arsiv.mackolik.com Open in urlscan Pro
147.135.15.116 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mackolik.com/
Effective URL:
http://arsiv.mackolik.com/Default.aspx
Submission: On May 05 via manual (May 5th 2021, 6:33:31 am UTC) from TR

Summary HTTP 302 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 39 domains to perform 302 HTTP transactions. The main IP is 147.135.15.116, located in United States and belongs to OVH, FR. The main domain is arsiv.mackolik.com.

This is the only time arsiv.mackolik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.42.236.147 185.42.236.147	199710 (PERFORM-AS) (PERFORM-AS)
1 1	2.16.186.91 2.16.186.91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
78	147.135.15.116 147.135.15.116	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3033::ac43:9ddd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	74.91.19.202 74.91.19.202	33387 (NOCIX) (NOCIX)
1 2	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
16	195.244.38.50 195.244.38.50	43391 (NETDIREKT-AS) (NETDIREKT-AS)
3 6	217.182.200.20 217.182.200.20	16276 (OVH) (OVH)
1 4	65.9.84.4 65.9.84.4	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
14	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2	89.187.169.122 89.187.169.122	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	217.182.200.19 217.182.200.19	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	185.59.220.199 185.59.220.199	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 21	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:120... 2a02:26f0:120::211:7929	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	2.18.232.159 2.18.232.159	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	13.224.111.44 13.224.111.44	16509 (AMAZON-02) (AMAZON-02)
3 9	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
4	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1	54.229.148.178 54.229.148.178	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	65.9.84.103 65.9.84.103	16509 (AMAZON-02) (AMAZON-02)
1 5	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
1	13.224.111.108 13.224.111.108	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	3.120.242.149 3.120.242.149	16509 (AMAZON-02) (AMAZON-02)
1	3.214.24.215 3.214.24.215	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	3.124.79.200 3.124.79.200	16509 (AMAZON-02) (AMAZON-02)
18	143.204.202.49 143.204.202.49	16509 (AMAZON-02) (AMAZON-02)
2 3	54.229.26.200 54.229.26.200	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:210... 2600:9000:2104:3800:1a:7c92:efc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
16 32	2606:4700:20:... 2606:4700:20::ac43:49e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
302	55

1 185.42.236.147 (United Kingdom) 1 redirects

ASN199710 (PERFORM-AS, GB)

mackolik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.91 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-91.deploy.static.akamaitechnologies.com

www.mackolik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

78 147.135.15.116 (United States)

ASN16276 (OVH, FR)
PTR: us-s5.cubecdn.net

arsiv.mackolik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.cdn.md	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
im.cdn.md	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::ac43:9ddd (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.eksiup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 74.91.19.202 (United States)

ASN33387 (NOCIX, US)
PTR: e-liotiazoon.com

hm.cdn.md	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.99.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 195.244.38.50 (Izmir, Turkey)

ASN43391 (NETDIREKT-AS, TR)

run.admost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.admost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.182.200.20 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl

tr.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.84.4 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.187.169.122 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-89-187-169-122.cdn77.com

js.duhnet.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.182.200.19 (France)

ASN16276 (OVH, FR)
PTR: gcm5.host.hit.gemius.pl

str.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.199 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-199.datapacket.com

admost-banner.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:120::211:7929 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

daznplayervod.daznservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-159.deploy.static.akamaitechnologies.com

images.performgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)

d17e0d8d4491a0f07466b9b191de90ef.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.dimml.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.111.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-44.mad50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.36 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.165 (Lingenfeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.148.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-148-178.eu-west-1.compute.amazonaws.com

baltar.dimml.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.103 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 144.76.104.53 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal900022.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.111.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-108.mad50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.242.149 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-242-149.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.24.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-24-215.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.79.200 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 143.204.202.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-49.fra53.r.cloudfront.net

randiul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.229.26.200 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-26-200.eu-west-1.compute.amazonaws.com

ti.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:3800:1a:7c92:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:20::ac43:49e4 (United States) 16 redirects

ASN13335 (CLOUDFLARENET, US)

hb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
93	cdn.md cm.cdn.md im.cdn.md hm.cdn.md	625 KB
43	googlesyndication.com 1 redirects 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com tpc.googlesyndication.com d17e0d8d4491a0f07466b9b191de90ef.safeframe.googlesyndication.com pagead2.googlesyndication.com	158 KB
32	adpone.com 16 redirects hb.adpone.com	1 MB
26	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	335 KB
18	randiul.com randiul.com	177 KB
16	admost.com run.admost.com go.admost.com	19 KB
14	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com encrypted-tbn1.gstatic.com	315 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net hal900022.redintelligence.net	57 KB
8	gemius.pl 3 redirects tr.hit.gemius.pl str.hit.gemius.pl	32 KB
6	twitter.com platform.twitter.com syndication.twitter.com	150 KB
6	googleapis.com ajax.googleapis.com imasdk.googleapis.com fonts.googleapis.com	486 KB
5	tradetracker.net 2 redirects ti.tradetracker.net static.tradetracker.net	113 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	googletagservices.com www.googletagservices.com	169 KB
5	google.com adservice.google.com www.google.com	797 B
4	dimml.io cdn.dimml.io baltar.dimml.io	9 KB
4	facebook.com www.facebook.com	145 KB
4	google-analytics.com www.google-analytics.com	38 KB
4	scorecardresearch.com 1 redirects b.scorecardresearch.com sb.scorecardresearch.com	5 KB
4	eksiup.com cdn.eksiup.com	12 KB
4	mackolik.com 2 redirects mackolik.com www.mackolik.com arsiv.mackolik.com	24 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	google.se adservice.google.se	1 KB
2	3lift.com 2 redirects eb2.3lift.com	940 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	duhnet.tv js.duhnet.tv	332 KB
2	bluekai.com 1 redirects tags.bluekai.com	984 B
2	cloudflare.com cdnjs.cloudflare.com	4 KB
1	zenaps.com www.zenaps.com	705 B
1	awin1.com 1 redirects www.awin1.com	723 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	937 B
1	advertising.com sync.adaptv.advertising.com	14 B
1	travelaudience.com 1 redirects ads.travelaudience.com	609 B
1	performgroup.com images.performgroup.com	3 KB
1	2mdn.net s0.2mdn.net	17 KB
1	daznservices.com daznplayervod.daznservices.com
1	b-cdn.net admost-banner.b-cdn.net	14 KB
0	netmng.com Failed google2waycm.netmng.com Failed
302	39

	Domain	Requested by
42	im.cdn.md	arsiv.mackolik.com
34	cm.cdn.md	arsiv.mackolik.com
32	hb.adpone.com	16 redirects randiul.com
21	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com googleads.g.doubleclick.net
18	randiul.com	arsiv.mackolik.com randiul.com
17	pagead2.googlesyndication.com	srcdoc securepubads.g.doubleclick.net tpc.googlesyndication.com arsiv.mackolik.com 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
17	hm.cdn.md	arsiv.mackolik.com
15	run.admost.com	arsiv.mackolik.com go.admost.com
14	securepubads.g.doubleclick.net	cdn.eksiup.com securepubads.g.doubleclick.net arsiv.mackolik.com run.admost.com www.googletagservices.com
9	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net arsiv.mackolik.com 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
6	tr.hit.gemius.pl	3 redirects arsiv.mackolik.com
5	hal900022.redintelligence.net	1 redirects 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com hal900022.redintelligence.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	securepubads.g.doubleclick.net 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
4	hal9000.redintelligence.net	91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com hal900022.redintelligence.net
4	encrypted-tbn2.gstatic.com	91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
4	91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	platform.twitter.com	arsiv.mackolik.com platform.twitter.com
4	www.facebook.com	arsiv.mackolik.com www.facebook.com
4	www.google-analytics.com	arsiv.mackolik.com www.google-analytics.com
4	cdn.eksiup.com	arsiv.mackolik.com cdn.eksiup.com ajax.googleapis.com
3	ti.tradetracker.net	2 redirects arsiv.mackolik.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	cdn.dimml.io	arsiv.mackolik.com cdn.dimml.io
3	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.se	securepubads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects arsiv.mackolik.com
2	static.tradetracker.net	hal900022.redintelligence.net 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	x.bidswitch.net	2 redirects
2	encrypted-tbn1.gstatic.com	91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
2	syndication.twitter.com	platform.twitter.com arsiv.mackolik.com
2	googleads.g.doubleclick.net	91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
2	encrypted-tbn3.gstatic.com	91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
2	www.gstatic.com	91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
2	www.google.com	91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
2	fonts.googleapis.com	91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com hal900022.redintelligence.net
2	imasdk.googleapis.com	arsiv.mackolik.com imasdk.googleapis.com
2	str.hit.gemius.pl	arsiv.mackolik.com str.hit.gemius.pl
2	js.duhnet.tv	arsiv.mackolik.com
2	tags.bluekai.com	1 redirects arsiv.mackolik.com
2	cdnjs.cloudflare.com	arsiv.mackolik.com
2	ajax.googleapis.com	arsiv.mackolik.com
2	arsiv.mackolik.com	arsiv.mackolik.com
1	www.zenaps.com	91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
1	www.awin1.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.adaptv.advertising.com	91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	baltar.dimml.io	cdn.dimml.io
1	static.hotjar.com	arsiv.mackolik.com
1	encrypted-tbn0.gstatic.com	91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
1	d17e0d8d4491a0f07466b9b191de90ef.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	images.performgroup.com	arsiv.mackolik.com
1	s0.2mdn.net	imasdk.googleapis.com
1	daznplayervod.daznservices.com	arsiv.mackolik.com
1	admost-banner.b-cdn.net	arsiv.mackolik.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	b.scorecardresearch.com	arsiv.mackolik.com
1	go.admost.com	arsiv.mackolik.com
1	www.mackolik.com	1 redirects
1	mackolik.com	1 redirects
0	google2waycm.netmng.com Failed	91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
302	66

This site contains links to these domains. Also see Links.

Domain
silktide.com
www.mackolik.com
user.mackolik.com
run.admost.com
www.facebook.com
twitter.com
go.admost.com
arsiv.sahadan.com
itunes.apple.com
play.google.com
www.windowsphone.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.admost.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-19` - `2021-12-11`	2 years	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.b-cdn.net Sectigo ECC Domain Validation Secure Server CA	`2020-11-11` - `2021-11-11`	a year	crt.sh
*.google.se GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
san2.daznservices.com DigiCert SHA2 Secure Server CA	`2021-02-02` - `2022-02-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
*.tradetracker.net Amazon	`2021-01-21` - `2022-02-18`	a year	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh

This page contains 36 frames:

Primary Page: http://arsiv.mackolik.com/Default.aspx
Frame ID: 8667C0DE9186DCCA9DB94EAE444B9D02
Requests: 153 HTTP requests in this frame

Frame: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Frame ID: 8D703D2885160EF3A1AB082A7D329D03
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0B9857A9108C9E1556EFB0B3CAB9E185
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Frame ID: A11CFBDCF65724F2FA3CD974312AC460
Requests: 4 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.453.0_tr.html
Frame ID: 7464782AEFA84CDA22BB625B596249E8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 93FFACEEB394B90B7DB14FF8316EEA5D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 370D7415459A2ADEA86398DC5C86DEC2
Requests: 2 HTTP requests in this frame

Frame: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 34D05C69B5A194DC5850DD1CBD6CF70E
Requests: 18 HTTP requests in this frame

Frame: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AC4F59F9AE6780BF27F860885034B021
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNVqPcCy6Hz7sPEDNSD8KJ3FMBpD11ouBpzgyW1CinrWmOSdAa4Fd29LGtpGJJCVCqC5A5b9dWcP5kg4BB11DCaCYqPdOM0bx6mt-kHZ7TDGyLtq8Uk9PxBCxdGk4Xbi-4K7woR2Uwc-E3N-96wVDbTfOgfwfZb7P_hv3KC0nLLZsTr-VgQrtdEq0-6hrOYK7GmTBZrIzp1_YZCAoi3NM5C_jGvIALNVscXtq9cJd_EZu9tLyio
Frame ID: DC5ED983E58CF74B3FDEF1E2EA1F737C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 083F3C703615D33C1F3F86822E633616
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Farsiv.mackolik.com
Frame ID: EE34301299D3B4C05C92E54A818C65EE
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: 929582AC589FAEE8D7C702B2944D6F4B
Requests: 1 HTTP requests in this frame

Frame: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 65E8E7F75FD1AD4E45760D0E75ED525E
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E591CBB52B9D3D903E223FA4EAEE0B08
Requests: 8 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.tr.html
Frame ID: BCB0F5C41C94831A1CBE0496C8815D52
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWa3E5bg5QsQYRaDHpRK45Xvhp-4VpK6-D1bqKTcEGERQVi1J9FuBiqAlQZXkix2u2wWwhB0-fPOf36X-VncxvDK6ULoamxksSdoYN9tHbNK0w81jpBdpDF4fk3wEX86Q5Pn5FTLh5nVELWgPkbXTCxmbPNZ6H5gxo6JgDnt5oBDvYO3N8veMw6mlEdi_uH65g-7YI8Tjd-afI51fLwX8xOKJT2Al5icc0f6-a-13ssXIaLIMWDtD7AJWia41rMSDFZuA_wD82GdlnZ4mlnF-IFZI3kLOuWz_mxUEHXQw-UiCaeUDFd5-vVg-hY_Vsv8IiC59xzrq11zYMU6oOxIDRR2fZu2AdNt16kkvPdauc7Nh8RSLTKeD_Ng&sig=Cg0ArKJSzExcD5yR4D6hEAE&urlfix=1&adurl=
Frame ID: F6641CE87B48159E87179CA6F8C5C249
Requests: 7 HTTP requests in this frame

Frame: https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg
Frame ID: F5BEA2657AC9B136144EDDB9F7AB68DD
Requests: 1 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=17808000042613800044682011585022&a=ba3553a9
Frame ID: 4017FC9EDE5B21AC6DDC059CBF0ED09E
Requests: 9 HTTP requests in this frame

Frame: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=d050c52bdd6883ba985109b9a8c8dbfc8&cb=4698161620196392896
Frame ID: 4B1A4313BD5D3034D2E879796E56C604
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/usersync?i=ojb32u3hlwggqu144yrdx&a=c09dbd0f7246aa15e66d81153fb482b45&cb=7069511620196392898
Frame ID: D562416132AC8D167FDFB1D2A5CAB1B3
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=0ceab00f6aa2fa44097419a12b6178ab3&cb=9872581620196392900
Frame ID: 68980DAB9CCFED1CE86C250FA5D211C6
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/send?i=ojb32u3hlwggqu144yrdx&a=265e42e3ace33c8282484bff3757965b9&cb=0143431620196392901
Frame ID: 5E95E2C431F7E652443EA8E71FFE01CB
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=9cf6e67faca94146d7fa322769bc417d3&cb=0993871620196392903
Frame ID: 8EF1A95D432D664097517673D5C853D6
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=f87e5c8f7cfd18312c8b3d901f50f9d19&cb=2810581620196392904
Frame ID: 2B30A913543D3D6C252C26F06319DE25
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=b024928c8882978034c90387283d126f3&cb=3578831620196392905
Frame ID: FE05F4AB404C28547FD453DC93440CFD
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=eddfcbfb128a526f56e05c92a9b481f47&cb=4519831620196392906
Frame ID: 2CCD8EB7CCB3F6FBDCF41DF121ABE248
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stat?i=ojb32u3hlwggqu144yrdx&a=8532c942a93c6249819307957e97deaf9&cb=7097721620196392907
Frame ID: B8786039D1240890035C16F5483BAEDD
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=c3afc70488875e49613c775c64163c0d1&cb=5015241620196392909
Frame ID: 8E968EA9FB2DA5E216092637BF35758A
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/counter?i=ojb32u3hlwggqu144yrdx&a=52f6a328dbddd0d88897f54da3db11387&cb=7153421620196392910
Frame ID: 39C47A5F0455B80789F39DFF54016285
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=ae7a4d7162c85e5c88a28e14dfee11201&cb=9214861620196392911
Frame ID: 35A4DC9B314F9B944877D9C9632728C5
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=d220d3457426e10bf1c6fcfe7156c3c69&cb=2105971620196392912
Frame ID: 701397D1D3BF642B0793DB0E9DF2E6A8
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stat?i=ojb32u3hlwggqu144yrdx&a=33201c76a9a8497517064f431b42e3517&cb=4729331620196392913
Frame ID: 229253F56B978D0AD5F1A4410600BFAE
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=e07324e7b863c76bb1289590caf138d81&cb=0551991620196392914
Frame ID: 47C27358D39FB53BE277DF49DF61142C
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=372391a348f7da1692060bd764e144639&cb=8916111620196392915
Frame ID: 6C7F4F02A40CBC1F9CFAC3B5FB9EB1AB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 9FAB928AA3771F21383C941651E46976
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mackolik.com/ HTTP 301
https://www.mackolik.com/ HTTP 302
http://arsiv.mackolik.com/Default.aspx Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i

Page Statistics

302
Requests

52 %
HTTPS

50 %
IPv6

39
Domains

66
Subdomains

55
IPs

7
Countries

4702 kB
Transfer

17373 kB
Size

14
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://www.mackolik.com/canli-sonuclar
Title: Maçkolik yeni siteye gitmek için tıklayın.

