739
x-fb-rlafr: 0
x-fb-debug: VBEpFh5UOMYn0ky3xjof7XGbqsSoM9VM9zJE4eljUKwzgZXqqj6qiep4uh1THpDpcl+ilOAqmhbA5kvof03dHg==
x-fb-trip-id: 382461245
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 Mar 2023 15:50:39 GMT

GET
DATA 200
OK truncated
/ Frame 595E 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 info.json Show response
cdn.syndication.twimg.com/widgets/followbutton/ Frame 595E 240 B
689 B 143ms
127ms Script
application/javascript 192.229.237.101
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/widgets/followbutton/info.json?callback=__twttr.setFollowersCountAndFollowing&lang=tr&screen_names=ligkolik1

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/follow_button.ab4ec33f73214445796a87ce54aee452.tr.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.101 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_m /

Resource Hash

cb623875da98a6d7ccfcbccbd161fae496ccb7574d17ccd6c0c7dfd319ebc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=126
content-length: 186
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 123
last-modified: Thu, 10 Mar 2022 01:32:01 GMT
server: tsa_m
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=600
x-connection-hash: b1e8a67acfe60da87575a8813e5a104ef4f0c7d911565955fde7f407ac0be1aa
timing-allow-origin: *
x-transaction: 4768a358fe5b3878
expires: Thu, 10 Mar 2022 01:42:01 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame 595E 43 B
477 B 122ms
112ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.povovu.com%2F%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1646875920937%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2243d7a3f%3A1449607660032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/follow_button.ab4ec33f73214445796a87ce54aee452.tr.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Thu, 10 Mar 2022 01:32:01 GMT
server: tsa_m
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 24ceaeb6cd5d68f18341d76f406555432be85d99a37898c739213958d861f944
x-transaction: 4bb7a76eaf22feb2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK c.js Show response
waust.at/ Frame 516D 12 KB
7 KB 24ms
14ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/c.js
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:01 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2635
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 03 May 2021 17:48:07 GMT
Server: cloudflare
etag: W/"60903757-2f8d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFamiVa7ng0gv3wKYyD9Qbb2BFDOYTZBOqK1E1eyVn40AUehg1pJx8JpRqOxGGGYFiGS7n6ho8jSv5cRB038z8nswjFz8nLZjj1nFjF9kUXJd5FPVZRaaKzNkVNQg24lU1tjs6xI"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
CF-RAY: 6e984b4d3ee52041-NRT
expires: Fri, 11 Mar 2022 00:48:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 516D 49 KB
20 KB 43ms
2ms Script
text/javascript 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6448
date: Wed, 09 Mar 2022 23:44:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 10 Mar 2022 01:44:33 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 516D 199 KB
68 KB 1141ms
436ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

80d405e729c9963fbe210196f78da6a44e841db7dba7b167cf2c0bd252a03de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:02 GMT
content-encoding: br
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-1102e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69678
expires: Thu, 10 Mar 2022 02:32:02 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ Frame 516D 8 KB
8 KB 1053ms
523ms Script
application/javascript 51.161.15.93
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&j=http%3A%2F%2Fwww.povovu.com%2F
Requested by: Host: waust.at
URL: http://waust.at/c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.93 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570927.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: caf7bae99d268cee26386493cc71624f91385fa30f844321ca876dacadbee11e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:02 GMT
X-T: 0.807
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl2
Expires: Thu, 10 Mar 2022 01:32:01 GMT

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ Frame 516D 29 B
213 B 398ms
198ms Script
text/javascript 67.202.94.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=k1iyraxfig&t=&c=c&x=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&y=http%3A%2F%2Fwww.povovu.com%2F&a=0&d=0.917&v=27&r=5623
Requested by: Host: waust.at
URL: http://waust.at/c.js
Protocol: HTTP/1.1
Server: 67.202.94.94 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 17f823ac162252af2b01de24c6d0c438d724a1f5ec80cdb15e3632d829160fa6

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:01 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H2 200 tc.js Show response
cdn.tynt.com/ Frame 516D 17 KB
7 KB 231ms
12ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: http://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:37 GMT
server: cloudflare
age: 36080
etag: W/"612951fd-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6e984b514dae8a87-NRT
expires: Sun, 13 Mar 2022 01:32:02 GMT

GET
DATA 200
OK truncated
/ Frame 516D 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 p
ic.tynt.com/b/ Frame 516D 35 B
523 B 808ms
204ms Image
image/gif 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!k1iyraxfig&lm=3&ts=1646875922149&dn=TC&iso=1&r=http%3A%2F%2Fwww.povovu.com%2F&t=www.jestspor35.xyz
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:02 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
etag: "4bc8846c-23"
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-type: image/gif
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame 516D 815 B
1 KB 1009ms
195ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!k1iyraxfig&dn=TC&cc=1&r=http%3A%2F%2Fwww.povovu.com%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 9dc17bc7f94a9a0bf143209238071bd143916408d79b59fa6f98c7b3d824d2a5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:02 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 815
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame B1B3 1 KB
751 B 245ms
244ms Document
text/html 51.161.15.93
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=10401646875922D12244DA511358CB62
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&j=http%3A%2F%2Fwww.povovu.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.93 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570927.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 844ad217e9032e6bcd0b56136d25613de254b0caabe8c05a69c9cfb0ea7c7abe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 10 Mar 2022 01:32:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 10 Mar 2022 01:32:01 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 516D 30 KB
10 KB 18ms
3ms Script
text/javascript 13.225.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&j=http%3A%2F%2Fwww.povovu.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.183.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-183-59.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:33:30 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 86313
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
via: 1.1 cb835650180a67bd468624c6340b9cc6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: NRT57-C4
content-type: text/javascript
x-amz-cf-id: QJ3-gVQqJ8U8o_MEyEbpVj3DdIIEibq5v6Ok1dkw8EwTuk2EF-YXQQ==

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ Frame 516D 50 B
318 B 726ms
244ms Script
application/javascript 51.161.15.93
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=jestspor35.xyz&_ss=3egbc6eg2w&_pv=1&_ls=0&_u1=1&_u3=1&_cc=jp&_pl=d&_cbid=57ii&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&j=http%3A%2F%2Fwww.povovu.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.93 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570927.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e54c9c1b9a353477bc1d9923202bea3655ddf238344f2001c23cf0312539b257

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:03 GMT
X-T: 0.288
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Thu, 10 Mar 2022 01:32:02 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 516D 535 B
950 B 91ms
8ms Fetch
application/json 18.65.200.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.200.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-200-60.nrt57.r.cloudfront.net
Software: /
Resource Hash: e725e43a8e0661261ff8f16ce5d21d2c4b56c0e7a5c7fcee62fe439ef66ee813

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:29:50 GMT
via: 1.1 5cbbcc51eb95a2072bb8064803109254.cloudfront.net (CloudFront), 1.1 181d3dc873bbebf835e197df6141b7be.cloudfront.net (CloudFront)
age: 25332
x-amzn-requestid: d1b45f5f-848f-4b24-8661-497be69be2c1
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: NRT20-C3, NRT57-P3
x-amz-apigw-id: OurEvFAICYcFplA=
content-length: 535
x-amz-cf-id: KM5g_VR5sS9wsSOUvRu1XN7JAspUl2h1AWSa8URUNhGxqjPpjDRU7Q==

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ Frame 516D 1 KB
840 B 53ms
3ms Fetch
application/json 99.84.128.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.128.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-128-57.nrt57.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 17:05:41 GMT
content-encoding: gzip
server: restify
age: 30381
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: http://www.jestspor35.xyz
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: NRT57-C3
x-amz-cf-id: 9jYpqIlVE3rz1iM6KEIVAzi8SC1vLE2aXn0Bbc_jayS4MkNq4kyf2A==
via: 1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 516D 43 KB
14 KB 407ms
3ms Script
text/javascript 18.65.191.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&j=http%3A%2F%2Fwww.povovu.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.191.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-191-13.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5f5fafca53e303f739660340b7354ea21f79ccb6f80aed85f4110c941b6cfc9

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 04:44:50 GMT
content-encoding: gzip
etag: W/"e8e52baa0cf6ccb764f317323674bacd"
last-modified: Wed, 23 Feb 2022 22:03:02 GMT
server: AmazonS3
age: 74834
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 49b964f897a5e1c9f9d0e182630ef7ca.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: NRT57-P2
x-amz-cf-id: EgEoJqz1ctgzoD6S5mryP5Z1UOP_ghHv6-e94bZwhphHm5mHjFDnSQ==

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ Frame 516D 0
407 B 748ms
174ms Script
application/javascript 45.55.120.93
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401646875922D12244DA511358CB62&nid=0&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&r=http%3A%2F%2Fwww.povovu.com%2F
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&j=http%3A%2F%2Fwww.povovu.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.120.93 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 00:52:29 GMT
X-T: 1.08
x-server: web12.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Thu, 10 Mar 2022 00:52:28 GMT

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ Frame 516D 62 B
425 B 159ms
114ms Image
image/gif 23.2.3.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=10401646875922D12244DA511358CB62&ret=html&phint=__bk_l%3Dhttp%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&r=1094020
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.3.44 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-3-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 01:32:03 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 624d
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

204

/
spl.zeotap.com/ Frame 516D
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=10401646875922D12244DA511358CB62
https://spl.zeotap.com/?zdid=1332&zcluid=8d5f073a21b0d6f0

0
173 B

239ms
158ms

Image
text/plain

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1332&zcluid=8d5f073a21b0d6f0
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Mar 2022 01:32:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e984b5cbc1b1f3b-NRT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

Redirect headers

location: https://spl.zeotap.com?zdid=1332&zcluid=8d5f073a21b0d6f0
content-length: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/57545116/ Frame 516D
Redirect Chain

https://mc.yandex.ru/watch/57545116?wmode=7&page-url=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&page-ref=http%3A%2F%2Fwww.povovu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoc...
https://mc.yandex.ru/watch/57545116/1?wmode=7&page-url=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&page-ref=http%3A%2F%2Fwww.povovu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oiv...