Search URL Search Domain Scan URL

URL: http://user.mackolik.com/UserPages/destek.aspx
Title: Bize Ulaşın

Search URL Search Domain Scan URL

URL: http://run.admost.com/adx/goto.ashx?pbk=199934-134774-773
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/mackolik
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/mackolik
Title:

Search URL Search Domain Scan URL

URL: http://go.admost.com/adx/goto.ashx?pbk=431704-287982-14421

Search URL Search Domain Scan URL

URL: http://arsiv.sahadan.com/?ref=mackolik
Title: Sahadan.com

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/tr/app/mackolik/id398157427
Title: iPhone

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.kokteyl.mackolik&hl=tr
Title: Android

Search URL Search Domain Scan URL

URL: http://www.windowsphone.com/tr-tr/store/app/mackolik/66e044c6-dc5a-45ed-b097-0ee580c4a1f7
Title: Windows Phone

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mackolik.com/ HTTP 301
https://www.mackolik.com/ HTTP 302
http://arsiv.mackolik.com/Default.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js

Request Chain 52

http://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik HTTP 301
https://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik

Request Chain 81

https://sb.scorecardresearch.com/b?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620196390377&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&c7=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620196390377&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&c7=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&c9=

Request Chain 94

http://tr.hit.gemius.pl/fpdata.js?href=arsiv.mackolik.com HTTP 301
https://tr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com

Request Chain 117

http://tr.hit.gemius.pl/_1620196391004/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=UBSHtl7c2puN4bWIHaGLiEayd8UQsrip7XJX1b4R08n.L7&vis=1 HTTP 301
https://tr.hit.gemius.pl/_sslredir/_1620196391004/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=UBSHtl7c2puN4bWIHaGLiEayd8UQsrip7XJX1b4R08n.L7&vis=1 HTTP 301
https://tr.hit.gemius.pl/__/_sslredir/_1620196391004/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=UBSHtl7c2puN4bWIHaGLiEayd8UQsrip7XJX1b4R08n.L7&vis=1

Request Chain 121

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651 HTTP 307
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651

Request Chain 177

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDHqJbsLhCwCRisAjIIzZEq5ismn3w HTTP 301
https://tpc.googlesyndication.com/simgad/8062960507613485399

Request Chain 201

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0M_Ce0D1YDP3TyG7RFRX8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0M_Ce0D1YDP3TyG7RFRX8&google_cver=1&C=1

Request Chain 202

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJI8KPo46q.3X.vsSmEocQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0M_Ce0D1YDP3TyG7RFRX8&google_cver=1&google_hm=2

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENCJjH2qsfHtGtkx80FxxFM&google_cver=1

Request Chain 204

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc3OTc1NjE2MDE4OTQ4NTYzNg%3D%3D

Request Chain 219

https://hal900022.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=72994c7080&subid=&uid=3148f6764a041ee9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2RYqJzySYJHjL73f7_UPofu6qAOBiOHUYIvY5umWCvAuEAEgupftHmDxhYCA0B_IAQmpAvaddiZ2K7Q-qAMBqgTXAU_QTXStxQBNP5dqewmsfDMdbpFss4B0lflWdCZWZJOkbcxCeAckqxWujge1wtmZwBgj6IzrzTTOUkOmMzyXmqKK5GRU6h6oOnVeCMCCidAQ5b-vO8XX47G2aYqdvvN_uNJx1uDsnwOQRKQW5kz-pmjzv87rrSTojodK-OFraw0EpYNkHK5uHfIu6O5erJKfWO5CLGtBmzqOjod9vM9ApenOedsA7fq7PgM7_4bq10IdqCh7-JhjX87ihqBl1zh51HR0SwvjwaEEt9ifBiVtQEAZj3nzh2nqwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NoAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoOZisRp2G7qopRSeZqK18K6y9gGAUeb4jy4buRIsSNZESeMoggLtfKJnG6IjHMr-uv3fkLxS5wilIREY%26sig%3DAOD64_1jbiyX5onJ6B1jIzqmtY5z5SzNJA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-C0tsErAKNAVqGauI0lsfXzb7EUv2uhypze3lCk7lht63tiCitkxmQ6Bafnto8cqPQhJavJltxvudkZ1a79D-iOgE0XfE256NxDD3IASW-BExzU-OSbUmtfbDqzAzoDCtTp8JQkxRc0R3xmIyMNn0aeWJGkdA%26cry%3D1%26dbm_d%3DAKAmf-CD4nIcLe0axg7y6A40bLUBkXWwnVIb-RLSKOwBb9qxp_8FbCJ8p65Qx-6C1inlMr6GQCyA_oa0MdX1ifNSXelY5YA-PnzR2IsPXKhWoYIIaKPaClR1kcfDVuzzzrS4ZNZkL7H8JLQuiYbsYHAGeARgdCbm2bCBqSPzYMVH4ElxjYDZWTGGW0ivmS6w5igFZUhqs9icfSArXrjfqsmrSysONTiZq1si2pIqsrBCchqSJSw5UAoSb3cA8PlqdFCY5GP7QHiGWMlprHL115AErMCzMC3Gwdj5geT1PB5mMpEPSlqk1bF8BGyuHe--HdOBSaT2Z4b0c4lgHxybK1C3siCG-VjpkkvaXIPielrWIk3x_lJcalu0uG7zmQN-AH9X6kE2QXwkExCeiTCgD3Ry0zWKkv8s4QrJVrlm4LYJNUPApfW548ybWl3wn3-XbYS15aVkWldEZTbfNbofmRjdIPXJQwj-mw%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.mackolik.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.mackolik.com&random=6262312961981&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal900022.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=72994c7080&subid=&uid=3148f6764a041ee9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2RYqJzySYJHjL73f7_UPofu6qAOBiOHUYIvY5umWCvAuEAEgupftHmDxhYCA0B_IAQmpAvaddiZ2K7Q-qAMBqgTXAU_QTXStxQBNP5dqewmsfDMdbpFss4B0lflWdCZWZJOkbcxCeAckqxWujge1wtmZwBgj6IzrzTTOUkOmMzyXmqKK5GRU6h6oOnVeCMCCidAQ5b-vO8XX47G2aYqdvvN_uNJx1uDsnwOQRKQW5kz-pmjzv87rrSTojodK-OFraw0EpYNkHK5uHfIu6O5erJKfWO5CLGtBmzqOjod9vM9ApenOedsA7fq7PgM7_4bq10IdqCh7-JhjX87ihqBl1zh51HR0SwvjwaEEt9ifBiVtQEAZj3nzh2nqwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NoAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoOZisRp2G7qopRSeZqK18K6y9gGAUeb4jy4buRIsSNZESeMoggLtfKJnG6IjHMr-uv3fkLxS5wilIREY%26sig%3DAOD64_1jbiyX5onJ6B1jIzqmtY5z5SzNJA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-C0tsErAKNAVqGauI0lsfXzb7EUv2uhypze3lCk7lht63tiCitkxmQ6Bafnto8cqPQhJavJltxvudkZ1a79D-iOgE0XfE256NxDD3IASW-BExzU-OSbUmtfbDqzAzoDCtTp8JQkxRc0R3xmIyMNn0aeWJGkdA%26cry%3D1%26dbm_d%3DAKAmf-CD4nIcLe0axg7y6A40bLUBkXWwnVIb-RLSKOwBb9qxp_8FbCJ8p65Qx-6C1inlMr6GQCyA_oa0MdX1ifNSXelY5YA-PnzR2IsPXKhWoYIIaKPaClR1kcfDVuzzzrS4ZNZkL7H8JLQuiYbsYHAGeARgdCbm2bCBqSPzYMVH4ElxjYDZWTGGW0ivmS6w5igFZUhqs9icfSArXrjfqsmrSysONTiZq1si2pIqsrBCchqSJSw5UAoSb3cA8PlqdFCY5GP7QHiGWMlprHL115AErMCzMC3Gwdj5geT1PB5mMpEPSlqk1bF8BGyuHe--HdOBSaT2Z4b0c4lgHxybK1C3siCG-VjpkkvaXIPielrWIk3x_lJcalu0uG7zmQN-AH9X6kE2QXwkExCeiTCgD3Ry0zWKkv8s4QrJVrlm4LYJNUPApfW548ybWl3wn3-XbYS15aVkWldEZTbfNbofmRjdIPXJQwj-mw%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.mackolik.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.mackolik.com&random=6262312961981&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 237

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFKCICpVJHBaMkgDhVVnlVw&google_cver=1&google_push=AQvitULtmXH11WasSFGL56h9JKITWvocskANctnzwiT__LqLfOSWWJLHz08kVj7ePTjYHBW0Us1v8jMhc79pIIFqg_mCIJDhSec HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=RIKVMo9KQje65aLhPU3Tkw2&google_push=AQvitULtmXH11WasSFGL56h9JKITWvocskANctnzwiT__LqLfOSWWJLHz08kVj7ePTjYHBW0Us1v8jMhc79pIIFqg_mCIJDhSec

Request Chain 238

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBufWM_2xbIx5EEFlhganl0&google_cver=1&google_push=AQvitUJ0Z2OhwYM9r03Mnlb_d6JXHZb68Ep5GERe5dxN6zT8_2RvzCeEuAf6gWXxtLuKxIxh_-z9Nb967b_jg6JoXHEXe-zygIc HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBufWM_2xbIx5EEFlhganl0&google_cver=1&google_push=AQvitUJ0Z2OhwYM9r03Mnlb_d6JXHZb68Ep5GERe5dxN6zT8_2RvzCeEuAf6gWXxtLuKxIxh_-z9Nb967b_jg6JoXHEXe-zygIc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJ0Z2OhwYM9r03Mnlb_d6JXHZb68Ep5GERe5dxN6zT8_2RvzCeEuAf6gWXxtLuKxIxh_-z9Nb967b_jg6JoXHEXe-zygIc&google_hm=EmGSoQpMQAyBTvEOmRgIyQ==

Request Chain 240

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECch1swT6tLc-SfDmAU4XGE&google_cver=1&google_push=AQvitUJed_VFWvYOpnN6cnSjw71QyRQCoSBFwlpCufG61PtPMWlm_B0ViZ9DgBpczMvTBtR6K_QV-qS6m_rOplk4kOp-n8OWut8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJed_VFWvYOpnN6cnSjw71QyRQCoSBFwlpCufG61PtPMWlm_B0ViZ9DgBpczMvTBtR6K_QV-qS6m_rOplk4kOp-n8OWut8&google_hm=ODYxNDU0NDIyMDQ0MDE5ODEzNQ%3D%3D

Request Chain 241

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENdY0kP7vkOMFyiw-G-a9tw&google_cver=1&google_push=AQvitUKIdzeEuClq2N0y5BwIIhYC0yjqHYE6kAD4eUSDCcbsW23gChc-a7uuGkg-8alv00ZU6HoHw1a3rx-O-nbVreIPFZ8CcAo HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUKIdzeEuClq2N0y5BwIIhYC0yjqHYE6kAD4eUSDCcbsW23gChc-a7uuGkg-8alv00ZU6HoHw1a3rx-O-nbVreIPFZ8CcAo&google_gid=CAESENdY0kP7vkOMFyiw-G-a9tw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzODc5MTQ2NDA5NTk4MDgxNzA%3D&google_push=AQvitUKIdzeEuClq2N0y5BwIIhYC0yjqHYE6kAD4eUSDCcbsW23gChc-a7uuGkg-8alv00ZU6HoHw1a3rx-O-nbVreIPFZ8CcAo

Request Chain 252

https://ti.tradetracker.net/?c=31577&m=1646244&a=157788&r=17808000042613800044682011585022&t=html HTTP 302
https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg

Request Chain 255

https://www.awin1.com/cshow.php?s=2636829&v=12846&q=389131&r=566725&pref1=17808000042613800044682011585022&pv=1 HTTP 302
https://www.zenaps.com/cshow.php?pvr=c43844e1-ad6b-11eb-a946-692d09249d6c&v=12846&r=566725&q=389131&s=2636829&viewref=17808000042613800044682011585022&pv=1

Request Chain 275

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 276

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 281

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 282

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 283

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 284

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 285

https://ti.tradetracker.net/?c=33102&m=1783943&a=157788&r=17808000042613800044682011585022&t=html HTTP 302
https://static.tradetracker.net/se/material_image/35/5a0f5218ee2dad558ebed56f97a5bb2b45316d.png

Request Chain 289

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 290

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 291

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 292

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 293

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 294

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 296

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 297

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 298

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 299

http://hb.adpone.com/prebid_v4_21.js HTTP 301
https://hb.adpone.com/prebid_v4_21.js

Request Chain 300

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css

302 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Default.aspx Show response
arsiv.mackolik.com/
Redirect Chain

http://mackolik.com/
https://www.mackolik.com/
http://arsiv.mackolik.com/Default.aspx

86 KB
19 KB

757ms
691ms

Document
text/html

147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: f52aa41fe57e300903688afc11101a540a97fca44746aa4e1083c6a4648f9731

Request headers

Host: arsiv.mackolik.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: CCAcc (1.0.1/us-s3)
Date: Wed, 05 May 2021 06:33:09 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 05 May 2021 06:34:00 GMT
Last-Modified: Wed, 05 May 2021 06:33:00 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
sloc: 487
Cteonnt-Length: 87859
s: 90
Cache-Control: private
Content-Encoding: gzip
X-US: EXPIRED

Redirect headers

server: AkamaiGHost
content-length: 0
location: http://arsiv.mackolik.com/Default.aspx
cache-control: max-age=0
date: Wed, 05 May 2021 06:33:08 GMT
x-content-type-options: nosniff
content-security-policy: default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data:; connect-src https: wss:; font-src https: data:; media-src https: blob:;
strict-transport-security: max-age=63072000
x-xss-protection: 1
x-frame-options: DENY

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
92 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 05:27:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Age: 3912
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 93435
X-XSS-Protection: 0
Expires: Thu, 05 May 2022 05:27:57 GMT

GET
H/1.1 200
OK jquery-ui-1.8.23.custom.min.js Show response
cm.cdn.md/js5/jquery-ui-1.8.23.custom/js/ 200 KB
51 KB 569ms
144ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/jquery-ui-1.8.23.custom/js/jquery-ui-1.8.23.custom.min.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: c36028122e14e2fdecbec5dcbc95a1c69806bd84f452851c51f4167d4054cfe1

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Sep 2012 09:04:06 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"d7ff178d339acd1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK jquery-ui-1.8.20.custom.css
cm.cdn.md/js5/jquery-ui-1.8.20.custom/css/custom-theme/ 33 KB
7 KB 297ms
248ms Stylesheet
text/css 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/jquery-ui-1.8.20.custom/css/custom-theme/jquery-ui-1.8.20.custom.css
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 71da956c41c2147c988d4d8c98db749c20b9e4f50f51a4a8c665c12c962d54b3

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length: 33346
Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Aug 2012 08:22:24 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "53e64cf03e75cd1:0"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6510
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK jquery.jsonp-2.1.4.js Show response
cm.cdn.md/js5/ 7 KB
3 KB 569ms
140ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/jquery.jsonp-2.1.4.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: c8793509b08afcc3849deecb90ecb38d6ac55937b2035cae4b686f447900100c

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Mar 2016 12:10:55 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"3375d2e5c57ad11:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK jquery.ui.datepicker-tr.js Show response
cm.cdn.md/js5/jquery-ui-1.8.20.custom/development-bundle/ui/i18n/ 882 B
1 KB 569ms
137ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/jquery-ui-1.8.20.custom/development-bundle/ui/i18n/jquery.ui.datepicker-tr.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 1c0ebfe3482cef643ce84216797b38555c84feacc385807066ce1c9d34c12f26

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Last-Modified: Wed, 08 Aug 2012 08:22:26 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "f3f370f13e75cd1:0"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 882
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK jquery.ui.datepicker.css
cm.cdn.md/js5/jquery-ui-1.8.20.custom/development-bundle/themes/custom-theme/ 4 KB
1 KB 291ms
242ms Stylesheet
text/css 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/jquery-ui-1.8.20.custom/development-bundle/themes/custom-theme/jquery.ui.datepicker.css
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 6793b37a48a4b85151458405cf6c5b9e4f18039328cb14fc8e32e29177a08b65

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length: 4088
Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Aug 2012 08:22:25 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "83c221f13e75cd1:0"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1127
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H2 200 rupmackolik.com.arsiv.js Show response
cdn.eksiup.com/api/special/ 7 KB
3 KB 69ms
22ms Script
application/javascript 2606:4700:3033::ac43:9ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eksiup.com/api/special/rupmackolik.com.arsiv.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91365534c6efb0b5b61a167af1e26b5be0cc73a60db9d1cfb898bb2adc6d3bb6

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 55332
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09dcd40e2600000eafae3f0000000001
last-modified: Tue, 04 May 2021 15:10:17 GMT
server: cloudflare
etag: W/"609163d9-1beb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BVm1fCfhs5P7SILZXkhdX2aoENka5yqhm1ZHYudaTy2HXjBKINSbrkYXHejKxgX7oIB9IqH1je1mFB5jPV561YrzDE4RNHHC75D3VrYgNuPJt%2BSNNhoJtqEHQg%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 64a7ef9039290eaf-FRA
expires: Tue, 11 May 2021 15:10:58 GMT

GET
H/1.1 200
OK jquery.autocomplete.min.js Show response
cm.cdn.md/js5/jquery-autocomplete/ 14 KB
5 KB 570ms
138ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/jquery-autocomplete/jquery.autocomplete.min.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: c13f5ac7ae0e10138056f4c238226392ad28e883f78d3e19fb43dcb9c1b58582

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Aug 2012 08:22:24 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"435534f03e75cd1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK script.js Show response
cm.cdn.md/js5/ 28 KB
6 KB 578ms
140ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/script.js?v=1.182
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: b653f066f750ee7c49d7625ecca7cf8c9aa713e7c2aed11255c663b43479d732

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Apr 2020 13:00:48 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"4d135ee38fd61:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK validator.js Show response
cm.cdn.md/js5/ 3 KB
2 KB 691ms
142ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/validator.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: fa589b0dc7e5cbc8fb038114db91bb6ecd872408092a0624fb47e798db79f56f

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Aug 2012 08:22:21 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"e316caee3e75cd1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK UrlHelper.js Show response
cm.cdn.md/js5/Mackolik/ 4 KB
1 KB 706ms
138ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/Mackolik/UrlHelper.js?v=1.182
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 873ebd413711780ef503eb0d9adc5f26a8f1addb18e5b407fb345ec51d61a61e

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Nov 2018 13:02:02 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"824f6d8f6382d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK json2.js Show response
cm.cdn.md/js5/Mackolik/ 17 KB
6 KB 708ms
139ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/Mackolik/json2.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: c1517ff23b17159795e65199e7fc06805bc36c10fe95ef8cd6b696b0fc3b7744

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Sep 2012 12:22:46 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"6aba4c78189bcd1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK User.js Show response
cm.cdn.md/js5/Mackolik/ 11 KB
2 KB 709ms
139ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/Mackolik/User.js?v=1.182
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 8985bad9bc1075a1519bc3cc1baba8fd995256b3f8f6d6a511de5302077a05fd

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 May 2018 11:57:00 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"513f3dfc7af6d31:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK jquery.fancybox-1.3.4.pack.js Show response
cm.cdn.md/js5/jquery.fancybox-1.3.4/fancybox/ 15 KB
6 KB 722ms
141ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/jquery.fancybox-1.3.4/fancybox/jquery.fancybox-1.3.4.pack.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Aug 2012 08:22:22 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"e3b5eeee3e75cd1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK jquery.fancybox-1.3.4.css
cm.cdn.md/js5/jquery.fancybox-1.3.4/fancybox/ 9 KB
2 KB 292ms
244ms Stylesheet
text/css 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/jquery.fancybox-1.3.4/fancybox/jquery.fancybox-1.3.4.css?v=1.182
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 0be4f543ecce71aa0e5096763d2834f52ff57e754e2f549219c3148c17534aab

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length: 9524
Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Aug 2012 08:22:22 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "432fedee3e75cd1:0"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1923
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK jquery.autocomplete.css
cm.cdn.md/js5/jquery-autocomplete/ 845 B
812 B 287ms
240ms Stylesheet
text/css 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/jquery-autocomplete/jquery.autocomplete.css
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 43522c2bf8d77ccab466f6334c7621176e0bcb6fe8604de4f56a2b6f8f615e0d

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Aug 2012 08:22:24 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "4322df03e75cd1:0"
ntCoent-Length: 845
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 447
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK jquery.bxSlider.js Show response
cm.cdn.md/js5/bxslider-1324b6e/source/ 43 KB
9 KB 833ms
142ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/bxslider-1324b6e/source/jquery.bxSlider.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: ff9e832991a492c92de8dca85225f55e5f19b3290292f411c9ef2ba31e59bdee

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Oct 2012 08:16:00 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"8db84a3f6b0cd1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK bx_styles.css
cm.cdn.md/js5/bxslider-1324b6e/bx_styles/ 2 KB
953 B 291ms
243ms Stylesheet
text/css 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/bxslider-1324b6e/bx_styles/bx_styles.css
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: da6abd5cd7d7da4e9caaee5f07b1a613641a2ddb09f0934917fa7b31003c7797

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length: 1554
Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Oct 2012 08:16:00 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "e59dfea2f6b0cd1:0"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 586
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK master.css
cm.cdn.md/css5/ 83 KB
15 KB 297ms
250ms Stylesheet
text/css 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/css5/master.css?v=1.182
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 12bb3a8cbbbbe578fc0e90eae189437733fc4cae4a46679c6e0e5269fde0932e

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length: 84700
Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Nov 2016 12:04:10 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "cc1d9c5f383fd21:0"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK CookieManager.js Show response
cm.cdn.md/js5/Mackolik/ 5 KB
2 KB 843ms
138ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/Mackolik/CookieManager.js?v=1.182
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: a156603d59ff5dfa2ffadffe143de68ce7eb50071ba19a45ccaa2c54d7beb1cc

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Sep 2012 12:22:46 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"b974478189bcd1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK Coupon.js Show response
cm.cdn.md/js5/Mackolik/ 126 KB
22 KB 850ms
142ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/Mackolik/Coupon.js?v=31.182
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: f46774ce119fe427877f181509287b971834830f0b61155e904d123bfce03bfe

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 May 2020 13:12:28 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"71eb82cdba35d61:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK Analytics.js Show response
cm.cdn.md/js5/Mackolik/ 309 B
646 B 847ms
137ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/Mackolik/Analytics.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 98ed689434c165dcaee863a2f9d1880d3c8827f1133a1ff1051e74d2e2b51166

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Last-Modified: Fri, 18 Nov 2016 09:03:36 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "d06d97a57a41d21:0"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 309
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK porthole.js Show response
cm.cdn.md/js5/ 17 KB
5 KB 865ms
141ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/porthole.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 8ec3eb4e98e6667ad6a6ab471e6de5ba7d8bdd2caedde38d888ba5dfaad30599

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Aug 2012 08:22:21 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"131bc8ee3e75cd1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK trivia.css
cm.cdn.md/css5/trivia/css/ 9 KB
2 KB 285ms
136ms Stylesheet
text/css 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/css5/trivia/css/trivia.css?v=1.182
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 1e089fe4af7bafaac381f0e4504e20ec5251795a7024ad64ecbda182d73dd2cb

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length: 9300
Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jul 2013 13:08:13 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "11bf32b0a587ce1:0"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1939
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK notification.css
cm.cdn.md/css5/trivia/css/ 6 KB
2 KB 289ms
137ms Stylesheet
text/css 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/css5/trivia/css/notification.css?v=1.182
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 0f2942b414a2db8e19bc57379fc2292df05dc4fa675979aa7063af6e5fa36d34

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length: 6592
Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jul 2013 13:08:13 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "fbe7efafa587ce1:0"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1539
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK Profile.css
cm.cdn.md/css5/trivia/css/ 24 KB
5 KB 291ms
138ms Stylesheet
text/css 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/css5/trivia/css/Profile.css?v=1.182
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 99b5e9bdcd8b2fe01d9952d123885bbc4d0b9db3c6ac42774e82607ca0bd3147

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jul 2013 13:08:13 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "6671cb0a587ce1:0"
ntCoent-Length: 24139
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5058
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK ProfileButton.css
cm.cdn.md/css5/trivia/css/ 364 B
595 B 292ms
138ms Stylesheet
text/css 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/css5/trivia/css/ProfileButton.css?v=1.182
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 796027d4dba4cd6269e6f40609144c06aaff52be2ae40faa09e8240d19d0215f

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jul 2013 12:20:15 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "aacf3017a79ce1:0"
ntCoent-Length: 364
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 230
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK Tooltip.css
cm.cdn.md/css5/trivia/css/ 7 KB
2 KB 297ms
140ms Stylesheet
text/css 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/css5/trivia/css/Tooltip.css?v=1.182
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: a54bba77b3aeac1b0a38caee5711c2c452e3eac65ae4238f5b0716b9436e6e56

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jul 2013 13:08:13 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "79222b0a587ce1:0"
ntCoent-Length: 6699
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1525
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H/1.1 200
OK Share.css
cm.cdn.md/css5/trivia/css/ 320 B
547 B 409ms
141ms Stylesheet
text/css 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/css5/trivia/css/Share.css?v=1.182
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 1820b768bbed677d552ebb3a64b1141c0c48c64acd3dba9cd63c188ca5c87da9

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jul 2013 13:08:13 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "88bfcb0a587ce1:0"
ntCoent-Length: 320
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 182
Expires: Fri, 04 Jun 2021 06:33:09 GMT

GET
H2

200

cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js

5 KB
2 KB

16ms
16ms

Script
application/javascript

2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cfd819fbd75277ef9c79698e0f96ba2d6a46d1453a7b625f7e4d5d9551322ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749116
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1628
cf-request-id: 09dcd4099c00004a80503cc000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-1207"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bRVHy%2FNPI2IY7b1X28AeT4qdNGi21xry0jYPU2keoHB9aoByk%2BSL5mTwNAFcAqfO6hLch58cV%2FNuHuDNetDRpz1r77nIy4uuc78gC1Mgz0uIIirqYSGvQyYfDyice6%2FwPA%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64a7ef88f9b34a80-FRA
expires: Mon, 25 Apr 2022 06:33:09 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK iddaa-icon.png
im.cdn.md/img5/ 2 KB
2 KB 561ms
141ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/iddaa-icon.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: b08835e0e96d0237ab2ed9d316a032b5219ed5b68c201cca1eb48180aa13149e

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "91468aa34b81cd1:0"
Last-Modified: Thu, 23 Aug 2012 16:23:32 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1648

GET
H/1.1 200
OK opta_logo.png
im.cdn.md/img5/ 3 KB
4 KB 561ms
141ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/opta_logo.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 5d0070afe85ad97f374bb2c0e442853497a1c9aba921a320c7667ffc3cd6d34a

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "ae6b7bbd5c41d01:0"
Last-Modified: Thu, 05 Feb 2015 15:59:36 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3509

GET
H/1.1 200
OK galleryview.css
cm.cdn.md/css5/ 2 KB
1 KB 139ms
138ms Stylesheet
text/css 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/css5/galleryview.css?v=1.20.06
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: a91d2339b87d400657d27011d1e418ad9e65d7d60727101a64f12278b42f5412

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Sep 2012 12:22:42 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "e2a8e76189bcd1:0"
ntCoent-Length: 2168
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 961
Expires: Fri, 04 Jun 2021 06:33:10 GMT

GET
H/1.1 200
OK jquery.galleryview-1.1.js Show response
cm.cdn.md/js5/jquery-galleryview-1.1/ 25 KB
5 KB 142ms
141ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/jquery-galleryview-1.1/jquery.galleryview-1.1.js?v=1.20.06
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: ccfbcccdd761f6901f9c2225e022cc7fd07f82a15df3170c210996e9d6cae089

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Jul 2013 11:37:55 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"6e9e23ea1882ce1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:10 GMT

GET
H/1.1 200
OK jquery.timers-1.1.2.js Show response
cm.cdn.md/js5/jquery-galleryview-1.1/ 3 KB
2 KB 143ms
141ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/jquery-galleryview-1.1/jquery.timers-1.1.2.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: e9ef8c5630768eac23544ef13c37e2158f1508b43657a11f482c6dbdf2ffad79

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Aug 2012 08:22:24 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"53ed36f03e75cd1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:10 GMT

GET
H/1.1 200
OK jquery.easing.1.3.js Show response
cm.cdn.md/js5/jquery-galleryview-1.1/ 8 KB
2 KB 164ms
139ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/jquery-galleryview-1.1/jquery.easing.1.3.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Aug 2012 08:22:24 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"53ed36f03e75cd1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:10 GMT

GET
H/1.1 200
OK manchester-city-gol-sevinci-05042021-b.jpg
hm.cdn.md/img/haberbuyuk/m/ 62 KB
63 KB 385ms
303ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haberbuyuk/m/manchester-city-gol-sevinci-05042021-b.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: fc4c88210236fb8e2e96c0e8b048470b77b6a6067a20c8d1a18e0b94085b06e2

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "90d1a3852841d71:0"
Last-Modified: Tue, 04 May 2021 21:00:32 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63871
Expires: Fri, 04 Jun 2021 06:33:10 GMT

GET
H/1.1 200
OK anadolu-efes-real-madrid-05042021-b.jpg
hm.cdn.md/img/haberbuyuk/a/ 54 KB
54 KB 385ms
303ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haberbuyuk/a/anadolu-efes-real-madrid-05042021-b.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: 87067822b7a1880e918f8d8648a8df3bbc9ac01c1fb0cec2aefa15e8f5751ec8

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "b033ed191441d71:0"
Last-Modified: Tue, 04 May 2021 18:34:22 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55316
Expires: Fri, 04 Jun 2021 06:33:10 GMT

GET
H/1.1 200
OK berat-ozdemir-trabzonspor-05032021-b.jpg
hm.cdn.md/img/haberbuyuk/b/ 26 KB
26 KB 389ms
308ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haberbuyuk/b/berat-ozdemir-trabzonspor-05032021-b.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: 7709df895a6a66348aaf1b8045c84eb9032075ec9e2f94ef03a2ca03b01c35f9

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "10dc701ffb40d71:0"
Last-Modified: Tue, 04 May 2021 15:35:33 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26588
Expires: Fri, 04 Jun 2021 06:33:10 GMT

GET
H/1.1 200
OK fenerbahce-beko-05042021-b.jpg
hm.cdn.md/img/haberbuyuk/f/ 60 KB
60 KB 388ms
308ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haberbuyuk/f/fenerbahce-beko-05042021-b.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: 2ae616d31a32c6165ddfddf11e118e38937392c395711393f7528b69ae6f4cb9

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "90b53064641d71:0"
Last-Modified: Tue, 04 May 2021 16:56:13 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61109
Expires: Fri, 04 Jun 2021 06:33:10 GMT

GET
H/1.1 200
OK JoseMourinho_TottenhamHotspur_2020-21_k.jpeg
hm.cdn.md/img/haber/J/ 17 KB
18 KB 341ms
303ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haber/J/JoseMourinho_TottenhamHotspur_2020-21_k.jpeg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: 99e55b7c506804ba286a8b3e3ad537d7a92b2938a500a6d74752df22b2a4aa3e

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "1050eb756519d71:0"
Last-Modified: Mon, 15 Mar 2021 06:35:59 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17573
Expires: Fri, 04 Jun 2021 06:33:10 GMT

GET
H/1.1 200
OK chelsea_08022021k.jpg
hm.cdn.md/img/haber/c/ 6 KB
6 KB 334ms
302ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haber/c/chelsea_08022021k.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: 1cac081799a0f288c62d4ad60a40e417f74dc3e3a1768d04f7a03de722cca911

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "c03741bcf2fdd61:0"
Last-Modified: Mon, 08 Feb 2021 08:16:43 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5884
Expires: Fri, 04 Jun 2021 06:33:10 GMT

GET
H/1.1 200
OK dembaba_basaksehir_aa_08112020_K.jpg
hm.cdn.md/img/haber/d/ 20 KB
20 KB 453ms
167ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haber/d/dembaba_basaksehir_aa_08112020_K.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: 7be05514fe338ed6cfbab82e994319ab6bab03cc038a24e6e6bbf99980e9e5f2

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "03e84184eb8d61:0"
Last-Modified: Wed, 11 Nov 2020 17:14:21 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20201
Expires: Fri, 04 Jun 2021 06:33:11 GMT

GET
H/1.1 200
OK ansufati_barcelona_valencia_091419_k.jpg
hm.cdn.md/img/haber/a/ 8 KB
8 KB 177ms
167ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haber/a/ansufati_barcelona_valencia_091419_k.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: e85ed70f54fcdcdbf8739151b7398df3e8bcb38f4afd38dba0e6ac802dd30995

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "c08b49933f6bd51:0"
Last-Modified: Sat, 14 Sep 2019 21:01:27 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7908
Expires: Fri, 04 Jun 2021 06:33:10 GMT

GET
H/1.1 200
OK javi-martinez-bayern-2019-k.jpg
hm.cdn.md/img/haber/j/ 5 KB
6 KB 317ms
167ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haber/j/javi-martinez-bayern-2019-k.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: e471e87ed4beab1580036363f9cf3a9877751cacbffa0bab58b83cc6cf944f8b

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "40d139f86d99d61:0"
Last-Modified: Sat, 03 Oct 2020 10:14:24 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5453
Expires: Fri, 04 Jun 2021 06:33:11 GMT

GET
H/1.1 200
OK mustafa-yumlu-rizespor-05042021-k.jpg
hm.cdn.md/img/haber/m/ 8 KB
9 KB 330ms
170ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haber/m/mustafa-yumlu-rizespor-05042021-k.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: 113939c820b3432933472ce3a627acd88c9ff77b7ed47b57c8e23a48edd347a0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "d06797b9fd40d71:0"
Last-Modified: Tue, 04 May 2021 15:54:11 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8377
Expires: Fri, 04 Jun 2021 06:33:11 GMT

GET
H/1.1 200
OK marcelo-real-madrid-05042021-k.jpg
hm.cdn.md/img/haber/m/ 5 KB
5 KB 456ms
167ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haber/m/marcelo-real-madrid-05042021-k.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: 86efa42fcec119039e2eb953c8030585e3831fcbd38f2b9e3c342e1437feb35c

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "90db72d5f040d71:0"
Last-Modified: Tue, 04 May 2021 14:21:54 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5006
Expires: Fri, 04 Jun 2021 06:33:11 GMT

GET
H/1.1 200
OK Mackolik_yenilendi_k.jpeg
hm.cdn.md/img/haber/M/ 5 KB
5 KB 353ms
167ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haber/M/Mackolik_yenilendi_k.jpeg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: f0754ba26b5564598ef1b014fd26e849540f2fe60303f91522f25d2a65b04f0f

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "60dcba13ab94d61:0"
Last-Modified: Sun, 27 Sep 2020 08:49:14 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5272
Expires: Fri, 04 Jun 2021 06:33:11 GMT

GET
H/1.1 200
OK cylelarin_aa_07012021k.jpg
hm.cdn.md/img/haber/c/ 25 KB
25 KB 468ms
170ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haber/c/cylelarin_aa_07012021k.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: 8f748c119d9d5751485d0df940353e5e21757a21874166a52e71fdd67a409f97

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "109d7ee3cee4d61:0"
Last-Modified: Thu, 07 Jan 2021 08:27:08 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25645
Expires: Fri, 04 Jun 2021 06:33:11 GMT

GET
H/1.1 200
OK denizlispor_depophotos_04052021k.jpg
hm.cdn.md/img/haber/d/ 15 KB
15 KB 167ms
167ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haber/d/denizlispor_depophotos_04052021k.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: 12ede91a905350378daf0b12a4c34e774f688a67f98c9becc8793277e8c05b24

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "b0b1c1e1db40d71:0"
Last-Modified: Tue, 04 May 2021 11:51:56 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15046
Expires: Fri, 04 Jun 2021 06:33:11 GMT

GET
H/1.1 200
OK euro2020logo-2021-k.jpg
hm.cdn.md/img/haber/e/ 6 KB
7 KB 170ms
170ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haber/e/euro2020logo-2021-k.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: 71de2b556685fe99997bb893a59d4a6aaa0c915633f646db2ce030bbda438de1

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "9084388102bd71:0"
Last-Modified: Tue, 06 Apr 2021 18:13:23 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6427
Expires: Fri, 04 Jun 2021 06:33:11 GMT

GET
H/1.1 200
OK fenerbahce_sevinc_depophotos_04052021k.jpg
hm.cdn.md/img/haber/f/ 7 KB
7 KB 167ms
167ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haber/f/fenerbahce_sevinc_depophotos_04052021k.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: 0c517de5058bc5f692d108e46b1a7f5ee79523b54046da8def1e7f935f8d256e

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "90bca4f8ab40d71:0"
Last-Modified: Tue, 04 May 2021 06:08:58 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7011
Expires: Fri, 04 Jun 2021 06:33:11 GMT

GET
H/1.1

200
OK

35716
tags.bluekai.com/site/
Redirect Chain

http://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik
https://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik

62 B
753 B

297ms
195ms

Image
image/gif

23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 446a
Content-Type: image/gif

Redirect headers

Location: https://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik
Date: Wed, 05 May 2021 06:33:10 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK newsdetail-arrow.png
im.cdn.md/img5/ 962 B
1 KB 161ms
138ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/newsdetail-arrow.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: b9a09427f1a1422f7302c8eaf58695c42f47466675e86202ebe401a9548adddb

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "b3d8af43e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:30 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 962

GET
H/1.1 200
OK Giannis_Antetokounmpo_14032021k.jpg
hm.cdn.md/img/haber/G/ 7 KB
7 KB 167ms
167ms Image
image/jpeg 74.91.19.202
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hm.cdn.md/img/haber/G/Giannis_Antetokounmpo_14032021k.jpg
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 74.91.19.202 , United States, ASN33387 (NOCIX, US),
Reverse DNS: e-liotiazoon.com
Software: CCAcc (1.0.1/us-s2) / ASP.NET
Resource Hash: affa7d0257fe05717ee0484e34d3747939c9f66cbffd49a6b62c15781d427b11

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "7044ec67a618d71:0"
Last-Modified: Sun, 14 Mar 2021 07:48:21 GMT
Server: CCAcc (1.0.1/us-s2)
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7106
Expires: Fri, 04 Jun 2021 06:33:11 GMT