392 B
474 B

218ms
218ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/57545116/1?wmode=7&page-url=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&page-ref=http%3A%2F%2Fwww.povovu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnrnrlmt4hr%3Afu%3A0%3Aen%3Awindows-1252%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A522982806239%3Ahid%3A1061845982%3Az%3A0%3Ai%3A20220310013202%3Aet%3A1646875923%3Ac%3A1%3Arn%3A997959968%3Arqn%3A1%3Au%3A1646875923458510399%3Aw%3A1x2%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1646875920558%3Ads%3A381%2C1%2C498%2C1%2C0%2C0%2C%2C36%2C0%2C%2C%2C%2C918%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646875923%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

df7a43d0bfdb58f41d72b02a1e12ef6decf1b9068c0757636471d94f0e8039e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 10-Mar-2022 01:32:03 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.jestspor35.xyz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 392
x-xss-protection: 1; mode=block
expires: Thu, 10-Mar-2022 01:32:03 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:03 GMT
last-modified: Thu, 10-Mar-2022 01:32:03 GMT
location: /watch/57545116/1?wmode=7&page-url=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&page-ref=http%3A%2F%2Fwww.povovu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnrnrlmt4hr%3Afu%3A0%3Aen%3Awindows-1252%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A522982806239%3Ahid%3A1061845982%3Az%3A0%3Ai%3A20220310013202%3Aet%3A1646875923%3Ac%3A1%3Arn%3A997959968%3Arqn%3A1%3Au%3A1646875923458510399%3Aw%3A1x2%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1646875920558%3Ads%3A381%2C1%2C498%2C1%2C0%2C0%2C%2C36%2C0%2C%2C%2C%2C918%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646875923%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://www.jestspor35.xyz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 10-Mar-2022 01:32:03 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame 516D 43 B
136 B 218ms
218ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:03 GMT
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 10 Mar 2022 02:32:03 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 516D 6 KB
2 KB 377ms
6ms Script
text/javascript 65.9.42.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-109.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: syrhL4HxyQ94RzTlcl0y8HYCMGvvMWLr
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 16:31:37 GMT
server: AmazonS3
age: 1602
etag: W/"5ff42869b876a4eddafd981cab0b8818"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 907f35c342230a570151549d009005d8.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Thu, 10 Mar 2022 01:05:30 GMT
x-amz-cf-pop: NRT12-C5
x-amz-cf-id: jca_2g9-yNoreEfehB6TGK_O59wAGVYuReAipc8nvLbB4c82zHd1zA==

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/ Frame 516D
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
465 B

310ms
106ms

Fetch
application/json

209.191.163.208
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 5282818554fe18f49f6250bc4f27b9b89d981a2e280658ad76b28e914f577b61

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://www.jestspor35.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Thu, 10 Mar 2022 01:32:03 GMT
Access-Control-Allow-Origin: http://www.jestspor35.xyz
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/ Frame 516D
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
465 B

305ms
103ms

Fetch
application/json

209.191.163.208
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 36f73cc16215cbe3d8bdc1e2db6d11781a4b8478eebb4f3641ad398013d625cd

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://www.jestspor35.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Thu, 10 Mar 2022 01:32:03 GMT
Access-Control-Allow-Origin: http://www.jestspor35.xyz
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 lotame-sync.html Show response
cdn-tc.33across.com/ Frame 8E1D 343 B
532 B 195ms
7ms Document
text/html 104.18.15.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tc.33across.com/lotame-sync.html
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!k1iyraxfig&dn=TC&cc=1&r=http%3A%2F%2Fwww.povovu.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html

Response headers

date: Thu, 10 Mar 2022 01:32:03 GMT
content-type: text/html
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
vary: Accept-Encoding
etag: W/"6129520b-157"
content-encoding: gzip
cf-cache-status: HIT
age: 197548
expires: Sun, 13 Mar 2022 01:32:03 GMT
cache-control: public, max-age=259200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e984b5ad9021d7b-NRT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 516D
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&33random=1646875923399.1&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&33random=1646875923399.1&cat=33across
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mkk4VDVRdVBnajBRSFVQMGZ3YVBFM3VRN0ZsbW83UlpwMThhaGxkRnkyQUU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mkk4VDVRdVBnajBRSFVQMGZ3YVBFM3VRN0ZsbW83UlpwMThhaGxkRnkyQUU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEMnujTyfu_NChXkSML_NbNU&google_cver=1

70 B
440 B

5ms
5ms

Image
image/gif

18.177.83.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEMnujTyfu_NChXkSML_NbNU&google_cver=1
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 18.177.83.12 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-83-12.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:03 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEMnujTyfu_NChXkSML_NbNU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 419
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 516D
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&33random=1646875923399.3&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&33random=1646875923399.3&cat=33across
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mkk4VDVRdVBnajBRSFVQMGZ3YVBFM3VRN0ZsbW83UlpwMThhaGxkRnkyQUU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mkk4VDVRdVBnajBRSFVQMGZ3YVBFM3VRN0ZsbW83UlpwMThhaGxkRnkyQUU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEMpHv2kT5Mse2kHgovBLHwE&google_cver=1

70 B
440 B

4ms
4ms

Image
image/gif

18.177.83.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEMpHv2kT5Mse2kHgovBLHwE&google_cver=1
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 18.177.83.12 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-83-12.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:03 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEMpHv2kT5Mse2kHgovBLHwE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 419
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16311/ Frame 8E1D 23 KB
8 KB 3ms
3ms Script
text/javascript 18.65.191.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by: Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.191.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-191-13.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5640e2177d8a24c6aef1d923c981591689205237b9c2fcba5215d10aa7bcf52e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://cdn-tc.33across.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:06:15 GMT
content-encoding: gzip
etag: W/"01cacbace375528e9789d3b3ed3804c2"
last-modified: Tue, 23 Nov 2021 20:35:46 GMT
server: AmazonS3
age: 26749
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 49b964f897a5e1c9f9d0e182630ef7ca.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: NRT57-P2
x-amz-cf-id: -hFvcEvP9gexWH63lv9lU5DjlckaNwq-fuT196E9sWa8yLxI_by4NA==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 8E1D 227 B
686 B 369ms
94ms XHR
application/json 54.169.112.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.112.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-112-177.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: c041d864dffcd398bc7c5840a45ba54fcc39152fbcc71c10f5d801e97647790b

Request headers

Referer: https://cdn-tc.33across.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:04 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cdn-tc.33across.com
cache-control: no-cache
x-server: 10.42.31.11
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 227
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 516D
Redirect Chain

https://um.simpli.fi/lj_match?r=49992
https://ce.lijit.com/merge?pid=2&3pid=E0FCB75453D44A23872C967F540DB227

43 B
679 B

308ms
103ms

Image
image/gif

209.191.163.208
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=E0FCB75453D44A23872C967F540DB227
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 01:32:04 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2sfo1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 10 Mar 2022 01:32:04 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=E0FCB75453D44A23872C967F540DB227
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 09 Mar 2022 01:32:04 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 516D
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=d1043e28c187ea68068b8ced
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=d1043e28c187ea68068b8ced&_li_chk=true&previous_uuid=549d632657524821b88092e8985ae9d3
https://x.bidswitch.net/sync?dsp_id=42&user_id=
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

43 B
510 B

78ms
78ms

Image
image/gif

35.213.12.39

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 35.213.12.39 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Date: Thu, 10 Mar 2022 01:32:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

59074
i6.liadm.com/s/ Frame 516D
Redirect Chain

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=569cfa46f2865fb71b10f199
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=569cfa46f2865fb71b10f199&_li_chk=true&previous_uuid=3cb5f64531f842c9a87fbc5e60f844fe
https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=569cfa46f2865fb71b10f199

43 B
419 B

841ms
172ms

Image
image/gif

2600:1f18:444a:4680:6bbe:49e:bc45:59

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=569cfa46f2865fb71b10f199

Requested by

Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:6bbe:49e:bc45:59 -, , ASN (),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:05 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=569cfa46f2865fb71b10f199
Date: Thu, 10 Mar 2022 01:32:04 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 516D
Redirect Chain

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_puhttp://www.povovu.com/&_puuid=569cfa46f2865fb71b10f199&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D501...
https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_puhttp://www.povovu.com/&_puuid=569cfa46f2865fb71b10f199&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D501...
https://ce.lijit.com/merge?pid=5014&3pid=7739997ed007449b5232496f41c5aa32

43 B
682 B

313ms
102ms

Image
image/gif

209.191.163.208
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5014&3pid=7739997ed007449b5232496f41c5aa32
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 01:32:04 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2sfo1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 10 Mar 2022 01:32:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='NON DSP COR CONi OUR BUS CNT'
location: https://ce.lijit.com/merge?pid=5014&3pid=7739997ed007449b5232496f41c5aa32
cf-ray: 6e984b5d3dad80f6-NRT
content-length: 0