GET
H/1.1 200
OK NOR.gif
im.cdn.md/img/flags/ 367 B
670 B 144ms
140ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/flags/NOR.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: b9373534d408ef10e20b3e0653c9d4b901e94a81237b9cdef1cc06c8a0464756

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "032f7af8afc71:0"
Last-Modified: Sat, 16 Jun 2007 09:26:54 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 367

GET
H/1.1 200
OK 120.gif
im.cdn.md/img/logo/kucuk/ 1 KB
1 KB 137ms
136ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/logo/kucuk/120.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 2ccffddd7ff2e9c0cb1325a12c4786ece0872eac077ee85c4068482270e7f647

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "97539bd5a742cf1:0"
Last-Modified: Tue, 18 Mar 2014 12:44:42 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1139

GET
H/1.1 200
OK POL.gif
im.cdn.md/img/flags/ 232 B
536 B 139ms
138ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/flags/POL.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 6997ed5d149499d545612b3dffb3b16f2ae9b3f10c7193533115e09ae4733012

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "0b7f37ef8afc71:0"
Last-Modified: Sat, 16 Jun 2007 09:27:02 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 232

GET
H/1.1 200
OK 119.gif
im.cdn.md/img/logo/kucuk/ 1 KB
1 KB 138ms
137ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/logo/kucuk/119.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: d1a95693da4f11aa4645d8ed704614f14679cb6d46e3a2b67137d81f036eaba2

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "d7ef9bd5a742cf1:0"
Last-Modified: Tue, 18 Mar 2014 12:44:42 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1132

GET
H/1.1 200
OK RUS.gif
im.cdn.md/img/flags/ 259 B
563 B 145ms
140ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/flags/RUS.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: bd5fcf182e343c02c360c3a5080eb4499a4a5e297783b2728306443dd54c4bae

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "0115681f8afc71:0"
Last-Modified: Sat, 16 Jun 2007 09:27:06 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 259

GET
H/1.1 200
OK 681.gif
im.cdn.md/img/logo/kucuk/ 1004 B
1 KB 145ms
141ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/logo/kucuk/681.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: f99658f600eb7f107a3504c806a5a5865d173edfe3de1b5e2c4d9593e234886a

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "e7cf15d5a742cf1:0"
Last-Modified: Tue, 18 Mar 2014 12:44:41 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1004

GET
H/1.1 200
OK FRA.gif
im.cdn.md/img/flags/ 394 B
697 B 143ms
140ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/flags/FRA.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: c123ad847c18a2ec3113d9754a655569ee100e494f0cee10c574008c16ab64a7

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "09b1b219b0c71:0"
Last-Modified: Sat, 16 Jun 2007 11:26:06 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 394

GET
H/1.1 200
OK 195.gif
im.cdn.md/img/logo/kucuk/ 1 KB
1 KB 262ms
137ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/logo/kucuk/195.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: fcea0b2bf6dd0c2433efd74345c2bb5fbfb0b017ba404de6373d14b9596d872c

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "67e584d5a742cf1:0"
Last-Modified: Tue, 18 Mar 2014 12:44:42 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1133

GET
H/1.1 200
OK AUT.gif
im.cdn.md/img/flags/ 275 B
577 B 290ms
141ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/flags/AUT.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: d7771dde2892e058642cecd14c076c7d5290028bad01d52bbbff01ddcd17867b

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "090b059b0c71:0"
Last-Modified: Sat, 16 Jun 2007 11:25:20 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 275

GET
H/1.1 200
OK 8248.gif
im.cdn.md/img/logo/kucuk/ 703 B
1007 B 428ms
141ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/logo/kucuk/8248.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 3955a3073559f4f51c645bcef25f023a7c7cfba87d3bb1fb4a6c5fde2760e865

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "f2c97a26550cd1:0"
Last-Modified: Fri, 22 Jun 2012 10:56:11 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 703

GET
H/1.1 200
OK POR.gif
im.cdn.md/img/flags/ 558 B
862 B 400ms
138ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/flags/POR.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: d5004a9ada961a31405757982290a429a8c264b2a154659e32fab194b53d140c

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "0b7f37ef8afc71:0"
Last-Modified: Sat, 16 Jun 2007 09:27:02 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 558

GET
H/1.1 200
OK 157.gif
im.cdn.md/img/logo/kucuk/ 571 B
876 B 430ms
141ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/logo/kucuk/157.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 5ab2cb2850706571717a74499e8430164270ac8305586d45e1d0a3581f43a8b9

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "408adc90ba70d21:0"
Last-Modified: Tue, 17 Jan 2017 12:09:34 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 571

GET
H/1.1 200
OK ARG.gif
im.cdn.md/img/flags/ 327 B
629 B 383ms
136ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/flags/ARG.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 97d4d828b296784064da5cb5cd0ff1bfb74d87a79714d117bdf6896b31d94ced

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "0364e39b0c71:0"
Last-Modified: Sat, 16 Jun 2007 11:25:16 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 327

GET
H/1.1 200
OK 83.gif
im.cdn.md/img/logo/kucuk/ 1 KB
1 KB 400ms
137ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/logo/kucuk/83.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 58f047e5fdba8b46c00955c2986b253772a95da12ffdaa2eda3742a63d24ce30

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "37bca1d5a742cf1:0"
Last-Modified: Tue, 18 Mar 2014 12:44:42 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1161

GET
H/1.1 200
OK NED.gif
im.cdn.md/img/flags/ 274 B
578 B 431ms
141ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/flags/NED.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 611a7dd3b2291b8d305deaf3398c20aa9f7418f1d7bbfa7d64fa6396682bfdc4

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "07c9b76f8afc71:0"
Last-Modified: Sat, 16 Jun 2007 09:26:48 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 274

GET
H/1.1 200
OK 1159.gif
im.cdn.md/img/logo/kucuk/ 1 KB
1 KB 148ms
141ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/logo/kucuk/1159.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: caa8795fdc2d03becd1b1fadaf4ba16ca8a02a18bc901b67a305ad70ab39c9e3

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "774bbfd4a742cf1:0"
Last-Modified: Tue, 18 Mar 2014 12:44:41 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1116

GET
H/1.1 200
OK ENG.gif
im.cdn.md/img/flags/ 286 B
589 B 248ms
135ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/flags/ENG.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: d34307c9a22438c45e974f24d07f41f83227ecbf729a1a3b0f36cb0c38f1b30c

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "014881d9b0c71:0"
Last-Modified: Sat, 16 Jun 2007 11:26:00 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 286

GET
H/1.1 200
OK 968.gif
im.cdn.md/img/logo/kucuk/ 1 KB
1 KB 289ms
140ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/logo/kucuk/968.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 983cfd08e05acbb6688d3b881f39dc1d875970138ff41c4c9a1374f4cb399014

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "2798e5d4a742cf1:0"
Last-Modified: Tue, 18 Mar 2014 12:44:41 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1148

GET
H/1.1 200
OK 981.gif
im.cdn.md/img/logo/kucuk/ 1 KB
1 KB 262ms
137ms Image
image/gif 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img/logo/kucuk/981.gif
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: ce94599488ec9e8c575525914a25e9c7d97fabebf8570ce64939fea303cca39f

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "4775e3d4a742cf1:0"
Last-Modified: Tue, 18 Mar 2014 12:44:41 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1111

GET
H/1.1 200
OK mc.png
im.cdn.md/img5/icons/ 2 KB
2 KB 520ms
135ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/icons/mc.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 939ec52ac0dd04dc5bcbd3fe8f4027e42a79989d9a7588fecd2c85aaa2987ba2

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "9369cbf43e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:31 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1630

GET
H/1.1 200
OK twit-ico.png
im.cdn.md/img5/icons/ 1 KB
2 KB 148ms
141ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/icons/twit-ico.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: f2ff5e9280f6a481345116d335ff6f334378f045afed98c85815e3c3a717dbd3

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "e3f0d5f43e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:31 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1471

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 23 B
711 B 466ms
101ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://run.admost.com/adx/get.ashx?k=55003&preredir={amClickThru}
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: 50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:10 GMT
Server: haproxy-go
Var: s:go601;c:1;e:10;hc:33
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 23
Expires: -1

GET
H/1.1 200
OK footer-ico.png
im.cdn.md/img5/ 946 B
1 KB 138ms
138ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/footer-ico.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: e444291a8eb00c0786a77e8b783c318b2d77db35e6715aff504a46d8e64b3335

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "1339a5f33e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:29 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 946

GET
H/1.1 200
OK admost.js Show response
go.admost.com/adx/js/ 4 KB
4 KB 253ms
166ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: 3dfb78d105e89ffe3359c30a219301b46640e01cb726e00693b9a1e745b678b8

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:10 GMT
Last-Modified: Wed, 10 Mar 2021 15:26:32 GMT
Server: haproxy-go
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 3985
Expires: -1

GET
H/1.1 200
OK xgemius.js Show response
tr.hit.gemius.pl/ 39 KB
11 KB 150ms
109ms Script
application/x-javascript 217.182.200.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tr.hit.gemius.pl/xgemius.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 217.182.200.20 , France, ASN16276 (OVH, FR),
Reverse DNS: gcm6.host.hit.gemius.pl
Software: GHC /
Resource Hash: 3177712e455be4da8e6afb3efe5d1f5dd26346917d63c22becb6d1c953102362

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Mar 2021 11:13:20 GMT
Server: GHC
Vary: Accept-Encoding,Origin
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: none
Content-Type: application/x-javascript
Keep-Alive: timeout=10
Content-Length: 10546
Expires: Wed, 05 May 2021 18:33:10 GMT

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
2 KB 116ms
80ms Script
application/javascript 65.9.84.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 65.9.84.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-server-side-encryption: AES256
Date: Wed, 05 May 2021 06:18:23 GMT
Via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
Last-Modified: Fri, 26 Feb 2021 14:35:05 GMT
Server: AmazonS3
Age: 888
ETag: "1827f116c73f319409b97f10b8a58ade"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 1469
X-Amz-Cf-Id: d40pp8AXJZ76lFy3QW1FP0xIWAP5WKVTZuC9JPwkNvx1MzqS4_X_2w==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620196390377&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csah...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620196390377&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csa...

64 B
329 B

63ms
63ms

Image
image/gif

65.9.84.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620196390377&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&c7=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&c9=
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:10 GMT
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: Cs941spEudv7FioQsJqYJNNoelEA1BuwKz-UXynToJeuCzMhRfLqGg==

Redirect headers

date: Wed, 05 May 2021 06:33:10 GMT
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620196390377&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&c7=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&c9=
content-length: 308
x-amz-cf-id: b81CphRWNDMhBN2kxobvrstTaXHA6yjrT5wl-EyswhP1xiCHZI_xlw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 839
date: Wed, 05 May 2021 06:19:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 05 May 2021 08:19:11 GMT

GET
H/1.1 200
OK new-mackolik-logo.png
im.cdn.md/img5/ 5 KB
5 KB 367ms
249ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/new-mackolik-logo.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 051bcb4e7ec2e3a0a3e136cc2cc74f650f78a389ac7e4d88a8bc2d27d10859c1

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "aaa3bd264881cd1:0"
Last-Modified: Thu, 23 Aug 2012 15:58:35 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4670

GET
H/1.1 200
OK home-ico.png
im.cdn.md/img5/ 2 KB
2 KB 357ms
239ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/home-ico.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 47c9ac90d4519600c96b8e3a69bb9f6d6bf39cdf1dff9aae44306e0ceeab02d0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "f3aeaef33e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:30 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1945

GET
H/1.1 200
OK menu-bg.png
im.cdn.md/img5/ 968 B
1 KB 369ms
251ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/menu-bg.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 441f219ed57ed9ba64aedc1344c051924b4427e129a31df2528bd7e53d5cb7b5

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "735a5f43e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:30 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 968

GET
H/1.1 200
OK menu-hover.png
im.cdn.md/img5/ 987 B
1 KB 361ms
242ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/menu-hover.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 61ac0055643f185e2957d5a8c5d8e7c1f526101ed2394381207ba1ac49b7f4ed

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "735a5f43e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:30 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 987

GET
H/1.1 200
OK menu-right-bg2.png
im.cdn.md/img5/ 1 KB
1 KB 361ms
242ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/menu-right-bg2.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 5ae42226599cbac001f2db8f5a32cb3f389de9893e4f9e1d88de3118fefa412f

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "6d3480b3f984cd1:0"
Last-Modified: Tue, 28 Aug 2012 08:47:05 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1105

GET
H/1.1 200
OK index-search-k.png
im.cdn.md/img5/ 2 KB
2 KB 368ms
249ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/index-search-k.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 812031ef332b67aa8f3efe65e4dec304864ceb58b8442e08cdbdd82be187ce55

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "54f5f1ad2845d01:0"
Last-Modified: Tue, 10 Feb 2015 11:57:01 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1741

GET
H/1.1 200
OK bottom-menu-bg.png
im.cdn.md/img5/ 973 B
1 KB 486ms
136ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/bottom-menu-bg.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: a6121e496afc82cd9dac0022c7824ef5af01e40e99e4f1171729d1e486ea20d6

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "33ff91f33e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:29 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 973

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 914 B
2 KB 199ms
162ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=46597&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: e339219d347effa315af137b67c0442a018ed4e5f38c2c2748d994644a372ab2

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:10 GMT
Server: haproxy-go
Pbk: 473044-328614-46597
Var: s:go601;c:1;e:11;hc:3;r:>473044-328614-46597-0;cs:cp:cache_z_46597_*_*_*_*_*_*_*
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 914
Expires: -1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 197ms
67ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/special/rupmackolik.com.arsiv.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

df9d84c4762e3b1606153ce8f027f554865f5421c7422b27b0121bfa793e4b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "862 / 241 of 1000 / last-modified: 1620166139"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21154
x-xss-protection: 0
expires: Wed, 05 May 2021 06:33:10 GMT

GET
H/1.1 200
OK panel-trans.png
cm.cdn.md/js5/jquery-galleryview-1.1/themes/red/ 930 B
1 KB 139ms
139ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cm.cdn.md/js5/jquery-galleryview-1.1/themes/red/panel-trans.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 037921b880f09ad6fadb833e28069c2dc8a6f5564587bad9695885b3b62ffae9

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
Last-Modified: Wed, 08 Aug 2012 08:22:24 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: "138642f03e75cd1:0"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 930
Expires: Fri, 04 Jun 2021 06:33:10 GMT

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 23 B
710 B 98ms
98ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=49886&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: e05877ec1cc3a0f91bd0726fab6baca1bbf8caf6048941bd6fbf805088e357d7

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:10 GMT
Server: haproxy-go
Var: s:go593;c:1;e:32;hc:4
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 23
Expires: -1

GET
H2

200

fpdata.js Show response
tr.hit.gemius.pl/_sslredir/
Redirect Chain

http://tr.hit.gemius.pl/fpdata.js?href=arsiv.mackolik.com
https://tr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com

281 B
479 B

258ms
109ms

Script
application/x-javascript

217.182.200.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 217.182.200.20 , France, ASN16276 (OVH, FR),
Reverse DNS: gcm6.host.hit.gemius.pl
Software: GHC /
Resource Hash: 8ba3fca4771216f3448961a826c41dad86523141636c503f91134cdf00110ead

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:10 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 281
expires: Fri, 04 Jun 2021 06:33:10 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:10 GMT
Server: GHC
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://tr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: none
Keep-Alive: timeout=10
Content-Length: 0
Expires: Tue, 04 May 2021 06:33:10 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1844960825&t=pageview&_s=1&dl=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1900696339&gjid=1310546085&cid=1793803758.1620196391&tid=UA-241588-3&_gid=467206847.1620196391&_r=1&_slc=1&z=543494831

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://arsiv.mackolik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
86 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-241588-3&cid=1793803758.1620196391&jid=1900696339&gjid=1310546085&_gid=467206847.1620196391&_u=IEBAAEAAAAAAAC~&z=875801878

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 05 May 2021 06:33:10 GMT
content-type: text/plain
access-control-allow-origin: http://arsiv.mackolik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK VideoPlayer.aspx Show response
arsiv.mackolik.com/VideoPlayer/ Frame 8D70 15 KB
5 KB 142ms
142ms Document
text/html 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: f20dafc9f52f410cb8d31261d8eb82197df655c212e3c4c679937553f9353526

Request headers

Host: arsiv.mackolik.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/Default.aspx
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: am_cookie_test=true; _ga=GA1.2.1793803758.1620196391; _gid=GA1.2.467206847.1620196391; _gat=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/Default.aspx

Response headers

Server: CCAcc (1.0.1/us-s3)
Date: Wed, 05 May 2021 06:33:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 4551
Connection: keep-alive
Cache-Control: public, max-age=5578
Content-Encoding: gzip
Expires: Wed, 05 May 2021 07:04:27 GMT
Last-Modified: Wed, 05 May 2021 05:24:27 GMT
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
sloc: 629
s: 5
X-US: HIT

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 23 B
709 B 98ms
98ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=14420&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: 34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:10 GMT
Server: haproxy-go
Var: s:go917;c:1;e:32;hc:6
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 23
Expires: -1

GET
H/1.1 200
OK blue-bg.png
im.cdn.md/img5/ 939 B
1 KB 160ms
137ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/blue-bg.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: f82fa028dce989ca4321ce730ff7ebdf14845f2529464866c95f2b64c68a118d

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
ETag: "38a91f33e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:29 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 939

GET
H/1.1 200
OK brown-bg.png
im.cdn.md/img5/ 940 B
1 KB 138ms
137ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/brown-bg.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: a13329727556eb03b67a9ae8a13ced0ba088dc4d11dfa26570e78ff7cbe2bb56

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "637492f33e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:29 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 940

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 871 B
2 KB 99ms
98ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=46595&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: 81f5e8672a0895c95e0d3e3a500778d9f39c854fb3be84ebcc29846876cf30da

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:10 GMT
Server: haproxy-go
Pbk: 473043-328613-46595
Var: s:go601;c:1;e:5;hc:4;r:>473043-328613-46595-0;cs:cp:cache_z_46595_*_*_*_*_*_*_*
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 871
Expires: -1

GET
H3-29 200 pubads_impl_2021042801.js Show response
securepubads.g.doubleclick.net/gpt/ 300 KB
106 KB 146ms
74ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:37:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108145
x-xss-protection: 0
expires: Wed, 05 May 2021 06:33:11 GMT

GET
H3-29 200 sticky-footer.js Show response
cdn.eksiup.com/api/ 8 KB
4 KB 31ms
17ms Script
application/javascript 2606:4700:3033::ac43:9ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eksiup.com/api/sticky-footer.js?siteid=25&slotid=25
Requested by: Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/special/rupmackolik.com.arsiv.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 384b935474ab09f84f7e845a6e91d8cbad2ff14ed25053d0be524d4624550875