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 516D 4 KB
1 KB 9ms
3ms XHR
application/json 18.65.191.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.191.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-191-13.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: http://www.jestspor35.xyz/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Mar 2022 17:56:18 GMT
content-encoding: gzip
age: 27348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 23 Feb 2022 22:03:02 GMT
server: AmazonS3
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 24763e4640ebb0bb6627bbd182fff826.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: NRT57-P2
x-amz-cf-id: pns8bf68gG_m2O-_menp5SZR0DninGMNHWi2y6C7vjPSG51aoWvFWQ==

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 199 KB
68 KB 436ms
436ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2bc62aebc064a2d24c9c50af2f85de93973592b120c9e1338f4fe298dfbe8759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: br
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-10fb3"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69555
expires: Thu, 10 Mar 2022 02:32:06 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
2ms Script
text/javascript 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6453
date: Wed, 09 Mar 2022 23:44:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 10 Mar 2022 01:44:33 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/ 294 KB
106 KB 149ms
113ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_fy2019.js?bust=31065574

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd5c0f48584cad1b8981dcc75465e246eb15994c9434b1790cdad08649086fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108449
x-xss-protection: 0
server: cafe
etag: 17984141662746446167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 01:32:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220303/r20190131/ Frame 4B14 10 KB
5 KB 41ms
3ms Document
text/html 2404:6800:4004:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220303/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Thu, 10 Mar 2022 00:18:59 GMT
expires: Thu, 24 Mar 2022 00:18:59 GMT
cache-control: public, max-age=1209600
age: 4387
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 19ms
10ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: www.povovu.com
URL: http://www.povovu.com/
Protocol: HTTP/1.1
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (itm/7511) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:06 GMT
Content-Encoding: gzip
Age: 283
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (itm/7511)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

POST data
bcp.crwdcntrl.net/6/ Frame 516D 0
0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 87ms
81ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.povovu.com
URL: http://www.povovu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbb15e8ebe5967ed635ee9309cfafa1833ab56249c41b08fca5f0aad9182e9a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53734
x-xss-protection: 0
server: cafe
etag: 9647003271131100855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 01:32:06 GMT

GET
H/1.1 200
OK default Show response
www.povovu.com/feeds/posts/ 208 KB
16 KB 544ms
543ms XHR
text/javascript 2606:4700:3033::ac43:df71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.povovu.com/feeds/posts/default?alt=json-in-script&max-results=5&callback=jQuery2240712633104978706_1646875926048&_=1646875926049

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

HTTP/1.1

Server

2606:4700:3033::ac43:df71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f20995a4b6502c406eeeb1f21cc5e26fcc8fb8f3d6968d6b66fb628abfef1e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://www.povovu.com/
X-Requested-With: XMLHttpRequest
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 15444
X-XSS-Protection: 0
Last-Modified: Wed, 09 Mar 2022 22:00:30 GMT
Server: cloudflare
ETag: W/"dc49c0e90f3024b574e3f9c571581a314fb279301a6c505d538ad278a4a04923"
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYGIUkLvEjCIPBrn%2B0LJaDkywMLmtP6clGWtEZci9l3L%2B0lPfGaLmfziuaGfjGx8DfM%2FDXY7mHvt8mBfHtavoZL1H4KXq31PORQ%2FtNc5YjYmLyFawtHvPXkVrBaTyVYv%2BTFP%2BAVZnNV6YLbSfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
CF-RAY: 6e984b69edd20af4-NRT
Expires: Thu, 10 Mar 2022 01:32:07 GMT

POST metrics
connect-metrics-collector.s-onetag.com/ Frame 516D 0
0

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame 2271 15 KB
6 KB 186ms
182ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/justitv1&layout=button_count&show_faces=true&width=90&action=like&font=arial&colorscheme=light&height=21

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1ea3839b1f507055e0fb556cbd4c31f0466b82262c7303ba3f4adb19341179a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: z+592xpOFIillUBe4tdLte2NOzhlvOUMTKIbZnskQh4UnDtlF6pcnSNPOS9wHqlXpwNqLUAYyzkRk5QkJHGO8g==
date: Thu, 10 Mar 2022 01:32:06 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK follow_button.ab4ec33f73214445796a87ce54aee452.tr.html Show response
platform.twitter.com/widgets/ Frame 2C2E 35 KB
36 KB 788ms
788ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.ab4ec33f73214445796a87ce54aee452.tr.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 202443d6ff9c3ce999f86e0e8da214066bb52146b65ccc12dc0f7e0b8cc09cb2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315569260
Content-Type: text/html; charset=utf-8
Date: Thu, 10 Mar 2022 01:32:07 GMT
Etag: "3a07261c09dc26c2aab6b4b9cada462f"
Last-Modified: Tue, 08 Dec 2015 21:35:23 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: AmazonS3
Server-Timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=779
x-tw-cdn: VZ
Content-Length: 36144

GET
H/1.1 200
OK sayac.html Show response
www.jestspor35.xyz/ Frame 8F15 1 KB
1 KB 284ms
284ms Document
text/html 2606:4700:3033::6815:5224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.jestspor35.xyz/sayac.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:5224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8749bf897f2e4ee34ad92ec866f5042c22a4593cbc47fad1a17fa345c744c1b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/

Response headers

Date: Thu, 10 Mar 2022 01:32:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 20 Feb 2022 12:29:06 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0T64fRBiGlzkaiwloThmrQzM%2FitPsAeW0ZZgug70Xf7sZeSIkpUqbOZknZGyg6UeDCHcb2oPrVGZllgyaFMZNEXnPAWTEVyAoB3ixZoTQAwywzKj70K5uGuqOKKOQhzdN9iiyOV8%2BYQP74%2BvzkatvoA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6e984b6a0a9c80cb-NRT
Content-Encoding: gzip

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 35ms
35ms XHR
text/plain 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=145969004&t=pageview&_s=1&dl=http%3A%2F%2Fwww.povovu.com%2F&ul=en-us&de=UTF-8&dt=Canl%C4%B1%20ma%C3%A7%20izle%20-%20Jestyay%C4%B1n%20izle%20-%20Taraftarium24%20izle%20-%20Justintv%20izle%20-%20Netspor%20izle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1339519638&gjid=171953563&cid=843372225.1646875926&tid=UA-109525042-2&_gid=213987137.1646875926&_r=1&_slc=1&z=1412825009

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.povovu.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.povovu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 2ms
2ms Image
image/gif 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=145969004&t=pageview&_s=2&dl=http%3A%2F%2Fwww.povovu.com%2F&ul=en-us&de=UTF-8&dt=Canl%C4%B1%20ma%C3%A7%20izle%20-%20Jestyay%C4%B1n%20izle%20-%20Taraftarium24%20izle%20-%20Justintv%20izle%20-%20Netspor%20izle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=843372225.1646875926&tid=UA-109525042-2&_gid=213987137.1646875926&z=776391823

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 07:47:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63855
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 280 KB
80 KB 6ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e2c65d14f5de182c4ed9e6e138b43df7

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

558ac11c3acec0a7402b6ce6b23b3b45e292a6f8ad5a1922936ac27eef037fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.povovu.com/
Origin: http://www.povovu.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 69HLcdLdVzxjUkSeAIuVhQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 81493
x-fb-rlafr: 0
x-fb-debug: PSrLHclMLRTc96+BRZOfon8+/N63CsY02oH2v6GvkAKUo8qqy76n60dxe3Xbu8S1KRKtzG316R5D6/s/z0egpA==
x-fb-content-md5: 4906f6301d45671eb076d7a9df91234d
x-frame-options: DENY
date: Thu, 10 Mar 2022 01:32:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "06b7dc53a3da16f04b69e79c6d3430e1"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 Mar 2023 23:36:00 GMT

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame 8C4C 319 KB
104 KB 46ms
12ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=http%3A%2F%2Fwww.povovu.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (itm/754A) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 526012
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 10 Mar 2022 01:32:06 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (itm/754A)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 138ms
45ms XHR
text/plain 2404:6800:4008:c01::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-109525042-2&cid=843372225.1646875926&jid=1339519638&gjid=171953563&_gid=213987137.1646875926&_u=IEBAAEAAAAAAAC~&z=584838094

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c01::9b -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.povovu.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 10 Mar 2022 01:32:06 GMT
content-type: text/plain
access-control-allow-origin: http://www.povovu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8C4C 294 B
372 B 121ms
121ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=91f6096ca4a0d9042e557c5f8dbbf54d73e8624b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=http%3A%2F%2Fwww.povovu.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

2221b570f47d77db7465b55907eddc1295c1a78ce43d36d2e6db2089140b6669

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 118
date: Thu, 10 Mar 2022 01:32:05 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 01:32:06 GMT
server: tsa_m
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 24ceaeb6cd5d68f18341d76f406555432be85d99a37898c739213958d861f944
content-length: 187

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 80ms
37ms Script
text/javascript 172.217.161.66

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.povovu.com&callback=_gfp_s_&client=ca-pub-9832462885799500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_fy2019.js?bust=31065574

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

904a8c9607dfaf83a5667244b1b2c73b8f08eac4739eab39e67d112d2c4f981b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 80ms
36ms Script
application/javascript 2404:6800:4004:81e::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=www.povovu.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_fy2019.js?bust=31065574

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 76ms
37ms Script
application/javascript 2404:6800:4004:81c::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.povovu.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_fy2019.js?bust=31065574

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 36ms
36ms Image
image/gif 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fwww.povovu.com%2F&tn=DIV&cls=black-bg&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 36ms
36ms Image
image/gif 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fwww.povovu.com%2F&tn=DIV&cls=black-bg&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 17B4 603 B
66 B 87ms
50ms Document
text/html 2404:6800:4004:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9832462885799500&output=html&adk=3823276793&adf=47290185&lmt=1646863230&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.povovu.com%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&dt=1646875926012&bpp=3&bdt=5731&idt=239&shv=r20220303&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3049301146992&frm=20&pv=2&ga_vid=843372225.1646875926&ga_sid=1646875926&ga_hid=145969004&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758396%2C31065469%2C31065574%2C31063246&oid=2&pvsid=2876157433711805&pem=567&tmod=594382338&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=253