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1729
cf-polished: origSize=9393
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09dcd4102e0000178602adb000000001
last-modified: Sat, 05 Dec 2020 00:45:47 GMT
server: cloudflare
etag: W/"5fcad83b-24b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5y1x7z%2B5D%2FksfGMz0g2Msb6ySoD73wh%2FBxYRGfVtb%2BThHa30Pas6ewI7jsCJEJIykj9nz0wIoXnY%2FFHicxD0XpH1t7MQWmh2GAkwEzi%2FUqcAKYN3kQwXYPK9RQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 64a7ef937ed91786-FRA
expires: Tue, 04 May 2021 12:03:46 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ Frame 8D70 91 KB
92 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 05:27:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Age: 3913
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 93435
X-XSS-Protection: 0
Expires: Thu, 05 May 2022 05:27:57 GMT

GET
H/1.1 200
OK jquery.jsonp-2.1.4.js Show response
cm.cdn.md/js5/ Frame 8D70 7 KB
3 KB 141ms
138ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/jquery.jsonp-2.1.4.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: c8793509b08afcc3849deecb90ecb38d6ac55937b2035cae4b686f447900100c

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Mar 2016 12:10:55 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"3375d2e5c57ad11:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:11 GMT

GET
H/1.1 200
OK docs.min.css
js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/ Frame 8D70 59 KB
21 KB 169ms
72ms Stylesheet
text/css 89.187.169.122
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/docs.min.css

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc

Protocol

HTTP/1.1

Server

89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-122.cdn77.com

Software

MerlinCDN /

Resource Hash

0133a3a8bad96c183d5fd19407b4cc471dcdd5eb0e81c5504c198ae5a04d6d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
Via: HTTP/1.1 Merlin CDN
X-Content-Type-Options: nosniff
Age: 47896
grace: none
Transfer-Encoding: chunked
X-Cache: CMISS_01
P3P: CP= CAO PSA OUR
Access-Control-Allow-Methods: GET, OPTIONS, POST, HEAD
Connection: keep-alive
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Allow: GET, HEAD, POST
Server: MerlinCDN
X-Midtier: de-fra-dp-s01
Vary: Accept-Encoding
Strict-Transport-Security: max-age=16070400
Content-Type: text/css
Access-Control-Allow-Origin: *
X-Edge: de-fra-dp-s02
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
X-ECACHE: HIT
healthy: none
X-Age: 0
Access-Control-Allow-Headers: accept, origin, x-requested-with, content-type
X-Mcache: HIT
X-VCT: 0.000

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 8D70 1 KB
2 KB 113ms
80ms Script
application/javascript 65.9.84.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://sb.scorecardresearch.com/beacon.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol: HTTP/1.1
Server: 65.9.84.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Wed, 05 May 2021 06:18:23 GMT
Via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
Last-Modified: Fri, 26 Feb 2021 14:35:05 GMT
Server: AmazonS3
Age: 889
ETag: "1827f116c73f319409b97f10b8a58ade"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 1469
X-Amz-Cf-Id: fxpdTv-Q40-s2xLN6AzKkoU5D3leRPiT_RDMfTifB_HawYNygGo11A==

GET
H/1.1 200
OK gstream.js Show response
str.hit.gemius.pl/ Frame 8D70 28 KB
8 KB 159ms
109ms Script
application/x-javascript 217.182.200.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://str.hit.gemius.pl/gstream.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol: HTTP/1.1
Server: 217.182.200.19 , France, ASN16276 (OVH, FR),
Reverse DNS: gcm5.host.hit.gemius.pl
Software: GHC /
Resource Hash: 2c13be7e6baf352ce470ded3c4ea9a4689ab876b4c07fdbfe7d5b4fb1be05787

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Mar 2021 11:13:20 GMT
Server: GHC
Vary: Accept-Encoding,Origin
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: none
Content-Type: application/x-javascript
Keep-Alive: timeout=10
Content-Length: 8037
Expires: Wed, 05 May 2021 18:33:11 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8D70 334 KB
115 KB 21ms
13ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 117044
X-XSS-Protection: 0
Expires: Wed, 05 May 2021 06:33:10 GMT

GET
H/1.1 200
OK docs.min.js Show response
js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/ Frame 8D70 967 KB
312 KB 177ms
81ms Script
application/javascript 89.187.169.122
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc

Protocol

HTTP/1.1

Server

89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-89-187-169-122.cdn77.com

Software

MerlinCDN /

Resource Hash

ec56b2a59262e7489dfdeb863840fbf779478550f423b3cb9b4a9047342da21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
Via: HTTP/1.1 Merlin CDN
X-Content-Type-Options: nosniff
Age: 47895
grace: none
Transfer-Encoding: chunked
X-Cache: CMISS_01
P3P: CP= CAO PSA OUR
Access-Control-Allow-Methods: GET, OPTIONS, POST, HEAD
Connection: keep-alive
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Allow: GET, HEAD, POST
Server: MerlinCDN
X-Midtier: de-fra-dp-s01
Vary: Accept-Encoding
Strict-Transport-Security: max-age=16070400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Edge: de-fra-dp-s02
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
X-ECACHE: HIT
healthy: none
X-Age: 0
Access-Control-Allow-Headers: accept, origin, x-requested-with, content-type
X-Mcache: HIT
X-VCT: 0.000

GET
H/1.1 200
OK videojs-dock.js Show response
cm.cdn.md/js5/ Frame 8D70 13 KB
4 KB 141ms
140ms Script
application/x-javascript 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cm.cdn.md/js5/videojs-dock.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) /
Resource Hash: 4f64f8e57fceff16ab30429262845ed261ba56e666ee48dd8c0f0616eefd0702

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Oct 2016 09:38:40 GMT
Server: CCAcc (1.0.1/us-s3)
ETag: W/"5f2740967e20d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:33:11 GMT

GET
H3-29 200 sticky-footer.php Show response
cdn.eksiup.com/api/ 669 B
995 B 50ms
27ms XHR
application/json 2606:4700:3033::ac43:9ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eksiup.com/api/sticky-footer.php?siteid=25&slotid=25&width=1600
Requested by: Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/sticky-footer.js?siteid=25&slotid=25
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f324e01e06560f8cf72e66ba86e85294b4ddb2775c3690b18efbb7e6ef6c68eb

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

xr-caches: master
date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
xr-cache: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ardTW0EXxZtF0d7rSW2OI2AvuW3c24nEz225mWdoBqP3FyUDvsXYF3ptgppat22kO%2Ft4VqJazTylGxP4nQVicEJ1Jyoj5i8eUdTXoQNrz5Cbt6zd%2BlQ2NwM%2FYw%3D%3D"}],"max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 64a7ef93cb9d1e47-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09dcd4105b00001e47afbb4000000001

GET
H/1.1 200
OK standing-bg.png
im.cdn.md/img5/ 966 B
1 KB 222ms
136ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/standing-bg.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: c45435989dbfa92ad5a498960feea35a92a8ccfa8032d929c29e6da89114e737

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "a34945f43e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:31 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 966

GET
H/1.1 200
OK standing-hover.png
im.cdn.md/img5/ 974 B
1 KB 234ms
137ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/standing-hover.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 146c53518c6967e7e13ea9b117028f06b5af60bc1035e670ff35fede53253a30

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "33a946f43e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:31 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 974

GET
H/1.1 200
OK menubar-bg.png
im.cdn.md/img5/ 957 B
1 KB 233ms
137ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/menubar-bg.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 932bdfb828436b081101296ca3c21e1232156bb95ecce0ab39c0f34dc4086dc9

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "d3810f43e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:30 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 957

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 23 B
710 B 98ms
97ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=16998&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:11 GMT
Server: haproxy-go
Var: s:go602;c:1;e:47;hc:1
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 23
Expires: -1

GET
H2

200

rexdot.js Show response
tr.hit.gemius.pl/__/_sslredir/_1620196391004/
Redirect Chain

http://tr.hit.gemius.pl/_1620196391004/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackol...
https://tr.hit.gemius.pl/_sslredir/_1620196391004/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fa...
https://tr.hit.gemius.pl/__/_sslredir/_1620196391004/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%...

169 B
430 B

76ms
76ms

Script
application/x-javascript

217.182.200.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.hit.gemius.pl/__/_sslredir/_1620196391004/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=UBSHtl7c2puN4bWIHaGLiEayd8UQsrip7XJX1b4R08n.L7&vis=1
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 217.182.200.20 , France, ASN16276 (OVH, FR),
Reverse DNS: gcm6.host.hit.gemius.pl
Software: GHC /
Resource Hash: 3ded594bfd95863f866c4b24536f659919a4ad740817ed80c7c4213428ae44fe

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:11 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Tue, 04 May 2021 06:33:11 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:11 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_sslredir/_1620196391004/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=UBSHtl7c2puN4bWIHaGLiEayd8UQsrip7XJX1b4R08n.L7&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Tue, 04 May 2021 06:33:11 GMT

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6df79e98ac3f39a612316d11ac887567173d8b940ca5ca1c48582e5ac57e79b0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7acea79c2521213b0e379bcb9c0fe0c690e5cb7ccad1998c5920b2a5699843ad

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0B98 61 KB
21 KB 93ms
93ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/sticky-footer.js?siteid=25&slotid=25

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

86390a794d4b05dd508e9d726fcfdd9c31101f0a7d35d4d46ca702d3cebb61b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "862 / 106 of 1000 / last-modified: 1620166217"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21155
x-xss-protection: 0
expires: Wed, 05 May 2021 06:33:11 GMT

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame A11C
Redirect Chain

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&heig...
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&hei...

31 KB
13 KB

73ms
60ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

161cc822f646ad5ead174946f4c3c8f444d32ad15de482a938959a08edc75931

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://arsiv.mackolik.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: EfPIP3eHTaBVlxeCbRaKSeyRMjhy3B3wUVsctrGK3jgV2yv/ey0W2U1fg+yPflk5mAekQ8+IWZh0Cp+/rHBAig==
date: Wed, 05 May 2021 06:33:11 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 17ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/6738)
Age: 765
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 277 B
1 KB 99ms
98ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=14421&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: 185562bf0f3784ee957b6dc068bbad0d7002d5ecb5d37503702fface827566c6

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:11 GMT
Server: haproxy-go
Pbk: 431704-287982-14421
Var: s:go917;c:1;e:-9223372036;hc:0;r:>431704-287982-14421-0;cs:cp:cache_z_14421_*_*_*_*_*_*_*
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 277
Expires: -1

GET
H/1.1 200
OK popular-bg.png
im.cdn.md/img5/ 958 B
1 KB 287ms
140ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/popular-bg.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 3ae830068399ffead55c272748252cda43e6103da5e6b0d673ae751c27d52200

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "93472af43e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:30 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 958

GET
H/1.1 200
OK twit-top.png
im.cdn.md/img5/ 1 KB
2 KB 146ms
140ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/twit-top.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 5aff8b1abcb6212d44a19927db2e892166a403245e076a5f6b64e6d9dac3bbd2

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
ETag: "437f92f43e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:31 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1263

GET
H/1.1 200
OK gemiuslib.js Show response
str.hit.gemius.pl/ Frame 8D70 37 KB
10 KB 71ms
71ms Script
application/x-javascript 217.182.200.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://str.hit.gemius.pl/gemiuslib.js
Requested by: Host: str.hit.gemius.pl
URL: http://str.hit.gemius.pl/gstream.js
Protocol: HTTP/1.1
Server: 217.182.200.19 , France, ASN16276 (OVH, FR),
Reverse DNS: gcm5.host.hit.gemius.pl
Software: GHC /
Resource Hash: 3ef707fc4a3c01523d30510ce8a91d224e4b80d31be2fd7b18ceee18fb5c437b

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Mar 2021 11:13:20 GMT
Server: GHC
Vary: Accept-Encoding,Origin
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: none
Content-Type: application/x-javascript
Keep-Alive: timeout=10
Content-Length: 10199
Expires: Wed, 05 May 2021 18:33:11 GMT

GET
DATA 200
OK truncated
/ Frame 8D70 1 KB
0 Font
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: http://arsiv.mackolik.com
Referer: http://js.duhnet.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
H3-29 200 pubads_impl_2021042801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0B98 300 KB
106 KB 74ms
74ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060984

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:37:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108145
x-xss-protection: 0
expires: Wed, 05 May 2021 06:33:11 GMT

GET
H3-29 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame A11C 400 B
449 B 7ms
7ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: KASiXt3PX7nPgje7J4l5ABied9/uc3azD/KFHbLLtzeppCOVn3YN7PyrlmZqapdF3YYLaDijfr1eyYxu4akihg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 27 Apr 2021 15:55:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 400
timing-allow-origin: *
priority: u=3,i
x-fb-rlafr: 0
expires: Wed, 27 Apr 2022 15:55:46 GMT

GET
H3-29 200 EuFt3GEPmkb.js Show response
www.facebook.com/rsrc.php/v3iR5z4/yM/l/tr_TR/ Frame A11C 503 KB
132 KB 6ms
6ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iR5z4/yM/l/tr_TR/EuFt3GEPmkb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1970006acdf437a48e6fcad001faa0dfc7984d48c3d8612c0f68c048c09c9e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HF5Rrm0SDFToVVHyoPrcKg==
cross-origin-resource-policy: cross-origin
content-length: 134923
x-fb-rlafr: 0
x-fb-debug: M971X4lO0xMvghO85Q4HjyPFTqdbbaywJ/9hRp19uYBF4Wh6ALIPN0tHJ1TiJ1bCkcTwQyJaNBfwoujVl9Npvg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 May 2022 03:07:53 GMT

GET
H2 200 spor_toto_4_300x250.png
admost-banner.b-cdn.net/admost/4/2017/6/ 13 KB
14 KB 197ms
83ms Image
image/webp 185.59.220.199
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admost-banner.b-cdn.net/admost/4/2017/6/spor_toto_4_300x250.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-199.datapacket.com
Software: BunnyCDN-DE1-722 /
Resource Hash: b6ce275258ff5e50ea4c81fa0b177bd54afdf6ca3a695181d8efd928d58dbe4e

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:11 GMT
x-downloadsize: 60625
cdn-edgestorageid: 601, 602
x-bo-processingtime: 13
cdn-cachedat: 2021-05-03 07:37:22
cdn-pullzone: 178422
content-length: 13634
x-bo-server: DE-132
last-modified: Sun, 02 May 2021 11:07:28 GMT
server: BunnyCDN-DE1-722
cdn-requestpullcode: 206
x-bo-origindownloadtime: 264
content-type: image/webp
cdn-cache: HIT
cdn-uid: 79355934-3932-41c0-9817-733cc0c4d7a6
cache-control: public, max-age=2592000
x-bo-compressionratio: 77.51%
cdn-requestid: 573514526fa29a503e3fc092f248f7b9
accept-ranges: bytes
cdn-requestcountrycode: SE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 23 B
709 B 98ms
97ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=14472&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: e05877ec1cc3a0f91bd0726fab6baca1bbf8caf6048941bd6fbf805088e357d7

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:11 GMT
Server: haproxy-go
Var: s:go593;c:1;e:56;hc:1
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 23
Expires: -1

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame A11C 67 B
97 B 36ms
35ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1620196391197&t_start=1620196391197&t_domcontent=1620196391207&t_layout=1620196391222&t_onload=1620196391222&t_paint=1620196391222&t_creport=1620196391222&t_tti=1620196391207&lid=6958690514209417070-0

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: LXXlrxPfQa4X2nHoXGRLhw3CthPHjrbdbFLp7HFOaWJpqhJU1MLQMAMnsimZJoAB8VcEbZsyzzD9WXRKOrvGuQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 05 May 2021 06:33:11 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
799 B 111ms
43ms Script
application/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=arsiv.mackolik.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=arsiv.mackolik.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 72 KB
17 KB 565ms
564ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=607888675540967&correlator=2793257358310458&output=ldjh&impl=fif&eid=31060789%2C31060842%2C31060853&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Ctopbanner_masthead_multisize_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C980x250%7C970x250&cookie_enabled=1&bc=23&abxe=1&lmt=1620196380&dt=1620196391263&dlt=1620196389130&idt=2109&frm=20&biw=1600&bih=1200&oid=3&adxs=320&adys=134&adks=821623584&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=960x90&msz=960x90&ga_vid=1793803758.1620196391&ga_sid=1620196391&ga_hid=1844960825&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1b166552e1c8f279c918f29322cb9454674cc1ed076263106c95781994579e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17818
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://arsiv.mackolik.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 47ms
14ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 27ms
5ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 11 KB
6 KB 831ms
829ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=607888675540967&correlator=2793257358310458&output=ldjh&impl=fif&eid=31060789%2C31060842%2C31060853&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Ctopmpu_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie_enabled=1&bc=23&abxe=1&lmt=1620196380&dt=1620196391268&dlt=1620196389130&idt=2109&frm=20&biw=1600&bih=1200&oid=3&adxs=972&adys=245&adks=3491219890&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1793803758.1620196391&ga_sid=1620196391&ga_hid=1844960825&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

464b7a366c6dbc59fd6e8e7af63e9c161d018681b39ca51301a18a36341fdeae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6523
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://arsiv.mackolik.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 8D70 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 840
date: Wed, 05 May 2021 06:19:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 05 May 2021 08:19:11 GMT

GET
DATA 200
OK truncated
/ Frame 8D70 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54

Request headers

Origin: http://arsiv.mackolik.com
Referer: http://js.duhnet.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 206
Partial Content 1dlryyf7b8ahn1m9lzlff1gc2v_2400000.mp4
daznplayervod.daznservices.com/ePlayer2/20210504/ Frame 8D70 5 MB
0 66ms
29ms Media
video/mp4 2a02:26f0:120::211:7929
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://daznplayervod.daznservices.com/ePlayer2/20210504/1dlryyf7b8ahn1m9lzlff1gc2v_2400000.mp4
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:120::211:7929 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://arsiv.mackolik.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
Last-Modified: Tue, 04 May 2021 13:20:40 GMT
Server: AmazonS3
x-amz-request-id: 69VSTTHKTH4S1FM9
ETag: "7f78344735986225eaf1f98950c847b4-9"
Content-Type: video/mp4
Content-Range: bytes 0-42099501/42099502
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42099502
x-amz-id-2: Pd+vZmDkHNPGJF/A587Du4X2da0T76Fh66SCJm2NGIEpqjWgUKFKFfPdDvkTd9atryCNkZZ9Rk8=

GET
H/1.1 200
OK bridge3.453.0_tr.html Show response
imasdk.googleapis.com/js/core/ Frame 7464 570 KB
187 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.453.0_tr.html