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_fy2019.js?bust=31065574

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Mar 2022 01:32:06 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 86ms
49ms XHR
application/json 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220303&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_fy2019.js?bust=31065574

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfded89e19833c263d40062f2b680990c9d595b10afa3d840898febc6c159457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0

GET
H3 200 2aNL_2X5bzb.css
static.xx.fbcdn.net/rsrc.php/v3/yi/l/1,cross/ Frame 2271 45 KB
11 KB 3ms
3ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/l/1,cross/2aNL_2X5bzb.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

edc5e8698a9f51960e950dfb8d0f91007b2a2ced46d724707b8dfae1715acaa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: R+IYuLu0DgK/teGjQNbrZQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10739
x-fb-rlafr: 0
x-fb-debug: VBEpFh5UOMYn0ky3xjof7XGbqsSoM9VM9zJE4eljUKwzgZXqqj6qiep4uh1THpDpcl+ilOAqmhbA5kvof03dHg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 Mar 2023 15:50:39 GMT

GET
H/1.1 200
OK button.1c2a6e168692ffea6cc8d4efc5b6f6bc.js Show response
platform.twitter.com/js/ 7 KB
3 KB 12ms
12ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.1c2a6e168692ffea6cc8d4efc5b6f6bc.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (itm/750C) /
Resource Hash: e4adc260fa5bff268e2359ba73814e154d7e3cd828dd946b8076d6b5129218a3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:06 GMT
Content-Encoding: gzip
Age: 526012
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 2293
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:23 GMT
Server: ECS (itm/750C)
Etag: "0fe442c8a1482a5540ef9bb91b588585+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 109ms
69ms Script
text/javascript 2404:6800:4004:822::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_fy2019.js?bust=31065574

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 01:32:06 GMT

GET
H/1.1 200
OK c.js Show response
waust.at/ Frame 8F15 12 KB
7 KB 8ms
7ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/c.js
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2640
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 03 May 2021 17:48:07 GMT
Server: cloudflare
etag: W/"60903757-2f8d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pg1ebj1T9j6va%2BF%2Bi%2B0RU2P8gI2dbp0JEsXwrHs%2B9ckfkl9UtS%2F7UunbQCfDjfOfVPFdl%2BEb3qgZq%2BOZkMSn%2BR6POBvYsBcBq2k8plBBhD9ZJTtmg%2FXocOeJ9a2Qun2qNhzAjmSo"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
CF-RAY: 6e984b6bc8a62041-NRT
expires: Fri, 11 Mar 2022 00:48:06 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 8F15 49 KB
20 KB 3ms
2ms Script
text/javascript 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6453
date: Wed, 09 Mar 2022 23:44:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 10 Mar 2022 01:44:33 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 8F15 199 KB
68 KB 499ms
498ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

80d405e729c9963fbe210196f78da6a44e841db7dba7b167cf2c0bd252a03de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: br
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-1102e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69678
expires: Thu, 10 Mar 2022 02:32:06 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ Frame 8F15 8 KB
8 KB 967ms
485ms Script
application/javascript 51.161.15.93
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&j=http%3A%2F%2Fwww.povovu.com%2F
Requested by: Host: waust.at
URL: http://waust.at/c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.93 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570927.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bad0a9ce9d64f890de33ad16af3fa09e06d978cdc6ac4f0081f0d994a592f0c2

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:07 GMT
X-T: 0.721
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl2
Expires: Thu, 10 Mar 2022 01:32:06 GMT

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ Frame 8F15 29 B
213 B 198ms
198ms Script
text/javascript 67.202.94.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=k1iyraxfig&t=&c=c&x=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&y=http%3A%2F%2Fwww.povovu.com%2F&a=0&d=0.294&v=27&r=4342
Requested by: Host: waust.at
URL: http://waust.at/c.js
Protocol: HTTP/1.1
Server: 67.202.94.94 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 17f823ac162252af2b01de24c6d0c438d724a1f5ec80cdb15e3632d829160fa6

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK follow_button.a58e82e150afc25eb5372dd55a98b778.tr.html Show response
platform.twitter.com/widgets/ Frame 2699 37 KB
14 KB 14ms
14ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.a58e82e150afc25eb5372dd55a98b778.tr.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (itm/7573) /
Resource Hash: f02c52b6a170a719d6c0e2c1021588134c7392ff874f2ac95774682623e82633

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-control-allow-origin: *
Age: 505729
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 10 Mar 2022 01:32:06 GMT
Etag: "d244cbd3dda4b33654c62ca1d509fa22+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (itm/7573)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13909

GET
DATA 200
OK truncated
/ Frame 2699 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 info.json Show response
cdn.syndication.twimg.com/widgets/followbutton/ Frame 2699 253 B
415 B 108ms
108ms Script
application/javascript 192.229.237.101
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/widgets/followbutton/info.json?callback=__twttr.setFollowersCountAndFollowing&lang=tr&screen_names=jestyayin1

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/follow_button.a58e82e150afc25eb5372dd55a98b778.tr.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.101 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_m /

Resource Hash

f027d46165baa8494d1c0411947c7bf7b96c246d27ff428928d597c7a4f91d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=",edge;dur=107
content-length: 201
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 104
last-modified: Thu, 10 Mar 2022 01:32:06 GMT
server: tsa_m
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=600
x-connection-hash: 21d0175d7e5970ed32cc28d108c1dbee02f1e11d3052b42176e91989db38828b
timing-allow-origin: *
x-transaction: 2ed9d45dbd519236
expires: Thu, 10 Mar 2022 01:42:06 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E108 13 KB
5 KB 47ms
3ms Document
text/html 2404:6800:4004:822::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Mar 2022 23:59:37 GMT
expires: Wed, 08 Mar 2023 23:59:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 91949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2866 783 B
1 KB 339ms
129ms Document
text/html 2607:f8b0:4007:814::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4007:814::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

58fb09b6f1d7a929735c307d8ffc043fffe39e5b031ed1e411c75d105e7e9ba2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k4ZC9DLFDV/whJ9fGLyZtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 10 Mar 2022 01:32:06 GMT
date: Thu, 10 Mar 2022 01:32:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-k4ZC9DLFDV/whJ9fGLyZtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame E108 35 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 06:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 06:50:16 GMT

GET
DATA 200
OK truncated
/ Frame 8F15 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 tc.js Show response
cdn.tynt.com/ Frame 8F15 17 KB
7 KB 10ms
10ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: http://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:37 GMT
server: cloudflare
age: 36084
etag: W/"612951fd-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6e984b6d39f38a87-NRT
expires: Sun, 13 Mar 2022 01:32:06 GMT

GET
H2 200 314
iaftm.tmgrup.com.tr/3f951e/632/314/0/0/632/ 30 KB
31 KB 1580ms
275ms Image
image/jpeg 31.210.76.116

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iaftm.tmgrup.com.tr/3f951e/632/314/0/0/632/314?u=https://iftm.tmgrup.com.tr/2022/03/07/barcelona-galatasaray-maci-sifresiz-izle-barcelona-galatasaray-hangi-kanalda-canli-yayinlanacak-1646669167863.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.210.76.116 -, , ASN (),
Reverse DNS
Software: MerlinCDN /
Resource Hash: 4ca334cf28ac966435f9763f1ede938f1f8d497c486ba7709cec68be18089e68

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:18 GMT
via: HTTP/2.0 Merlin CDN
age: 205964
x-midtier: tr-izm-nt-s05
content-disposition: inline; filename=632x314-barcelona-galatasaray-maci-sifresiz-izle-barcelona-galatasaray-hangi-kanalda-canli-yayinlanacak-1646669167863.jpg
content-length: 30918
last-modified: Mon, 07 Mar 2022 16:13:03 GMT
server: MerlinCDN
allow: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
x-edge: tr-ist-rdr-s03
cache-control: max-age=15552000
x-server: 209
x-ecache: HIT
accept-ranges: bytes
x-mcache: HIT

GET
H2 200 1083673.jpg
cdn.bolgegundem.com/d/news/ 334 KB
334 KB 1931ms
1783ms Image
image/jpeg 2606:4700:20::681a:ae6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bolgegundem.com/d/news/1083673.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae6 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ed6b300e722daf442297d3344c86d8895323cf3f67bceea558b2143129aa819d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:08 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 341522
last-modified: Mon, 07 Mar 2022 14:42:19 GMT
server: cloudflare
etag: "622619cb-53612"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyI6vsYJgQSIVDZuqc7IDGqspugu%2BSRp%2FdjYV%2Bqkrp3qOA6RGg6jUhOifWdkNY%2BnYPL%2FtNGti1pIAhboIBpqd3d9Mb2jR4PAAoXSiwVpGeVVCr4g6rTCg6Sz1dy8Wire%2Fgl4fk7oumb88jci3pX27Pg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e984b6e6e6380d7-NRT
expires: Fri, 10 Mar 2023 01:32:07 GMT

GET
H2 200 Arturo-Vidal-Mohamed-Salah.jpg
football-italia.net/wp-content/uploads/2022/02/ 494 KB
495 KB 278ms
265ms Image
image/webp 2606:4700:10::ac43:185c

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://football-italia.net/wp-content/uploads/2022/02/Arturo-Vidal-Mohamed-Salah.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:185c -, , ASN (),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4839674605c49e028318f8997f7ca67ff4b0efa975a815e1e2077ada3b6f9700

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
cf-cache-status: REVALIDATED
x-powered-by: PleskLin
content-disposition: inline; filename="Arturo-Vidal-Mohamed-Salah.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 506230
last-modified: Wed, 16 Feb 2022 21:08:54 GMT
server: cloudflare
etag: "620d67e6-12f870"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=43200
cf-polished: origFmt=jpeg, origSize=1243248
accept-ranges: bytes
cf-ray: 6e984b6d8f5180d5-NRT
cf-bgj: imgq:100,h2pri

GET
H2 200 5d87a43c5542821c0c879802.gif
i2.milimaj.com/i/milliyet/75/0x0/ 170 KB
171 KB 1564ms
256ms Image
image/gif 185.102.219.172

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.milimaj.com/i/milliyet/75/0x0/5d87a43c5542821c0c879802.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 -, , ASN (),
Reverse DNS
Software: MerlinCDN /
Resource Hash: 1b85c1266ea938348ef49b3d7d5c3ea925581d597438f856029e1849540b6e7a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:08 GMT
via: HTTP/2.0 Merlin CDN
dsuid: 19
server: MerlinCDN
age: 247035
x-midtier: de-fra-dp-s02
allow: GET, HEAD
content-type: image/gif
x-edge: de-fra-dp-s03
cache-control: max-age=31536000
x-ecache: HIT
accept-ranges: bytes
content-length: 174425
x-mcache: HIT

GET
H2 200 616c56f266a97cb4a86a8d70.jpg
img.fanatik.com.tr/img/78/1200x695/ 79 KB
79 KB 1791ms
468ms Image
image/webp 109.236.91.24

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fanatik.com.tr/img/78/1200x695/616c56f266a97cb4a86a8d70.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.236.91.24 -, , ASN (),
Reverse DNS
Software: MerlinCDN /
Resource Hash: a3a3a24d9f6c5801802bcc169863fac1cf7c3f090765e6e2c2e95ab6a2b80b09

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:08 GMT
via: HTTP/2.0 Merlin CDN
age: 299618
x-midtier: de-fra-dp-s02
x-cache-status: MISS
access-control-max-age: 1728000
content-length: 80796
server: MerlinCDN
etag: W/"b9620494933d50bbb3fec838299ffdb43d1b7946"
allow: GET, HEAD
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-edge: nl-naw-ws-s01
cache-control: max-age=2592000, public
access-control-allow-credentials: true
x-ecache: HIT
accept-ranges: bytes
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-mcache: HIT
expires: Mon, 04 Apr 2022 22:00:55 GMT

GET
H2 200 p
ic.tynt.com/b/ Frame 8F15 35 B
348 B 201ms
201ms Image
image/gif 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!k1iyraxfig&lm=3&ts=1646875926651&dn=TC&iso=1&r=http%3A%2F%2Fwww.povovu.com%2F&t=www.jestspor35.xyz
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
etag: "4bc8846c-23"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-type: image/gif
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E108 0
9 B 2ms
1ms Image
text/plain 2404:6800:4004:822::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JUHqzw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2001 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 54612442 Show response
mc.yandex.ru/watch/ 357 B
458 B 218ms
218ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/54612442?wmode=7&page-url=http%3A%2F%2Fwww.povovu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnrnrlctj3z%3Afp%3A859%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A198599157133%3Ahid%3A777757418%3Az%3A0%3Ai%3A20220310013206%3Aet%3A1646875927%3Ac%3A1%3Arn%3A321644534%3Arqn%3A1%3Au%3A1646875927949667723%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1646875919637%3Ads%3A15%2C4%2C259%2C269%2C356%2C0%2C%2C28%2C0%2C6362%2C6362%2C2%2C957%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646875927%3At%3ACanl%C4%B1%20ma%C3%A7%20izle%20-%20Jestyay%C4%B1n%20izle%20-%20Taraftarium24%20izle%20-%20Justintv%20izle%20-%20Netspor%20izle&t=gdpr(14)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

93e8a240b7efcef086b5c8b106d62dd0d5c004b12551ce8b89734e6f757202fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 10-Mar-2022 01:32:06 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.povovu.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Thu, 10-Mar-2022 01:32:06 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
72 B 218ms
218ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 10 Mar 2022 02:32:06 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
146 B 113ms
113ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.povovu.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_creator_screen_name%22%3A%22Taraftarium24%2C%20taraftarium24%20izle%2Ccanl%C4%B1%20ma%C3%A7%20izle%2C%20bein%20sports%2C%20bein%20sports%20izle%2C%20bein%20sports%20canl%C4%B1%20izle%2C%2Cjustin%20tv%20izle%2Cma%C3%A7%20izle%22%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1646875926696%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Thu, 10 Mar 2022 01:32:06 GMT
server: tsa_m
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 24ceaeb6cd5d68f18341d76f406555432be85d99a37898c739213958d861f944
x-transaction: b31002fc9a99e71c
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2866 0
0 52ms
51ms Image
text/html 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220303&jk=2876157433711805&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 57545116 Show response
mc.yandex.ru/watch/ Frame 8F15 392 B
495 B 218ms
218ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/57545116?wmode=7&page-url=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&page-ref=http%3A%2F%2Fwww.povovu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnrnrlmt4hr%3Afu%3A0%3Aen%3Awindows-1252%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A522982806239%3Ahid%3A804923746%3Az%3A0%3Ai%3A20220310013206%3Aet%3A1646875927%3Ac%3A1%3Arn%3A875885623%3Arqn%3A2%3Au%3A1646875923458510399%3Aw%3A1x2%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1646875926079%3Are%3A1%3Ads%3A0%2C0%2C284%2C0%2C0%2C0%2C%2C9%2C0%2C%2C%2C%2C294%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646875927%3At%3A&t=gdpr(14)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

1eaff293db03120f4ad750f94f9bcec67a455f91dfc70e51abf18f2d9fd5246c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 10-Mar-2022 01:32:07 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.jestspor35.xyz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 392
x-xss-protection: 1; mode=block
expires: Thu, 10-Mar-2022 01:32:07 GMT

GET
DATA 200
OK truncated
/ Frame 2C2E 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame 8F15 43 B
96 B 218ms
218ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:07 GMT
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 10 Mar 2022 02:32:07 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame 8F15 2 KB
2 KB 196ms
196ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!k1iyraxfig&dn=TC&cc=1&r=http%3A%2F%2Fwww.povovu.com%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: e9dcd81a04172ddd986b3eebdcc1c50349dc87e8ea066418372344aa741e8327

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:06 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 1594
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 info.json Show response
cdn.syndication.twimg.com/widgets/followbutton/ Frame 2C2E 240 B
363 B 4ms
2ms Script
application/javascript 192.229.237.101
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/widgets/followbutton/info.json?callback=__twttr.setFollowersCountAndFollowing&lang=tr&screen_names=ligkolik1

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/follow_button.ab4ec33f73214445796a87ce54aee452.tr.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.101 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/72B7) /

Resource Hash

cb623875da98a6d7ccfcbccbd161fae496ccb7574d17ccd6c0c7dfd319ebc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
x-cache: HIT
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
vary: Accept-Encoding
content-length: 186
x-xss-protection: 0
x-response-time: 123
last-modified: Thu, 10 Mar 2022 01:32:01 GMT
server: ECS (tkb/72B7)
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: application/javascript;charset=utf-8
expires: Thu, 10 Mar 2022 01:42:07 GMT
cache-control: must-revalidate, max-age=600
x-connection-hash: b1e8a67acfe60da87575a8813e5a104ef4f0c7d911565955fde7f407ac0be1aa
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 4768a358fe5b3878
access-contol-allow-origin: platform.twitter.com

GET
H2 200 jot
syndication.twitter.com/i/ Frame 2C2E 43 B
169 B 123ms
123ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.povovu.com%2F%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1646875927045%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2243d7a3f%3A1449607660032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/follow_button.ab4ec33f73214445796a87ce54aee452.tr.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Thu, 10 Mar 2022 01:32:07 GMT
server: tsa_m
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 24ceaeb6cd5d68f18341d76f406555432be85d99a37898c739213958d861f944
x-transaction: a2292cad5372e0c5
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

27519 Show response
tags.bluekai.com/site/ Frame 7FB2
Redirect Chain

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1646875927036.5&r=true
https://tags.bluekai.com/site/27519?id=119007412593016&ret=html&random=1646875928

71 B
765 B

113ms
112ms

Document
text/html

23.2.3.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/27519?id=119007412593016&ret=html&random=1646875928
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!k1iyraxfig&dn=TC&cc=1&r=http%3A%2F%2Fwww.povovu.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.3.44 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-3-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: about:blank

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: af1
Date: Thu, 10 Mar 2022 01:32:08 GMT
Connection: keep-alive

Redirect headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01-Jan-70 00:00:01 GMT
x-33x-status: 400000000040080C
server: 33XP004
location: https://tags.bluekai.com/site/27519?id=119007412593016&ret=html&random=1646875928
content-length: 0
date: Thu, 10 Mar 2022 01:32:07 GMT

GET
H2 200 /
p.adsymptotic.com/d/px/ Frame 8F15 43 B
131 B 83ms
80ms Image
image/gif 104.18.101.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=http%3A%2F%2Fwww.povovu.com%2F&_puuid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&_rand=1646875927036.1
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e984b70680080f6-NRT
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