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de00817d2456b6108f78a2774d70d1ab8658a5ba300ab4023c55dd2817de052a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 190928
Date: Wed, 05 May 2021 04:12:25 GMT
Expires: Thu, 05 May 2022 04:12:25 GMT
Last-Modified: Wed, 21 Apr 2021 20:50:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Age: 8446
Cache-Control: public, max-age=31536000

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8D70 44 KB
17 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 05 May 2021 06:33:11 GMT

GET
H/1.1 200
OK mackolik_emk3rudazsjg14plgfcgb585b.png
images.performgroup.com/di/library/eplayer3_user_guide/5a/e0/ Frame 8D70 2 KB
3 KB 114ms
75ms Image
image/png 2.18.232.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.performgroup.com/di/library/eplayer3_user_guide/5a/e0/mackolik_emk3rudazsjg14plgfcgb585b.png?h=28
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol: HTTP/1.1
Server: 2.18.232.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-159.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f9f3facbbca03a3c32a03c74da2152f3888997c01e9c523e8801cc7e0d89d516

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:11 GMT
Last-Modified: Mon, 03 May 2021 16:40:44 GMT
Server: Apache
ETag: "96d-5c16f9f6ffb00"
Content-Type: image/png
X-Server-Id: 62ff5c2cd20855624be087e9eecfdb9ec2d414af
Cache-Control: max-age=68072
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2413
Expires: Thu, 06 May 2021 01:27:43 GMT

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 23 B
710 B 99ms
98ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=26435&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: 34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:11 GMT
Server: haproxy-go
Var: s:go917;c:1;e:51;hc:2
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 23
Expires: -1

GET
H3-29 200 integrator.js Show response
adservice.google.se/adsid/ Frame 0B98 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=arsiv.mackolik.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060984

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0B98 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=arsiv.mackolik.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060984

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0B98 518 B
289 B 274ms
274ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=987353445410907&correlator=1125042767682915&output=ldjh&impl=fif&eid=31060783%2C31060790%2C31060842%2C31060984%2C21068111&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Csticky&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x100%7C375x100%7C728x90%7C300x50%7C320x50%7C970x90&cookie_enabled=1&cdm=arsiv.mackolik.com&bc=23&abxe=1&lmt=1620196391&dt=1620196391454&dlt=1620196391029&idt=408&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=800&adys=1317&adks=2617765872&ucis=ecbwzoxhl31j&ifi=1&ifk=984508663&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=http%3A%2F%2Farsiv.mackolik.com%2F&top=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=1x100&msz=1x100&ga_vid=1793803758.1620196391&ga_sid=1620196391&ga_hid=1994207000&ga_fc=true&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060984

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

4a9d45eae6684c377da6ab1d3f191910ec099aa6d3d423de9a62b78433e7d1ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://arsiv.mackolik.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d17e0d8d4491a0f07466b9b191de90ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B98 0
0 137ms
51ms Other
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d17e0d8d4491a0f07466b9b191de90ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060984
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B98 0
0 21ms
6ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060984
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 8D70 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=410829613&t=event&_s=1&dl=http%3A%2F%2Farsiv.mackolik.com%2FVideoPlayer%2FVideoPlayer.aspx%3Fid%3D10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v%26autoplay%3Dtrue%26showads%3Dtrue%26page%3Dcanlisonuc&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=630x355&je=0&ec=Videos&ea=play&el=1dlryyf7b8ahn1m9lzlff1gc2v&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=1793803758.1620196391&tid=UA-241588-3&_gid=467206847.1620196391&_slc=1&z=1195029692

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://arsiv.mackolik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 93FF 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 05:38:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3272
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Wed, 05 May 2021 06:38:39 GMT

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 23 B
711 B 98ms
98ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=31811&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: 34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:11 GMT
Server: haproxy-go
Var: s:go917;c:1;e:27;hc:15
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 23
Expires: -1

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 23 B
710 B 98ms
98ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=36373&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: e05877ec1cc3a0f91bd0726fab6baca1bbf8caf6048941bd6fbf805088e357d7

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:11 GMT
Server: haproxy-go
Var: s:go593;c:1;e:57;hc:1
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 23
Expires: -1

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0B98 10 KB
8 KB 33ms
18ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060984

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e595ffdb4049c7633bd1260ce2b5011ddf3443217889d672c882e55068e1347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7727
x-xss-protection: 0

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 23 B
709 B 98ms
97ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=46599&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: 34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:11 GMT
Server: haproxy-go
Var: s:go917;c:1;e:9;hc:5
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 23
Expires: -1

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0B98 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060984

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 05 May 2021 06:33:11 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 370D 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://arsiv.mackolik.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 05 May 2021 06:30:48 GMT
expires: Thu, 05 May 2022 06:30:48 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 143
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 370D 14 KB
6 KB 19ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 23:42:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 24659
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 23:42:12 GMT

GET
H3-29 200 container.html Show response
91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 34D0 6 KB
3 KB 19ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://arsiv.mackolik.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 05 May 2021 06:33:11 GMT
expires: Thu, 05 May 2022 06:33:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056503243602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Wed, 05 May 2021 06:33:11 GMT

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 23 B
735 B 102ms
101ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=51257&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: 50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:11 GMT
Server: haproxy-go
Var: s:go601;cs:cp:cache_z_51257_neq_TR_*_*_*_*_*_*
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 23
Expires: -1

GET
H2 200 css
fonts.googleapis.com/ Frame 34D0 2 KB
627 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 May 2021 06:12:11 GMT
server: ESF
date: Wed, 05 May 2021 06:33:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 May 2021 06:33:11 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 34D0 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 06:29:31 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 34D0 0
0 89ms
89ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C--2FJzySYJiYFa-T9u8PqICeMKej0v5gnvml9JEJt92K0KMMEAEgupftHmDxhYCA0B-gAYuX-tIDyAEJqQL2nXYmdiu0PuACAKgDAcgDmwSqBPABT9DAsqpQ6gn4MmRVML5gN183rO0i9FAaU6lQpRV5oXj7sJ9S9r3KFAyK6cooy33ouokt14j-2hbiEaR4DlQn81lbS8oNETJF1Fw4x1yqrjhNu7mDMrjwDbIfnrf0mdnLlqMtu0_coQpOPhKo7qdJtxqBiQZ2FI16cjlCYcUcJUQpXek87WOOdaD1c1t2X3FXX3bVdU2qlEjSFLOY8YV1eIVneyF2FA6qdNfWnkVbBDG8wGDVGbDAG-GDeXIeldRDmAKUgi66Sia8473cjGPLVxSJESpZ2h76Sd8HGkK7NF_nWiKW5Wiiy4ojj_6dK8wwwASa_qzGuAHgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH3eiFLagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ9_sQ0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDyAsB2BMMiBQDshcaChgIABIUcHViLTU2MTA2NDkxNDY2NzQzMDY&sigh=uNZy98hChJY&template_id=494
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame 34D0 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite_fy2019.js

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 16788430792231894627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 06:31:33 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 34D0 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 06:32:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34D0 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Wed, 05 May 2021 06:33:11 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 34D0 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 06:29:08 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 34D0 0
0 14ms
13ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTS7mSxCVJdr1qiUEER6BxD8lqHVXxtfCXHts47FSFaQekZWOd3IMufAoSHyrONW2GIP0oZ
Requested by: Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 8ae5a72cfbd99e43f69fdf9d7c4a3504.js Show response
www.gstatic.com/mysidia/ Frame 34D0 25 KB
11 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ae5a72cfbd99e43f69fdf9d7c4a3504.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6976b567ff0c1b6de18e250b03f65237744b07900c8f6cecc2fdd9c52d71a52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 09:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 22:51:13 GMT
server: sffe
age: 248473
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10537
x-xss-protection: 0
expires: Sat, 31 Jul 2021 09:31:58 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 34D0 24 KB
24 KB 28ms
6ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQD-GW7J-N3MOXOLkJ5eFnbWhyNFDZ-p7JIE8YVm_Cp8Ne2qIKKY2fFiTXWWJc&usqp=CAI

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d9353c7dff604a9facde8b43b0cbd852d137d80ed20aad3a76291a26da50d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 06:04:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Jan 2021 10:07:28 GMT
server: sffe
age: 88140
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24578
x-xss-protection: 0
expires: Wed, 04 May 2022 06:04:11 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 34D0 30 KB
30 KB 28ms
6ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSQUrmB1p6ff79cx0Uz9Q1QUuYGJQSZbX7_rAyAQmzmZQcs1V84oLxGtdsZGg&usqp=CAI

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9734efdaee5ede1757edad925319f494ae76b01a625efc50b382b9428d10e92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 14:34:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 07 Feb 2021 10:44:07 GMT
server: sffe
age: 403140
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30360
x-xss-protection: 0
expires: Sat, 30 Apr 2022 14:34:11 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 34D0 26 KB
27 KB 34ms
13ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTrHX0WvXydlrAHEUcBUVeKxtWIU1zO4Rxp8QkZ2HFdsdRJgP8danEVg4-BT3Q&usqp=CAI

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfa28e9c96636d842d8028f2e76fafb6491d3e5d4a61a36418672f5842f406a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 12:02:40 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Aug 2018 19:07:02 GMT
server: sffe
age: 412231
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27023
x-xss-protection: 0
expires: Sat, 30 Apr 2022 12:02:40 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 34D0 25 KB
25 KB 27ms
6ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSswq9wHujJJp0IqYn6k2d1wZNNWwi8tiPg6c2H-rTAyRHmF3iV7lURvZxCfrQ&usqp=CAI

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c148a715cfa8bb4aa015f2b06947980cfe97e86eed59a5f95af0d566388569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:32:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 09:31:09 GMT
server: sffe
age: 75650
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25350
x-xss-protection: 0
expires: Wed, 04 May 2022 09:32:21 GMT

GET
H3-29

200

8062960507613485399
tpc.googlesyndication.com/simgad/ Frame 34D0
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDHqJbsLhCwCRisAjIIzZEq5ismn3w
https://tpc.googlesyndication.com/simgad/8062960507613485399

11 KB
11 KB

7ms
7ms

Image
image/png

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8062960507613485399

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bebc0981127f986ba607aef97f330089538711fccc5571a5eb5c3dc1bf1d420f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:01:38 GMT
x-content-type-options: nosniff
age: 387093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10838
x-xss-protection: 0
last-modified: Wed, 22 May 2019 08:20:19 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 19:01:38 GMT

Redirect headers

timing-allow-origin: *
date: Tue, 04 May 2021 08:00:54 GMT
x-content-type-options: nosniff
server: cafe
age: 81137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/8062960507613485399
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Jun 2021 08:00:54 GMT

GET
DATA 200
OK truncated
/ Frame 34D0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eda9846b69b757d57a66b57c171e1b1ee3e26071ccceaee503c9576c62fca9b0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 34D0 20 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 23:13:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
age: 112775
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Tue, 03 May 2022 23:13:36 GMT

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 2 KB
2 KB 99ms
99ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=46601&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: d8f3158538563e9d17b8f1e736a6bba0edc169188048863bdbb6eb71a01f02ad

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:12 GMT
Server: haproxy-go
Pbk: 473045-328615-46601
Var: s:go917;c:1;e:-9223372036;hc:0;r:>473045-328615-46601-0;cs:cp:cache_z_46601_*_*_*_*_*_*_*
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 1751
Expires: -1

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B98 0
20 B 28ms
28ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=987353445410907&bg=!aGulay_NAAYXzPaOF8w7ACkAdvg8WjXkp4wDUhk0C199C2EjDwY9tAxi38EtfYsJzrC36aXTz4b-uwIAAADOUgAAAAtoAQcKAGtpHuYiOYI-LV3NHzrn-V94AXgRdhkVL1lV0FSgUTH0M50Kk5I6P_dCY19fDsSjjDhYfPmbfkiBUw7muvT6i83Pn_u_3PDMEr_fCKx0R5KVNjmuqTkgqzBnkeY9D3Cx9uU7CYjyX946OM-Lz5kCYsZyNnI4GFlntwp4c_rid_UMhsXs172DX0PMJoB9eYIHO9xOqZlt7rfJGEE0HO-c6C-dxC5xcy9ddmlaWAH7n3cCgSlrkGXwGXshdt7QdNaClG7KdeuUcyMCOm-7c-cLKMW16Uew_L0UnGDSa_w0-aO1ITaNwuGI_POFfyo9_XI12bFNpB4Ej_0D1M663EZnNL3a47l9eNcxWDvdRWcRUSFfKLQ7nNBq592yfWtQ_QKo5ZRmkN2MmwfBVTpfVoSx6d4lJKIDcK47qNpwAYCDwvSElkMSl0tdhmMPK03Gv7rCQdJbjcj_QX219PM-z1Iysi2x1JdbMFcqo5E7SkwkLLnXnGnL32Z6R0-zxY1SlBvt0lE8rVOdcmJFSWRgfnuN6mTZFhi8ndIEn1LyxfzhdDkE84sDrFZkuH33gLjA8xqRK5IlQzAgiYv6LPRq2qBCv4C1S9-yJFsj3O4k6VyYQZRfc1BRzoiJvO6S_rovTwt4Sgs7CTW8VYGsBegzsVqcN67yYoRzbB5dAYGG2RoIEOy8xufQosoSTAtM0mHJ_Oe15WJFV_6kH1ODK0q5i7Al0i5yCZEuYu41wQ6mhNyDKGW6d7meWVpTk2P1WHcUFQyoD_8kD7B11MoMqRAZVXbfhu2hklb-mQJCcpBqex6fd-OoJGuFC7d90m7f1AhulfomykdUg3ex-UZxHEgfJGMkg2cTAyH6PWHkN6X6QkAMxqt51QKyH9Ug2bxwfQ2EEDFXHU3HckbfnLyuFQC_VTzNleq1rEH6tye0Ol6OaECm5aY2uxd8dTLHp-vDb7qKP1etuAc

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 75ms
74ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: run.admost.com
URL: http://run.admost.com/adx/get.ashx?z=46601&accptck=true

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

df9d84c4762e3b1606153ce8f027f554865f5421c7422b27b0121bfa793e4b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "862 / 382 of 1000 / last-modified: 1620166139"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21154
x-xss-protection: 0
expires: Wed, 05 May 2021 06:33:12 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=arsiv.mackolik.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 06:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=arsiv.mackolik.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 06:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 71 KB
18 KB 356ms
355ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=607888675540967&correlator=2793257358310458&output=ldjh&impl=fif&eid=31060789%2C31060842%2C31060853&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Cleft_sky_kule_banner_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600&cookie=ID%3D376eeb3c3e7d826a-2243001308c80002%3AT%3D1620196391%3AS%3DALNI_MbYHHRUgqk54IBykKT1R1mo2HSRlA&bc=23&abxe=1&lmt=1620196380&dt=1620196392112&dlt=1620196389130&idt=2109&frm=20&biw=1600&bih=1200&oid=3&adxs=150&adys=0&adks=267919333&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=1600x1979&msz=120x-1&ga_vid=1793803758.1620196391&ga_sid=1620196391&ga_hid=1844960825&ga_fc=false&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

13b739979ec0e1fac2c53b5a86c48b42308f457225c96e842246bd1f011877e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18770
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://arsiv.mackolik.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 541ms
540ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=607888675540967&correlator=2793257358310458&output=ldjh&impl=fif&eid=31060789%2C31060842%2C31060853&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Cright_sky_kule_banner_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600&cookie=ID%3D376eeb3c3e7d826a-2243001308c80002%3AT%3D1620196391%3AS%3DALNI_MbYHHRUgqk54IBykKT1R1mo2HSRlA&bc=23&abxe=1&lmt=1620196380&dt=1620196392114&dlt=1620196389130&idt=2109&frm=20&biw=1600&bih=1200&oid=3&adxs=1290&adys=0&adks=1264633616&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=1600x1979&msz=120x-1&ga_vid=1793803758.1620196391&ga_sid=1620196391&ga_hid=1844960825&ga_fc=false&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

f488d6066d50bfe347630a80172d48288fa60b2cefe99936c54603f09b60ad2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4315
x-xss-protection: 0
google-lineitem-id: 5592962289
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138337228196
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://arsiv.mackolik.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK footer.png
im.cdn.md/img5/ 47 KB
47 KB 138ms
138ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/footer.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: 574f4a4a3338f3d2972c605bdccef07a223aa0bee14fdec68a8f7a4a41254273

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:12 GMT
ETag: "d3da7f33e75cd1:0"
Last-Modified: Wed, 08 Aug 2012 08:22:29 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47965

GET
H3-29 200 container.html Show response
91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AC4F 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://arsiv.mackolik.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 05 May 2021 06:33:11 GMT
expires: Thu, 05 May 2022 06:33:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dimml.js Show response
cdn.dimml.io/ 18 KB
7 KB 21ms
7ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.dimml.io/dimml.js
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: baa9495d62f57a51e558c8eed6ee3c00f83b86a6cc22773fb540a151515f2372

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-NZT: AcO1ry8Q5ibviQIBAA==
Date: Wed, 05 May 2021 06:33:12 GMT
Content-Encoding: gzip
ETag: W/"89b16e35ecc3"
Server: CDN77-Turbo
X-77-NZT-Ray: 6bbdrOEeIi8=
Transfer-Encoding: chunked
X-77-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
X-Cache: HIT
Connection: keep-alive
X-Age: 66185
X-77-POP: frankfurtDE
Expires: Wed, 5 May 2021 12:10:07 GMT

GET
H2 200 hotjar-314584.js Show response
static.hotjar.com/c/ 3 KB
2 KB 254ms
100ms Script
application/javascript 13.224.111.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-314584.js?sv=6

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.111.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-111-44.mad50.r.cloudfront.net

Software

Resource Hash

8c436eec795b1183584e101ace45481f6ca62b0d96a19e6f0ad65cf4e49105ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:32:30 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 42
etag: W/41b78951042e627624c0c5bc69ae0ba3
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: MAD50-C1
content-length: 1515
via: 1.1 e39311b8bbf120eef85be5222b7fadac.cloudfront.net (CloudFront)
x-amz-cf-id: C5wa_YB9SQvBe76RCjwOZoNPHpmjyx0LL49IvALqAezIoCuW6Z5VHA==

GET
H/1.1 200
OK get.ashx Show response
run.admost.com/adx/ 23 B
710 B 98ms
97ms Script
text/html 195.244.38.50
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run.admost.com/adx/get.ashx?z=52231&accptck=true
Requested by: Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.4567268019219035
Protocol: HTTP/1.1
Server: 195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: haproxy-go /
Resource Hash: 34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer: http://arsiv.mackolik.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:12 GMT
Server: haproxy-go
Var: s:go917;c:1;e:52;hc:5
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, max-age=0, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 23
Expires: -1