GET
H/1.1

204
No Content

669571665044954898
map.go.affec.tv/map/an/ Frame 8F15
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&ts=1646875927036.2
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D622955bced7a1b000192b06a%26chc%3Dtt%26floc%3D%26redirect_url%3D
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D622955bced7a1b000192b06a%2526chc%253Dtt%2526floc%253D%2526redirect_url%253D
https://map.go.affec.tv/map/an/669571665044954898?ch=622955bced7a1b000192b06a&chc=tt&floc=&redirect_url=

0
683 B

75ms
75ms

Image
text/html

46.137.210.206

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/an/669571665044954898?ch=622955bced7a1b000192b06a&chc=tt&floc=&redirect_url=
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 46.137.210.206 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:30:18 GMT
Content-Encoding: gzip
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html

Redirect headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 01:32:07 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 592.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 6125ccea-2ade-4f9b-8b58-2e4bd5f2ab35
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://map.go.affec.tv/map/an/669571665044954898?ch=622955bced7a1b000192b06a&chc=tt&floc=&redirect_url=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame 8F15
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&random=1646875927036.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fap...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&random=1646875927036.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.ne...
https://dpm.demdex.net/ibs:dpid=540&dpuuid=3aa59f06-a747-45b6-b391-3d3eec059664&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=3aa59f06-a747-45b6-b391-3d3eec059664&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=35163451030643850391041060649203553490&pt=3aa59f06-a747-45b6-b391-3d3eec059664%2C

95 B
430 B

37ms
37ms

Image
image/png

107.178.244.193

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=35163451030643850391041060649203553490&pt=3aa59f06-a747-45b6-b391-3d3eec059664%2C

Requested by

Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html

Protocol

Server

107.178.244.193 -, , ASN (),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 01:32:07 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

DCS: dcs-prod-tyo3-2-v027-0b58dc977.edge-tyo3.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: qFMCKbKXRgg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=35163451030643850391041060649203553490&pt=3aa59f06-a747-45b6-b391-3d3eec059664%2C
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

405716.gif
idsync.rlcdn.com/ Frame 8F15
Redirect Chain

https://dp2.33across.com/ps/?pid=1205&random=1646875927036.4&r=true
https://idsync.rlcdn.com/405716.gif?partner_uid=211619329485022

42 B
449 B

150ms
135ms

Image
image/gif

35.190.60.146

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/405716.gif?partner_uid=211619329485022
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: H2
Server: 35.190.60.146 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 01:32:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:07 GMT
referrer-policy: unsafe-url
server: 33XP001
x-33x-status: 4000000000004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://idsync.rlcdn.com/405716.gif?partner_uid=211619329485022
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 8F15
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&33random=1646875927036.6&cat=33across
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671
https://d3961020741418490445-t7183919983975593068.id.amgdgt.com/r/telco/tuid/7183919983975593068/duid/3961020741418490445/url/https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D1mpjpn0%26turn_id%3D7183919...
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7183919983975593068&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671

70 B
440 B

8ms
8ms

Image
image/gif

18.177.83.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7183919983975593068&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 18.177.83.12 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-83-12.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:07 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7183919983975593068&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671
Pragma: no-cache
Date: Thu, 10 Mar 2022 01:32:06 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Content-Length: 0
Strict-Transport-Security: max-age=15768000
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

mapuid
secure.adnxs.com/ Frame 8F15
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&random=1646875927036.7&r=true
https://secure.adnxs.com/mapuid?t=2&member=1001&user=117561044139592&seg_code=33x&random=1646875928

43 B
950 B

101ms
100ms

Image
image/gif

103.43.90.179

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/mapuid?t=2&member=1001&user=117561044139592&seg_code=33x&random=1646875928

Requested by

Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html

Protocol

HTTP/1.1

Server

103.43.90.179 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 01:32:08 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 592.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 361f98f9-eace-4faa-81f2-93a84ee26fd2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:08 GMT
referrer-policy: unsafe-url
server: 33XP003
x-33x-status: 402044000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://secure.adnxs.com/mapuid?t=2&member=1001&user=117561044139592&seg_code=33x&random=1646875928
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 8F15
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=%2FMbymGIpVRMycFXvXHnmDg%3D%3D&us_privacy=&33random=1646875927036.8&cat=33across
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D1%26dc_mr%3D1%26dc_orig%3Dc9gd671%26%26referrer_pid%...
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D1%26dc_mr%3D1%26dc_orig%3Dc9gd671%26%26referrer_p...
https://ps.eyeota.net/match?uid=YilVFwAL4ujjIwBB&bid=0rijhbu&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671&_test=YilVFwAL4ujjIwBB

70 B
440 B

5ms
5ms

Image
image/gif

18.177.83.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=YilVFwAL4ujjIwBB&bid=0rijhbu&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671&_test=YilVFwAL4ujjIwBB
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 18.177.83.12 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-83-12.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/sayac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:07 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:07 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646875927.409939,VS0,VE0
x-served-by: cache-itm18820-ITM
x-cache: HIT
location: https://ps.eyeota.net/match?uid=YilVFwAL4ujjIwBB&bid=0rijhbu&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671&_test=YilVFwAL4ujjIwBB
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220303&jk=2876157433711805&bg=!e3ileDzNAAb7UztL-1M7ACkAdvg8WsMJlOe_H6iXb57fr3dkVCh6GmwVPsYRMVBMmgyJ8K4itVqhlQIAAAB5UgAAAAJoAQeZAsxPwxPfw7lcpyKQW6ds27-leglyaXh9BPmrI3XxSlotaPDfjmi9TNgx9rJRCOv7TAUHszp2_0FO_ONlyYjVqmgfDJQ8lUCs3QeLtoFOPRnvh3qy_XqWo3cFYQU_kwIWCt-awukdJsXVrrCrjB6Hvw_z7mwygA6MuEGRySmy1YIEYrkjTFqqSlA4wm-3ExIjU8-mKymkrVPPc18_J_31uoTPgbKUIkO0SCttM3SStq1ZBPJQIm40SbbuVZa6PIdfWe_GsDeFDWGSkND-xPtk--w6LrlbSOcWLWjc-7gh5AK-3QqtZj5_1CzEowRDizWJKXRcrk59rIN9fgdqujpe5Mh9lHuk9W01aR5ZySFxNxLxFGkd7vXnSTeRbDLNYjJjqGVnTSkkMhAWVtZcY-TuRHXUPyp4oILX5WjZr8KmzQ08DoTy7pK8oqUayrbDMRSWpoKixZ3es-cYjra4G2z12YkBZRMw-WXAcpSQ_c4L8Wc-yNuMu6BI3z-6Vn8iWp4m69dmjVuP3qsqVMnBjvT0_TLu7g-ZhLwU8O0WXsJBeRLlaDa_749675wBEMawQ0XlaN0UEIrBHk3sl81bMlm9tB-broySOzhigh-Ov7MR0UZYGCg78HLaXFgyLVCpE5Lu4kZTTGKBPuWJC1ReN8SzUrZmqUqF3VysCccF6kZWFF5emOdw1rmzaewDt_tUq8RLIFugg9n88UI8rHoaeoVxX1VE5g0VoI8Mkv0SXoCEOUoBlgbw1iu7ma0wn1mOTletsLj2o8u4b7nU3kIxoJyVEI3oROyRvQM-92UPgzvAFC77hgv909zGUTEzivPVaeYo5jhn9GJSHri4tkgg85yskFqcZLHpjmCYHmoblH88bUbsKLD5mlNcRzlcHneQnroWPfxkbEQtLkvZbsSeO_WRqgdoixdFGIpEGa7Zz1db-UTLR-w8Io3AkPQmNd8jhg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.povovu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 01:32:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ Frame 8F15 0
407 B 174ms
173ms Script
application/javascript 45.55.120.93
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401646875922D12244DA511358CB62&nid=0&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&r=http%3A%2F%2Fwww.povovu.com%2F
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&j=http%3A%2F%2Fwww.povovu.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.120.93 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 00:52:32 GMT
X-T: 1.13
x-server: web12.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Thu, 10 Mar 2022 00:52:31 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 8F15 30 KB
10 KB 2ms
2ms Script
text/javascript 13.225.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&j=http%3A%2F%2Fwww.povovu.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.183.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-183-59.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:33:30 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 86318
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
via: 1.1 cb835650180a67bd468624c6340b9cc6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: NRT57-C4
content-type: text/javascript
x-amz-cf-id: eS1_XRlT2QjZ69ffzoVRutJSxAgKADgOqAQlJa5ESWJZNeO8clqTgQ==

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ Frame 8F15 0
262 B 757ms
253ms Script
application/javascript 51.161.15.93
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=jestspor35.xyz&_ss=3egbc6eg2w&_pv=2&_ls=5&_cc=jp&_pl=d&_b=chrome%4099&_cbid=6nw6&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&j=http%3A%2F%2Fwww.povovu.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.93 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570927.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:08 GMT
X-T: 0.098
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Thu, 10 Mar 2022 01:32:07 GMT

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ Frame 8F15 62 B
425 B 125ms
124ms Image
image/gif 23.2.3.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=10401646875922D12244DA511358CB62&ret=html&phint=__bk_l%3Dhttp%3A%2F%2Fwww.jestspor35.xyz%2Fsayac.html&r=67008031
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.3.44 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-3-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 01:32:07 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 96bb
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

pixel
ps.eyeota.net/ Frame 8F15
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=10401646875922D12244DA511358CB62
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=abb75f1f169dff214b15289b841278c8&gdpr=1
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_co...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b80301e3664a476950561d31cfab4d0f&gdpr=Y&gdpr_consent=${gdpr_consent}
https://pixel.onaudience.com/?partner=190&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3D3b2cb90%26t%3Dgi...
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=3b2cb90&t=gif&uid=8251668b2b2ab71f