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DC5E 624 B
474 B 19ms
17ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNVqPcCy6Hz7sPEDNSD8KJ3FMBpD11ouBpzgyW1CinrWmOSdAa4Fd29LGtpGJJCVCqC5A5b9dWcP5kg4BB11DCaCYqPdOM0bx6mt-kHZ7TDGyLtq8Uk9PxBCxdGk4Xbi-4K7woR2Uwc-E3N-96wVDbTfOgfwfZb7P_hv3KC0nLLZsTr-VgQrtdEq0-6hrOYK7GmTBZrIzp1_YZCAoi3NM5C_jGvIALNVscXtq9cJd_EZu9tLyio

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNVqPcCy6Hz7sPEDNSD8KJ3FMBpD11ouBpzgyW1CinrWmOSdAa4Fd29LGtpGJJCVCqC5A5b9dWcP5kg4BB11DCaCYqPdOM0bx6mt-kHZ7TDGyLtq8Uk9PxBCxdGk4Xbi-4K7woR2Uwc-E3N-96wVDbTfOgfwfZb7P_hv3KC0nLLZsTr-VgQrtdEq0-6hrOYK7GmTBZrIzp1_YZCAoi3NM5C_jGvIALNVscXtq9cJd_EZu9tLyio
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlLyoR6ybCnuEufOI3zELj5WAoJfRsfCmvYCCv130VSC8SP9j1oS7D1Mid9dNo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 05 May 2021 06:33:12 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 May 2021 06:33:12 GMT

GET
H3-29 200 get_page_signal_url_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/elements/html/ Frame AC4F 4 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/elements/html/get_page_signal_url_fy2019.js

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

858361d285ad5b0369469afc26ff28e975019a3b3a25ad4748e95178eae88192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2074
x-xss-protection: 0
server: cafe
etag: 10027585619949027602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 06:10:30 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame AC4F 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 06:32:08 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC4F 116 KB
35 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Wed, 05 May 2021 06:33:12 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame AC4F 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 06:29:08 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC4F 42 B
63 B 27ms
26ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtXvKUImXmsyZoWiImY6M4mwKif5HfdlP_zER2zxHUYcWSGISR_nliSkdDa7uxgVFOrhv0JYv9tQylpFcJeSltHU_pss_mlB06yu9JNZxpQZBnViA

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AC4F 24 KB
12 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AU1C4kki81cb8z6J9_ughHv6PoIx_KMyfMdYTenRS8aL0o-y3V-xhd3DSdIAB8W1umjWr1tcKXTdQpvIrcSXvGLYNhFTJECyLP1XwOaW1PxI66DCVpUn0bipu0LpX9rwIqFmeCDppRutuYBCzwCh1enuB2Aw&cry=1&dbm_d=AKAmf-AAyM7zF8yOL_319f8jsTEjQPORGH-hcCPCuAFb2YHH9whj2FAzUQU46MCkOCyLX3L9z4e8f9na4kmmwbVSTgjJ49BQD32eOtDHWXdjLNnT1sj6jTNkqwY5NM9Qb4VkjUtX-5FqI681yhFi_aZ51ii4S4qkZ9VSoSXloKem_vOrC2AgxbKFhN2x7jMdbbRr9QHz0HgyyZiHJ300pGLHG0MMl9SC_gczfwPZvQ_kRSxuXK42ZwjfA6hWB1-f7w-zY1PCD9UBAB1zk0PM7JrdbsJK35q2hVmfoPEs6cbCgBSKJIgh46lp51oDkN9wFKgJKRxibZOetdOo8w6Tra1fXh0e5BI8PfAJvys1uB5f2ZCEwcIvbbeFkc8LXSH97GU3mp8flSygVesyBNeSMbelgnllmqjgmc8FQ5Fk41vNoKCwP4aV6eu7NmkTGmF5S0Vv1XaDZpC34J_a6--ncKJVnUqOORmRUIobD9bdDEALZSJlSYFXLTKV3_1eH8lm6annhIhv7YFGHfstAziANOaykj7TuwOLuu7Kx5dP7lKBnceOdltluJ36iuXLAhfyMYxBbrBClQG5cW0ZPIMXQD6MukG0JK5QMZwMIht6WJb1jjVwxfK3VTn_7BkV-b6HW2Mgq31Lpx12W3wE_PAPDrM-keecFGLXPSgS4ViX14fGyjvwIFpqoiGE3kNdhHsJ-IsoW6spZNDXcaCBMDs1bczmMKUOt9wTY9jHixjsp29Ivj3Fm5Hw4oCrVt9IpH0gTcLl6nlAeFiOiAuiwU6_Q9GZVZ9AYvRr0Iqo2QAlwovnNynyR87zjvu7wngHgL44omVuEGp3ECUNBFciTigN43BuL9oTy9QSTrEoiOwBy8771-ufr8NDFaxXyTSKLhwnnxb43tMdizU_tDKqVnxpzYxomSeV7-NbanNKarc35pfNjmsX-nPzsNTvnVAqP9jGHWTLNX09zd2mezZ30VqRSINOGyUrrw0uqq7aMm9loKpUfEcZOS_9jsuhslCaX1oCxWOL9rC4o5vF7A4STNkIr43HrNh2vz5fBpuYwFxpb2NYrhMAvXwOUV6Kz42FLjcdFVxaOw3VCfwwWzoxp10HXnm8-YhVrzsoRu9Q6Ppfsw6JvwuwNNUulfPEArIAHZg5aw30pAZRwarTjUMzlAngR14oA8-FhLWu_4B6lMxCI7I83IIN6k97EYDRAmp4nG2M75ZpWvWWnfUM0Fw1xGUg6fXOVGw8TA8ZburVG9LzV1ZQDw8QHkeJf9SsZJc5K2aYrmWb1s8B9IG60KoXeopAKjMhbC-vlUkcvywSnAAUy7M-XOYkWlbF4ajyfc_F21EQaBeEnVhi-tfFbB8Iz9xgi9ytgC-ee1-DXLbFNO59PyOXyHh_NVRXg0gVZNp9AT0GJT6Mt3tdYs3cuyMlDNi2mBIwthfHrdXAC0wudiCnhuvO3ulKlmait63Dw6SfTmo1y7YnAukV8wFEhSAl5oUVwQ1sNTGh9AYYy_AnEFnLWA9x8iK2MpNj3HgLh7P6P2MpkAlPi3ciOHKFAxLi1i45IwHtXjfPXGYX3cSsHSvqllSRpnqeY9LEaHr-33hMjm5JHiHaiJXkg1lHPnU7ojmFtY_VuJn_czESHjs2QexM78GwWC_fO_0gJg-4Zqd_OJJ-Mh8ey94TXrmlNLJS-gFXFlaUekhnxzIrfWZey9Tw1r-Jxl_4ZsW_4X3nVEAhfjZ2NxZcQrn6LqHzzmttJ2M8I20V0h0yJkdmICjnWUb6_r3OoH8eNi3tV0ys5Adq84JagFHweAo_jT2IhLpYhLuoFrvBDVwhUoS7X9fMt_FqPYNXEesHUadcPHA3vtm8oscffUfbU42162LliZXMQvdv9YtUnDQp-oOnT8CleV-UfwkpUdnQKd2xXh0CLRLjx-YibzcQ8Zfez0ztY_3hrS9qc6ZQJwHriTFiAu_tNS1nNEBpARDcNhhVzyPdcgi1yiXKghQNVFgu1oS3wm_lNJ-PzIh2HKBxzmAf6oahJ9Ambt8S4-MQwSgMrWhX5QhbvPskT5np18tsADY9JRIYazCRRqeYLePWLwf1TpZnxyz2ryVdKeUZB8zsNw5jCoRiKGU7zFYvnZQTW0KV712ON_mnFWQGyWkVVAZEw535se9jhLz_QTFf6oCzLCFJkcLWjpMHBFeFLqItg6Gq6e2n0C1gMLU1yN3ECywdZ0fq7KEVnonRysUDdn_3K6t68GHUj6JxRyFlLSQ_fekwFt1_JqSRzaw_cR75s9-TXqgPfJh4wAXH8Yg3aFiIeqqF2X3iPeaARLpLEvJ3PyF2r9pZK6kd9Bh7je0lzVmVRFK6ggPEfCMJf4mdn6IDS4v_4y3CXVqJqNK-wJPnRAGCV3RVL0smCPjFEkxGTYPua4XdJZ7eNTHwL4dGRkLLMxHvEdv4HpRqmwTN22paT8SgNjXvB8i8sP_KggTrOvlyd_ddhBjaT0_L6we4CRkId7Ttkoj6XHiZ3DJhQkRs5NCQSZXMv7avXE2c6JZBehg4EfWhqVsQxA97RX9JQLfligfl_hsaWW_Xzg_4N-EAnTULWghaAsEbdOJUCjRhOJZhGadh3BzzbvdRe-0N_Ny_jitj2-jLpTOnLA2LZzej1IPa6H5tFBhgyfvVmw1IngbMqcZMLU9D24pgeIFzWUTZdkXP-ZQquZjhnJcxqMChXyw6t2TWPFtn02298zvygUd5wJD5124rzFrewXjd6doc69gzeUbh44G-qgZlKn4OSGsc6irKRx1F00JslksBepto1BnxuLOAkgi-5xzTH-MHegW9L1cfuS5ofWu2W9pWbnl338NEjVEymwatcCpv-TlT70wVrWqCddUyRuAY-BIpEiKUqLQL-N2vdJ69i7LPUcNnvsGTAc52etIC2xHUOa7XX2DCrxrU4MCzuNanoyVxrcCLyldSFWhNco0gTSsd0kQjqEKWpNEOhJ6Q1blYC5X8Xae4-kirAWNnKIjY4xyWEjNKswjPli9W2b83gfMwnrm9CsOHdCNeTDZ-IE3Y2rLStYix8CkdT-yWZ2p2AmHAHAfPByn16zCZcSJ4vVS0xGAYwGFbUKRECynVT2FuPjBoLaqa9tBKb96Rx1kLMSGxc1_AdPbufJMzbNLK0_Gbc1VdVeU8CrB5iLR5hK6e55JDxiqmZQFHjJAd3RAVyPA7o4X2uJ17J48qOaCG3KPX74lWvMDLuVFZF11EkJ5qF67I_H34rA1GY5NrbXsaZNoP478d8mCAIIkS_rT6vklN_Tf_fy_rRzgexEn5R5BoAjK2egaM_0x3bjxviEprj-Fh24e2Es78UDNCsLNbYf5mCoHFw2PiCBXMiQ6i9IgcFep39wxIIf7PFaLtOD97wNezMww&cid=CAASPeRoOZisRp2G7qopRSeZqK18K6y9gGAUeb4jy4buRIsSNZESeMoggLtfKJnG6IjHMr-uv3fkLxS5wilIREY&rfl=1%2Chttp%253A%252F%252Farsiv.mackolik.com%252F%240

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

417174f84ccf7dbe35df5ee525f9167ee63053452c785e4a0751f5cd314db2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12196
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC4F 0
20 B 26ms
26ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=75&version=r20210429&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/elements/html/get_page_signal_url_fy2019.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK eb580be1a62d586912203fcb6fddc20712ea77b0.js Show response
cdn.dimml.io/static/ 611 B
817 B 6ms
6ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.dimml.io/static/eb580be1a62d586912203fcb6fddc20712ea77b0.js
Requested by: Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol: HTTP/1.1
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e3a18f24b2e9053869d6fb6745303dd7289043df0a84c92c1c71aee1e27f57d5

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-POP: frankfurtDE
Date: Wed, 05 May 2021 06:33:12 GMT
Content-Encoding: gzip
X-DimML-Version: 2.2 vH8ffFv9
X-77-NZT-Ray: qcofIW52gME=
Transfer-Encoding: chunked
X-77-Cache: HIT
X-Cache: HIT
Connection: keep-alive
X-77-NZT: AcO1ry+9qkHvDAAAAA==
Server: CDN77-Turbo
ETag: W/"ed29949a5ef8"
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=60
X-Age: 12
Expires: Wed, 5 May 2021 06:34:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DC5E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0M_Ce0D1YDP3TyG7RFRX8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0M_Ce0D1YDP3TyG7RFRX8&google_cver=1&C=1

43 B
1013 B

106ms
83ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0M_Ce0D1YDP3TyG7RFRX8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNVqPcCy6Hz7sPEDNSD8KJ3FMBpD11ouBpzgyW1CinrWmOSdAa4Fd29LGtpGJJCVCqC5A5b9dWcP5kg4BB11DCaCYqPdOM0bx6mt-kHZ7TDGyLtq8Uk9PxBCxdGk4Xbi-4K7woR2Uwc-E3N-96wVDbTfOgfwfZb7P_hv3KC0nLLZsTr-VgQrtdEq0-6hrOYK7GmTBZrIzp1_YZCAoi3NM5C_jGvIALNVscXtq9cJd_EZu9tLyio
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 05 May 2021 06:33:12 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0M_Ce0D1YDP3TyG7RFRX8&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 05 May 2021 06:33:12 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DC5E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJI8KPo46q.3X.vsSmEocQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0M_Ce0D1YDP3TyG7RFRX8&google_cver=1&google_hm=2

43 B
893 B

67ms
67ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0M_Ce0D1YDP3TyG7RFRX8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNVqPcCy6Hz7sPEDNSD8KJ3FMBpD11ouBpzgyW1CinrWmOSdAa4Fd29LGtpGJJCVCqC5A5b9dWcP5kg4BB11DCaCYqPdOM0bx6mt-kHZ7TDGyLtq8Uk9PxBCxdGk4Xbi-4K7woR2Uwc-E3N-96wVDbTfOgfwfZb7P_hv3KC0nLLZsTr-VgQrtdEq0-6hrOYK7GmTBZrIzp1_YZCAoi3NM5C_jGvIALNVscXtq9cJd_EZu9tLyio
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 05 May 2021 06:33:12 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0M_Ce0D1YDP3TyG7RFRX8&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DC5E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENCJjH2qsfHtGtkx80FxxFM&google_cver=1

43 B
1 KB

87ms
57ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENCJjH2qsfHtGtkx80FxxFM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNVqPcCy6Hz7sPEDNSD8KJ3FMBpD11ouBpzgyW1CinrWmOSdAa4Fd29LGtpGJJCVCqC5A5b9dWcP5kg4BB11DCaCYqPdOM0bx6mt-kHZ7TDGyLtq8Uk9PxBCxdGk4Xbi-4K7woR2Uwc-E3N-96wVDbTfOgfwfZb7P_hv3KC0nLLZsTr-VgQrtdEq0-6hrOYK7GmTBZrIzp1_YZCAoi3NM5C_jGvIALNVscXtq9cJd_EZu9tLyio

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:12 GMT
X-Proxy-Origin: 195.181.166.68; 195.181.166.68; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.48:80
AN-X-Request-Uuid: d15578e8-d540-4fe7-b1d7-e0807e0cb05b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENCJjH2qsfHtGtkx80FxxFM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DC5E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc3OTc1NjE2MDE4OTQ4NTYzNg%3D%3D

170 B
188 B

139ms
72ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc3OTc1NjE2MDE4OTQ4NTYzNg%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:12 GMT
X-Proxy-Origin: 195.181.166.68; 195.181.166.68; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.247:80
AN-X-Request-Uuid: 3dd09858-aff1-4ce2-a379-f50c31021a2f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc3OTc1NjE2MDE4OTQ4NTYzNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 4d984be9c3958ae34c902ccc8164863b1d4b6019.js Show response
cdn.dimml.io/static/ 2 KB
1 KB 6ms
6ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.dimml.io/static/4d984be9c3958ae34c902ccc8164863b1d4b6019.js
Requested by: Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol: HTTP/1.1
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 709edf07ebabeb5d4a2e3a0e7ac5fc920b86e8c8bfc27d5440f7b760b292953e