0
344 B

6ms
6ms

Image
text/plain

18.177.83.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=3b2cb90&t=gif&uid=8251668b2b2ab71f
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 18.177.83.12 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-83-12.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:09 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=3b2cb90&t=gif&uid=8251668b2b2ab71f
content-length: 0

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 8F15 6 KB
2 KB 3ms
3ms Script
text/javascript 65.9.42.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-109.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: syrhL4HxyQ94RzTlcl0y8HYCMGvvMWLr
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 16:31:37 GMT
server: AmazonS3
age: 1606
etag: W/"5ff42869b876a4eddafd981cab0b8818"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 907f35c342230a570151549d009005d8.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Thu, 10 Mar 2022 01:05:30 GMT
x-amz-cf-pop: NRT12-C5
x-amz-cf-id: CLmogtKuS38CvXBtJtJLm_VbtLKoC-LjfnzTWDe5xgvfZWOHS_TRMg==

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 8F15 41 B
465 B 106ms
106ms Fetch
application/json 209.191.163.208
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 5282818554fe18f49f6250bc4f27b9b89d981a2e280658ad76b28e914f577b61

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://www.jestspor35.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 8F15 41 B
465 B 103ms
103ms Fetch
application/json 209.191.163.208
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 5282818554fe18f49f6250bc4f27b9b89d981a2e280658ad76b28e914f577b61

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://www.jestspor35.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 8F15
Redirect Chain

https://um.simpli.fi/lj_match?r=8833
https://ce.lijit.com/merge?pid=2&3pid=E0FCB75453D44A23872C967F540DB227

43 B
1 KB

102ms
102ms

Image
image/gif

209.191.163.208
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=E0FCB75453D44A23872C967F540DB227
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 01:32:07 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2sfo1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 10 Mar 2022 01:32:07 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=E0FCB75453D44A23872C967F540DB227
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 09 Mar 2022 01:32:07 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ Frame 8F15
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=569cfa46f2865fb71b10f199
https://x.bidswitch.net/sync?dsp_id=42&user_id=

43 B
235 B

78ms
78ms

Image
image/gif

35.213.12.39

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=42&user_id=
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 35.213.12.39 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=42&user_id=
Date: Thu, 10 Mar 2022 01:32:07 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK 59074
i.liadm.com/s/ Frame 8F15 43 B
419 B 169ms
168ms Image
image/gif 54.205.227.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=569cfa46f2865fb71b10f199

Requested by

Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.227.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-227-48.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 01:32:07 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 8F15
Redirect Chain

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_puhttp://www.povovu.com/&_puuid=569cfa46f2865fb71b10f199&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D501...
https://ce.lijit.com/merge?pid=5014&3pid=7739997ed007449b5232496f41c5aa32

43 B
1 KB

105ms
105ms

Image
image/gif

209.191.163.208
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5014&3pid=7739997ed007449b5232496f41c5aa32
Requested by: Host: www.jestspor35.xyz
URL: http://www.jestspor35.xyz/sayac.html
Protocol: HTTP/1.1
Server: 209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.jestspor35.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 01:32:07 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2sfo1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 10 Mar 2022 01:32:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='NON DSP COR CONi OUR BUS CNT'
location: https://ce.lijit.com/merge?pid=5014&3pid=7739997ed007449b5232496f41c5aa32
cf-ray: 6e984b72bbbf80f6-NRT
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/6/data

Domain: connect-metrics-collector.s-onetag.com
URL: https://connect-metrics-collector.s-onetag.com/metrics

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 02:11:07	Name: _li_ss Value:
.dtscout.com/	1970-01-20 01:28:00	Name: m Value: 1
.dtscout.com/	1970-01-20 01:28:13	Name: b Value: 1
.dtscout.com/	1970-01-20 01:28:10	Name: oa Value: 1
.dtscout.com/	1970-01-20 03:51:55	Name: df Value: 1646875922
.dtscout.com/	1970-01-20 03:36:05	Name: l Value: 10401646875922D12244DA511358CB62
.yandex.ru/	1970-01-23 17:03:55	Name: yandexuid Value: 5809984791646875923
.yandex.ru/	1970-01-23 17:03:55	Name: yuidss Value: 5809984791646875923
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2172640871646875923
.yandex.ru/	1970-01-23 17:03:55	Name: i Value: uVgS0qZZHrWEcFy9t8dfJBDp6t19DC9Xn4Aol4JwsylJ5zgev0CggnYmsvamvRynsBwcpwroKUC60dKsRxo0Op1hnk4=
.yandex.ru/	1970-01-20 10:13:31	Name: ymex Value: 1962235923.yrts.1646875923#1962235923.yrtsi.1646875923
.tynt.com/	1970-01-20 10:13:31	Name: uid Value: /MbymGIpVRMycFXvXHnmDg==
.tynt.com/	1970-01-20 03:37:31	Name: pids Value: %5B%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1646875923399%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1646875923399%7D%5D
.eyeota.net/	1970-01-20 10:13:31	Name: mako_uid Value: 17f7174541c-7830000010e523c
.eyeota.net/	1970-01-20 01:27:56	Name: SERVERID Value: 21052~DM
.lijit.com/	1970-01-20 10:13:31	Name: ljt_reader Value: 569cfa46f2865fb71b10f199
.dtscdn.com/	1970-01-20 05:45:41	Name: uid Value: 10401646875922D12244DA511358CB62
.onaudience.com/	1970-01-20 10:13:31	Name: cookie Value: 8d5f073a21b0d6f0
.onaudience.com/	1970-01-20 01:29:22	Name: done_redirects219 Value: 1
.doubleclick.net/	1970-01-20 18:59:07	Name: IDE Value: AHWqTUnMf3UOHH0oZt92chZXbAMGj-pdsRQZNO0h61gh1G_bxMI7ExyIuvMhwbcwPoM
.adsymptotic.com/	1970-01-20 03:37:31	Name: U Value: 7739997ed007449b5232496f41c5aa32
.crwdcntrl.net/	1970-01-20 07:56:42	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 07:56:42	Name: _cc_id Value: b80301e3664a476950561d31cfab4d0f
.simpli.fi/	1970-01-20 10:14:58	Name: suid Value: E0FCB75453D44A23872C967F540DB227
.lijit.com/	1970-01-20 10:13:31	Name: _ljtrtb_5014 Value: 7739997ed007449b5232496f41c5aa32
.lijit.com/	1970-01-20 10:13:31	Name: _ljtrtb_2 Value: E0FCB75453D44A23872C967F540DB227
.liadm.com/	1970-01-20 18:59:07	Name: lidid Value: 549d6326-5752-4821-b880-92e8985ae9d3

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EwrTdl5Q4lKlz1Tn54Gy-FP362gz88sOwzszTkIM356Qtp-MBlflP0zQxQDxMEhmLWBh-9rFqwZGvzqlU-X25lQMjBETwT-sBF0Sbfj4VRnMLFyGJgRHAKKmXlB1meteeUNLxizS6eB89A60T1sWYR0CGeVrP0Lkw8=w680 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EypccecdWIoiHegXc5tObtSb_HCfGpeg31MnKdFhHpIy4F3Q1TBHeiw3ry1bW_pwHA3uZy5YWACVnYs1ktAydTiR6wew-lMmUUDjU_zvqR18dM=w680 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4Ew0nybAaGlHs8cRG3p5dlnlQUlaALiTy56T-Fm7-ubpvpIBevoWcM_zhRBYm3oEuVDI0bOJttFaKeA3Y_S9-fTchUEYqkUynVl9Q8bOToYG6mS8tFZ4awlxUCKVsjhudnqBXbKCBtqhiUBtGaaIX5wVzP32NnUDKPpo4PJR3PdKQO-gmvIQcGdiW8v0qSQFVKnDrhliX5ihbSAr9P0DnpTQB1FC_bvuJLADaq3ZzBMIo5_1Q6Gp59HWJYRCVbDBCN_FcfSLODi5MVNDlhaTQng7P2INnsa6WWaBKdkUWDdmbgfX8ibmAQVmOPKPIGRE_FfJ_eO6=w680 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9832462885799500&output=html&adk=3823276793&adf=47290185&lmt=1646863230&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.povovu.com%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&dt=1646875926012&bpp=3&bdt=5731&idt=239&shv=r20220303&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3049301146992&frm=20&pv=2&ga_vid=843372225.1646875926&ga_sid=1646875926&ga_hid=145969004&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774%2C44758396%2C31065469%2C31065574%2C31063246&oid=2&pvsid=2876157433711805&pem=567&tmod=594382338&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=253 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
4.bp.blogspot.com
adservice.google.co.jp
adservice.google.com
ajax.googleapis.com
ap.lijit.com
bcp.crwdcntrl.net
cdn-tc.33across.com
cdn.bolgegundem.com
cdn.syndication.twimg.com
cdn.tynt.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
connect-metrics-collector.s-onetag.com
connect.facebook.net
d.turn.com
d3961020741418490445-t7183919983975593068.id.amgdgt.com
data-beacons.s-onetag.com
de.tynt.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
fonts.gstatic.com
football-italia.net
get.s-onetag.com
googleads.g.doubleclick.net
i.liadm.com
i2.milimaj.com
i6.liadm.com
iaftm.tmgrup.com.tr
ic.tynt.com
icons.iconarchive.com
idsync.rlcdn.com
img.fanatik.com.tr
lh3.googleusercontent.com
loada.exelator.com
map.go.affec.tv
mc.yandex.ru
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
p.adsymptotic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.onaudience.com
pixel.tapad.com
platform.twitter.com
povovu.com
ps.eyeota.net
secure.adnxs.com
spl.zeotap.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
syndication.twitter.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
waust.at
whos.amung.us
www.blogger.com
www.facebook.com
www.google-analytics.com
www.google.com
www.jestspor27.xyz
www.jestspor35.xyz
www.povovu.com
x.bidswitch.net
bcp.crwdcntrl.net
connect-metrics-collector.s-onetag.com
103.43.90.179
104.18.101.194
104.18.15.222
104.18.29.199
104.244.42.8
107.178.244.193
109.236.91.24
13.225.183.59
151.101.130.49
161.202.200.118
172.217.161.66
172.217.175.66
18.177.83.12
18.65.191.13
18.65.200.60
185.102.219.172
192.229.237.101
2001:4de0:ac18::1:a:2b
2001:df2:a300:bbbb::136
209.191.163.208
23.2.3.44
2404:6800:4004:80a::200a
2404:6800:4004:80b::2002
2404:6800:4004:80c::2001
2404:6800:4004:812::200e
2404:6800:4004:813::2002
2404:6800:4004:81c::2002
2404:6800:4004:81c::2009
2404:6800:4004:81e::2002
2404:6800:4004:820::2001
2404:6800:4004:822::2001
2404:6800:4004:823::2003
2404:6800:4008:c01::9b
2600:1f18:444a:4680:6bbe:49e:bc45:59
2606:2800:248:2f:1d8a:787:dc7:17df
2606:4700:10::ac43:185c
2606:4700:10::ac43:db6
2606:4700:20::681a:ae6
2606:4700:20::ac43:4739
2606:4700:3033::6815:5224
2606:4700:3033::ac43:df71
2606:4700:3035::6815:5cf6
2606:4700:3038::6815:e9b6
2606:4700::6810:125e
2607:f8b0:4007:814::2004
2a02:6b8::1:119
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
3.114.95.219
31.210.76.116
35.190.60.146
35.213.12.39
45.55.120.93
46.137.210.206
50.116.239.150
51.161.15.93
51.222.80.231
52.198.93.235
52.220.230.137
54.169.112.177
54.205.227.48
65.9.42.109
67.202.105.24
67.202.105.32
67.202.94.94
99.84.128.57
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02271fa02eef799a926e06e0c06f551258ed86817d5c6d3e5ed5c14f14e220e9
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
10879c90d675623954d308fa8d34ab038c915646aa4167764fd8bb02804cbbf9
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
17d7c3242a0cb155383308fb2ce1961ecc904e1914019d74e807bf64b909f4fd
17f823ac162252af2b01de24c6d0c438d724a1f5ec80cdb15e3632d829160fa6
1a0f0322dfe91f9af8ddcfb7e3253822bab9b946d28051078877bdb2a0e0378a
1b85c1266ea938348ef49b3d7d5c3ea925581d597438f856029e1849540b6e7a
1eaff293db03120f4ad750f94f9bcec67a455f91dfc70e51abf18f2d9fd5246c
202443d6ff9c3ce999f86e0e8da214066bb52146b65ccc12dc0f7e0b8cc09cb2
2221b570f47d77db7465b55907eddc1295c1a78ce43d36d2e6db2089140b6669
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
2bc62aebc064a2d24c9c50af2f85de93973592b120c9e1338f4fe298dfbe8759
31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775
32596229238340542bdbd8d48dcc8daae2dbf2d690b7c90e827a2e12d7a4c759
36f73cc16215cbe3d8bdc1e2db6d11781a4b8478eebb4f3641ad398013d625cd
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3aa6afc797b942447a614ba707e8c758522594248a1a928dee12e9a37e8e30be
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4839674605c49e028318f8997f7ca67ff4b0efa975a815e1e2077ada3b6f9700
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca334cf28ac966435f9763f1ede938f1f8d497c486ba7709cec68be18089e68
5036ec69fdb369374fe25352d1803d66abd38eeb1913c3b39db578ef82b31b9c
5282818554fe18f49f6250bc4f27b9b89d981a2e280658ad76b28e914f577b61
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558ac11c3acec0a7402b6ce6b23b3b45e292a6f8ad5a1922936ac27eef037fbd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5613cf991b6c4e786acb1641f29398c55c0b9d6a5eba767b0dfdec9a6b3250ac
5640e2177d8a24c6aef1d923c981591689205237b9c2fcba5215d10aa7bcf52e
58fb09b6f1d7a929735c307d8ffc043fffe39e5b031ed1e411c75d105e7e9ba2
59314372ce656ec81c1bc860851debd7b1e54572fe8543597feccbd8e4cc6766
5e61fbd650dbc740263f431b77f1d17a11cda8421f65058e11bfb927105bbc1a
5f24e217dfe6ccadfbb27563f70339233f5096913cd814377510bdc242014661
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
678ba9b9bf2d137aa1d3ed8b3250dfc2549eaf9a239b0e8a79f2bb698bead22b
68a7091a9a6d2d109e25b1f1b1e9079bde772919372b8a8b990ac113590b0e31
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b940385a1b41e83b570892b20ef145168d1d9fa19a7d3c816d4d645338ea128
6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
80d405e729c9963fbe210196f78da6a44e841db7dba7b167cf2c0bd252a03de0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844ad217e9032e6bcd0b56136d25613de254b0caabe8c05a69c9cfb0ea7c7abe
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f
8b676577446b599c91115b2d52fd095b5c1950ea9fb9e1a480de5d90aa5ce664
904a8c9607dfaf83a5667244b1b2c73b8f08eac4739eab39e67d112d2c4f981b
920fbbeffb167f3922f614bc4868d5ebae78ed7c6688e710e11e4e1102d48c45
93e8a240b7efcef086b5c8b106d62dd0d5c004b12551ce8b89734e6f757202fd
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9dc17bc7f94a9a0bf143209238071bd143916408d79b59fa6f98c7b3d824d2a5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3a3a24d9f6c5801802bcc169863fac1cf7c3f090765e6e2c2e95ab6a2b80b09
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a85bd45b6a028d6be43f3849c12d41e59d3c72bd5fec88a990cd4b4600a0270a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ea3839b1f507055e0fb556cbd4c31f0466b82262c7303ba3f4adb19341179a
b9d8ea031a330add9781fc795e3eb65238b4f3501647ea40558035d5d5fad268
bad0a9ce9d64f890de33ad16af3fa09e06d978cdc6ac4f0081f0d994a592f0c2
bd5c0f48584cad1b8981dcc75465e246eb15994c9434b1790cdad08649086fd2
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c041d864dffcd398bc7c5840a45ba54fcc39152fbcc71c10f5d801e97647790b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c250c380e0accabb2dfc9a70334cdc20002ecc19627011cd077ba2126c48b433
c5f24c182eb56a8a12d3bb1ff937169927ce271dec6da71c82a590a03101fcec
c5f5fafca53e303f739660340b7354ea21f79ccb6f80aed85f4110c941b6cfc9
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caf7bae99d268cee26386493cc71624f91385fa30f844321ca876dacadbee11e
cb623875da98a6d7ccfcbccbd161fae496ccb7574d17ccd6c0c7dfd319ebc3ee
cbb15e8ebe5967ed635ee9309cfafa1833ab56249c41b08fca5f0aad9182e9a9
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7718afebcc24c5e2066e5b3615d60743faa77088cf62b8d6a0a48cde9eb8536
d8749bf897f2e4ee34ad92ec866f5042c22a4593cbc47fad1a17fa345c744c1b
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df7a43d0bfdb58f41d72b02a1e12ef6decf1b9068c0757636471d94f0e8039e7
dfded89e19833c263d40062f2b680990c9d595b10afa3d840898febc6c159457
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4adc260fa5bff268e2359ba73814e154d7e3cd828dd946b8076d6b5129218a3
e54c9c1b9a353477bc1d9923202bea3655ddf238344f2001c23cf0312539b257
e725e43a8e0661261ff8f16ce5d21d2c4b56c0e7a5c7fcee62fe439ef66ee813
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
e9dcd81a04172ddd986b3eebdcc1c50349dc87e8ea066418372344aa741e8327
eb463ae79e70866c2dbc9131cbfb5e68b7ee1b48f29ea76b4ecf9b13b1f47ab6
ed6b300e722daf442297d3344c86d8895323cf3f67bceea558b2143129aa819d
edc5e8698a9f51960e950dfb8d0f91007b2a2ced46d724707b8dfae1715acaa0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f027d46165baa8494d1c0411947c7bf7b96c246d27ff428928d597c7a4f91d7c
f02c52b6a170a719d6c0e2c1021588134c7392ff874f2ac95774682623e82633
f20995a4b6502c406eeeb1f21cc5e26fcc8fb8f3d6968d6b66fb628abfef1e39
fd7739e2674c5fe13e0a51140a51189b82c5bbaf087c18a04d30b62fad9648a8

www.povovu.com Open in urlscan Pro 2606:4700:3033::ac43:df71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

151 Requests

74 %HTTPS

44 %IPv6

54 Domains

73 Subdomains

57 IPs

8 Countries

3035 kBTransfer

5387 kBSize

27 Cookies

16 Outgoing links

Page URL History

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.povovu.com Open in urlscan Pro
2606:4700:3033::ac43:df71 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

74 %
HTTPS

44 %
IPv6

54
Domains

73
Subdomains

57
IPs

8
Countries

3035 kB
Transfer

5387 kB
Size

27
Cookies

151 HTTP transactions
5 data transactions