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-POP: frankfurtDE
Date: Wed, 05 May 2021 06:33:12 GMT
Content-Encoding: gzip
X-DimML-Version: 2.2 vH8ffFv9
X-77-NZT-Ray: 3soWbEqlEYg=
Transfer-Encoding: chunked
X-77-Cache: HIT
X-Cache: HIT
Connection: keep-alive
X-77-NZT: AcO1ry+HxgPvBQUAAA==
Server: CDN77-Turbo
ETag: W/"d33a15f8e33f"
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=1800
X-Age: 1285
Expires: Wed, 5 May 2021 06:41:47 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame AC4F 22 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AU1C4kki81cb8z6J9_ughHv6PoIx_KMyfMdYTenRS8aL0o-y3V-xhd3DSdIAB8W1umjWr1tcKXTdQpvIrcSXvGLYNhFTJECyLP1XwOaW1PxI66DCVpUn0bipu0LpX9rwIqFmeCDppRutuYBCzwCh1enuB2Aw&cry=1&dbm_d=AKAmf-AAyM7zF8yOL_319f8jsTEjQPORGH-hcCPCuAFb2YHH9whj2FAzUQU46MCkOCyLX3L9z4e8f9na4kmmwbVSTgjJ49BQD32eOtDHWXdjLNnT1sj6jTNkqwY5NM9Qb4VkjUtX-5FqI681yhFi_aZ51ii4S4qkZ9VSoSXloKem_vOrC2AgxbKFhN2x7jMdbbRr9QHz0HgyyZiHJ300pGLHG0MMl9SC_gczfwPZvQ_kRSxuXK42ZwjfA6hWB1-f7w-zY1PCD9UBAB1zk0PM7JrdbsJK35q2hVmfoPEs6cbCgBSKJIgh46lp51oDkN9wFKgJKRxibZOetdOo8w6Tra1fXh0e5BI8PfAJvys1uB5f2ZCEwcIvbbeFkc8LXSH97GU3mp8flSygVesyBNeSMbelgnllmqjgmc8FQ5Fk41vNoKCwP4aV6eu7NmkTGmF5S0Vv1XaDZpC34J_a6--ncKJVnUqOORmRUIobD9bdDEALZSJlSYFXLTKV3_1eH8lm6annhIhv7YFGHfstAziANOaykj7TuwOLuu7Kx5dP7lKBnceOdltluJ36iuXLAhfyMYxBbrBClQG5cW0ZPIMXQD6MukG0JK5QMZwMIht6WJb1jjVwxfK3VTn_7BkV-b6HW2Mgq31Lpx12W3wE_PAPDrM-keecFGLXPSgS4ViX14fGyjvwIFpqoiGE3kNdhHsJ-IsoW6spZNDXcaCBMDs1bczmMKUOt9wTY9jHixjsp29Ivj3Fm5Hw4oCrVt9IpH0gTcLl6nlAeFiOiAuiwU6_Q9GZVZ9AYvRr0Iqo2QAlwovnNynyR87zjvu7wngHgL44omVuEGp3ECUNBFciTigN43BuL9oTy9QSTrEoiOwBy8771-ufr8NDFaxXyTSKLhwnnxb43tMdizU_tDKqVnxpzYxomSeV7-NbanNKarc35pfNjmsX-nPzsNTvnVAqP9jGHWTLNX09zd2mezZ30VqRSINOGyUrrw0uqq7aMm9loKpUfEcZOS_9jsuhslCaX1oCxWOL9rC4o5vF7A4STNkIr43HrNh2vz5fBpuYwFxpb2NYrhMAvXwOUV6Kz42FLjcdFVxaOw3VCfwwWzoxp10HXnm8-YhVrzsoRu9Q6Ppfsw6JvwuwNNUulfPEArIAHZg5aw30pAZRwarTjUMzlAngR14oA8-FhLWu_4B6lMxCI7I83IIN6k97EYDRAmp4nG2M75ZpWvWWnfUM0Fw1xGUg6fXOVGw8TA8ZburVG9LzV1ZQDw8QHkeJf9SsZJc5K2aYrmWb1s8B9IG60KoXeopAKjMhbC-vlUkcvywSnAAUy7M-XOYkWlbF4ajyfc_F21EQaBeEnVhi-tfFbB8Iz9xgi9ytgC-ee1-DXLbFNO59PyOXyHh_NVRXg0gVZNp9AT0GJT6Mt3tdYs3cuyMlDNi2mBIwthfHrdXAC0wudiCnhuvO3ulKlmait63Dw6SfTmo1y7YnAukV8wFEhSAl5oUVwQ1sNTGh9AYYy_AnEFnLWA9x8iK2MpNj3HgLh7P6P2MpkAlPi3ciOHKFAxLi1i45IwHtXjfPXGYX3cSsHSvqllSRpnqeY9LEaHr-33hMjm5JHiHaiJXkg1lHPnU7ojmFtY_VuJn_czESHjs2QexM78GwWC_fO_0gJg-4Zqd_OJJ-Mh8ey94TXrmlNLJS-gFXFlaUekhnxzIrfWZey9Tw1r-Jxl_4ZsW_4X3nVEAhfjZ2NxZcQrn6LqHzzmttJ2M8I20V0h0yJkdmICjnWUb6_r3OoH8eNi3tV0ys5Adq84JagFHweAo_jT2IhLpYhLuoFrvBDVwhUoS7X9fMt_FqPYNXEesHUadcPHA3vtm8oscffUfbU42162LliZXMQvdv9YtUnDQp-oOnT8CleV-UfwkpUdnQKd2xXh0CLRLjx-YibzcQ8Zfez0ztY_3hrS9qc6ZQJwHriTFiAu_tNS1nNEBpARDcNhhVzyPdcgi1yiXKghQNVFgu1oS3wm_lNJ-PzIh2HKBxzmAf6oahJ9Ambt8S4-MQwSgMrWhX5QhbvPskT5np18tsADY9JRIYazCRRqeYLePWLwf1TpZnxyz2ryVdKeUZB8zsNw5jCoRiKGU7zFYvnZQTW0KV712ON_mnFWQGyWkVVAZEw535se9jhLz_QTFf6oCzLCFJkcLWjpMHBFeFLqItg6Gq6e2n0C1gMLU1yN3ECywdZ0fq7KEVnonRysUDdn_3K6t68GHUj6JxRyFlLSQ_fekwFt1_JqSRzaw_cR75s9-TXqgPfJh4wAXH8Yg3aFiIeqqF2X3iPeaARLpLEvJ3PyF2r9pZK6kd9Bh7je0lzVmVRFK6ggPEfCMJf4mdn6IDS4v_4y3CXVqJqNK-wJPnRAGCV3RVL0smCPjFEkxGTYPua4XdJZ7eNTHwL4dGRkLLMxHvEdv4HpRqmwTN22paT8SgNjXvB8i8sP_KggTrOvlyd_ddhBjaT0_L6we4CRkId7Ttkoj6XHiZ3DJhQkRs5NCQSZXMv7avXE2c6JZBehg4EfWhqVsQxA97RX9JQLfligfl_hsaWW_Xzg_4N-EAnTULWghaAsEbdOJUCjRhOJZhGadh3BzzbvdRe-0N_Ny_jitj2-jLpTOnLA2LZzej1IPa6H5tFBhgyfvVmw1IngbMqcZMLU9D24pgeIFzWUTZdkXP-ZQquZjhnJcxqMChXyw6t2TWPFtn02298zvygUd5wJD5124rzFrewXjd6doc69gzeUbh44G-qgZlKn4OSGsc6irKRx1F00JslksBepto1BnxuLOAkgi-5xzTH-MHegW9L1cfuS5ofWu2W9pWbnl338NEjVEymwatcCpv-TlT70wVrWqCddUyRuAY-BIpEiKUqLQL-N2vdJ69i7LPUcNnvsGTAc52etIC2xHUOa7XX2DCrxrU4MCzuNanoyVxrcCLyldSFWhNco0gTSsd0kQjqEKWpNEOhJ6Q1blYC5X8Xae4-kirAWNnKIjY4xyWEjNKswjPli9W2b83gfMwnrm9CsOHdCNeTDZ-IE3Y2rLStYix8CkdT-yWZ2p2AmHAHAfPByn16zCZcSJ4vVS0xGAYwGFbUKRECynVT2FuPjBoLaqa9tBKb96Rx1kLMSGxc1_AdPbufJMzbNLK0_Gbc1VdVeU8CrB5iLR5hK6e55JDxiqmZQFHjJAd3RAVyPA7o4X2uJ17J48qOaCG3KPX74lWvMDLuVFZF11EkJ5qF67I_H34rA1GY5NrbXsaZNoP478d8mCAIIkS_rT6vklN_Tf_fy_rRzgexEn5R5BoAjK2egaM_0x3bjxviEprj-Fh24e2Es78UDNCsLNbYf5mCoHFw2PiCBXMiQ6i9IgcFep39wxIIf7PFaLtOD97wNezMww&cid=CAASPeRoOZisRp2G7qopRSeZqK18K6y9gGAUeb4jy4buRIsSNZESeMoggLtfKJnG6IjHMr-uv3fkLxS5wilIREY&rfl=1%2Chttp%253A%252F%252Farsiv.mackolik.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09f0fa32fa39db3e3da2eea89bf806be0b147366343a0934e30f164a12431b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 12149544148951276823
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 06:29:49 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AC4F 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148717
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 13:14:35 GMT

GET
H/1.1 200
OK kpiwv0qvkluh Show response
hal9000.redintelligence.net/zone/ Frame AC4F 11 KB
4 KB 187ms
62ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/kpiwv0qvkluh?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2RYqJzySYJHjL73f7_UPofu6qAOBiOHUYIvY5umWCvAuEAEgupftHmDxhYCA0B_IAQmpAvaddiZ2K7Q-qAMBqgTXAU_QTXStxQBNP5dqewmsfDMdbpFss4B0lflWdCZWZJOkbcxCeAckqxWujge1wtmZwBgj6IzrzTTOUkOmMzyXmqKK5GRU6h6oOnVeCMCCidAQ5b-vO8XX47G2aYqdvvN_uNJx1uDsnwOQRKQW5kz-pmjzv87rrSTojodK-OFraw0EpYNkHK5uHfIu6O5erJKfWO5CLGtBmzqOjod9vM9ApenOedsA7fq7PgM7_4bq10IdqCh7-JhjX87ihqBl1zh51HR0SwvjwaEEt9ifBiVtQEAZj3nzh2nqwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NoAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoOZisRp2G7qopRSeZqK18K6y9gGAUeb4jy4buRIsSNZESeMoggLtfKJnG6IjHMr-uv3fkLxS5wilIREY%26sig%3DAOD64_1jbiyX5onJ6B1jIzqmtY5z5SzNJA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-C0tsErAKNAVqGauI0lsfXzb7EUv2uhypze3lCk7lht63tiCitkxmQ6Bafnto8cqPQhJavJltxvudkZ1a79D-iOgE0XfE256NxDD3IASW-BExzU-OSbUmtfbDqzAzoDCtTp8JQkxRc0R3xmIyMNn0aeWJGkdA%26cry%3D1%26dbm_d%3DAKAmf-CD4nIcLe0axg7y6A40bLUBkXWwnVIb-RLSKOwBb9qxp_8FbCJ8p65Qx-6C1inlMr6GQCyA_oa0MdX1ifNSXelY5YA-PnzR2IsPXKhWoYIIaKPaClR1kcfDVuzzzrS4ZNZkL7H8JLQuiYbsYHAGeARgdCbm2bCBqSPzYMVH4ElxjYDZWTGGW0ivmS6w5igFZUhqs9icfSArXrjfqsmrSysONTiZq1si2pIqsrBCchqSJSw5UAoSb3cA8PlqdFCY5GP7QHiGWMlprHL115AErMCzMC3Gwdj5geT1PB5mMpEPSlqk1bF8BGyuHe--HdOBSaT2Z4b0c4lgHxybK1C3siCG-VjpkkvaXIPielrWIk3x_lJcalu0uG7zmQN-AH9X6kE2QXwkExCeiTCgD3Ry0zWKkv8s4QrJVrlm4LYJNUPApfW548ybWl3wn3-XbYS15aVkWldEZTbfNbofmRjdIPXJQwj-mw%26adurl%3D
Requested by: Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1aa5cf8f3e2c48af812db6dc3b35e9dc6d90e39f0008f5c3c2c83f4aca1e469c

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:12 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3946
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 083F 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 04 May 2021 08:59:18 GMT
expires: Wed, 04 May 2022 08:59:18 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 77634
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 083F 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 23:42:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 24660
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 23:42:12 GMT

GET
H3-29 200 rup.js Show response
cdn.eksiup.com/api/native/ 8 KB
4 KB 46ms
46ms Script
application/javascript 2606:4700:3033::ac43:9ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eksiup.com/api/native/rup.js?column=1&_=1620196392237
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e819dba55e363c3ff35efb9ae33c236175dc6f5ae7ee1bd7625a90fa69c620f

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:12 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09dcd4153000001786cdbb0000000001
last-modified: Fri, 25 Dec 2020 07:20:54 GMT
server: cloudflare
etag: W/"5fe592d6-213f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F1bbrpdPw9yCgF8XQ8SxPteUKhM0dx9hOkdvV55EnT7%2BBVxYDqerL%2BsuMo0TzEXiEw0vF7fPTJe1RxF2LKFmvFQpJ%2FSNJfwzs9ROeuBdJ55Q8QyETHN0A00fuA%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 64a7ef9b7a501786-FRA
expires: Wed, 12 May 2021 06:33:12 GMT

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame EE34 319 KB
103 KB 24ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Farsiv.mackolik.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 554957
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 05 May 2021 06:33:12 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674C)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H/1.1 200
OK slider-left.png
im.cdn.md/img5/ 1 KB
1 KB 138ms
137ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/slider-left.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: ddc21f2e288de35020ce7562ae82a1f3f1716996ccd3c52747b4fda5f2136631

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:12 GMT
ETag: "4b99b03619b1cd1:0"
Last-Modified: Tue, 23 Oct 2012 12:23:31 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1071

GET
H/1.1 200
OK slider-right.png
im.cdn.md/img5/ 1 KB
1 KB 136ms
136ms Image
image/png 147.135.15.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://im.cdn.md/img5/slider-right.png
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 147.135.15.116 , United States, ASN16276 (OVH, FR),
Reverse DNS: us-s5.cubecdn.net
Software: CCAcc (1.0.1/us-s3) / ASP.NET
Resource Hash: f9cc986ad446124bd63a173147db95b5736f89ce93d212db264049dad917211d

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:12 GMT
ETag: "6be7b03619b1cd1:0"
Last-Modified: Tue, 23 Oct 2012 12:23:31 GMT
Server: CCAcc (1.0.1/us-s3)
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1070

GET
H/1.1 200
OK 4d984be9c3958ae34c902ccc8164863b1d4b6019.js Show response
baltar.dimml.io/flow/3oo6/ 0
282 B 178ms
108ms Script
application/javascript 54.229.148.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://baltar.dimml.io/flow/3oo6/4d984be9c3958ae34c902ccc8164863b1d4b6019.js?clientId=2&dom=arsiv.mackolik.com&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&gemius_sent_once=1
Requested by: Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol: HTTP/1.1
Server: 54.229.148.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-148-178.eu-west-1.compute.amazonaws.com
Software: dimml-2.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 5 May 2021 06:33:11 GMT
X-DimML-Version: 2.2 vH8ffFv9
Server: dimml-2.2
Vary: *
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame EE34 183 B
419 B 267ms
163ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9c8c351ff424429c1dfe12c5d106ef6324f254c8

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Farsiv.mackolik.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:11 GMT
content-encoding: gzip
last-modified: Wed, 05 May 2021 06:33:12 GMT
server: tsa_devel
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 2f49dc4bf2c86a1428dcf4dd562c8caf803e66007da8bec5ad8aa358bb0e1870
content-length: 152

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 083F 0
20 B 29ms
28ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BC2V6KDySYOOiCoGs3wPj97ugAwAAAAA4AeAEAg&bg=!8POl87fNAAYXzPaOF8w7ACkAdvg8WlgY7S2O_Ahutkip1ssWVwCMsFTEMXyWymyba_FS500tuvjXnwIAAABzUgAAAAhoAQcKAIV0MeOdAMO98-H3CMPeTO69s29w9rAYlnHWX2LJcKGeCOEsxSmot-Aj5hnCCa8IrLEML8sz0DqhRiVN2CeZzquldR9rAXEYqCF0FF1ykxxE0iO3qT1-8WqOCWvDqp-nqOZ21N7cl4niwZOMOFWGGUhxwjxoje8fC3sXyx7K1dEGVtdc1v29mQKgXAtHHBH5sRxIZxMwCY2fB1uvztdfIvJyJnYCEYYQantDUME70-Ho4_ZbVezwIfm14JG7Ijrv0WOHY1kCOGVjRsu1Kdj2xDZTwEwSpu9n-4889MvUFHW-ZQtzoHT_035xWrXiVGXMO6-rqTW1IbjaPQc7IYxtxU454vdoffRuyE-0XlhceWA6hlwYvDtBtUcYJZqbwlttH9xgKOhT_IAB-s3nxDTTO_FLbUeFKn3ZuVJQyf1rCAks_vg6IaeJuAwBff3N7AYR5-kyZG5aaQrtYPLV_58Dzs9Ceu0UYog6oBgYijPIZu-Lx5esM47sJjSfVqHPI6vFDWKJ79bJfN61Ld9VnACDRTW4ljlmuMdLxz0hyZcBhl8P49w0SECLbLX2DoNioK_BrkEliXRIW_c1uecP2BhOlC-bibwdfYNUEnNkN2B6xXhVN7_T0mX51BO_sFQanCVP-Eohq1cnG-RnLYdQ82MWSWJeHjqGW6-ndLE4swxabjmKSHN6PbLh1KRzDxVoyYmLvA9Tbr1bARFV0pDQOOaqbFx30KLZMiNleQmWteU2kmPAEOOz5KJaGimBuAJSQ93vSOLS1nwf9DsNRBA0ZADjkmAHYJrqrL7nYV_4tWhn6sn3W_EdILsUlEF8ogtXN12yUiZcCJ01bKvJ3a6ul7oNdEigt4dYYcLKMelDqHXV5Aq3x3rU1IvVSsLo3tqWgn_vykKeZe-N8GqBIFyWwvIiT1UmgwOsfy4MSjI18AQ6rDn5Hqe-ehWFar8loCwOtjXxu4Ea5aaTcoPNoUIN5EHd0eWtSPi4ENdgfMb1CFN_XKWYVCvsd7bSlvh2uArm7gOMtNHRtleMi24xQmtmwSqU-IXJ94KIRvFUk7x2zBCT5iqplSmmeNYUtHuk

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.7225c79fe4e29708c611.js Show response
script.hotjar.com/ 219 KB
58 KB 178ms
66ms Script
application/javascript 65.9.84.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7225c79fe4e29708c611.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-314584.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bb5824e55fb08d11d1bbcc144d776acc19dddf21298c684ff143c1b0cfd046af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 11:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69365
x-cache: Hit from cloudfront
content-length: 59087
access-control-allow-origin: *
last-modified: Tue, 04 May 2021 11:17:02 GMT
etag: "5a825663eb0181940c9c8432508f6197"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
cache-control: max-age=30758400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: B8K46HRGhcb09XXUKvsB3M2QlaIkXIHgQf5v9q-TqNeyqokRyE12lA==

GET
H/1.1

200
OK

request.php Show response
hal900022.redintelligence.net/ Frame AC4F
Redirect Chain

https://hal900022.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=72994c7080&subid=&uid=3148f6764a041ee9&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900022.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=72994c7080&subid=&uid=3148f6764a041ee9&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

248ms
131ms

Script
application/x-javascript

144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=72994c7080&subid=&uid=3148f6764a041ee9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2RYqJzySYJHjL73f7_UPofu6qAOBiOHUYIvY5umWCvAuEAEgupftHmDxhYCA0B_IAQmpAvaddiZ2K7Q-qAMBqgTXAU_QTXStxQBNP5dqewmsfDMdbpFss4B0lflWdCZWZJOkbcxCeAckqxWujge1wtmZwBgj6IzrzTTOUkOmMzyXmqKK5GRU6h6oOnVeCMCCidAQ5b-vO8XX47G2aYqdvvN_uNJx1uDsnwOQRKQW5kz-pmjzv87rrSTojodK-OFraw0EpYNkHK5uHfIu6O5erJKfWO5CLGtBmzqOjod9vM9ApenOedsA7fq7PgM7_4bq10IdqCh7-JhjX87ihqBl1zh51HR0SwvjwaEEt9ifBiVtQEAZj3nzh2nqwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NoAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoOZisRp2G7qopRSeZqK18K6y9gGAUeb4jy4buRIsSNZESeMoggLtfKJnG6IjHMr-uv3fkLxS5wilIREY%26sig%3DAOD64_1jbiyX5onJ6B1jIzqmtY5z5SzNJA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-C0tsErAKNAVqGauI0lsfXzb7EUv2uhypze3lCk7lht63tiCitkxmQ6Bafnto8cqPQhJavJltxvudkZ1a79D-iOgE0XfE256NxDD3IASW-BExzU-OSbUmtfbDqzAzoDCtTp8JQkxRc0R3xmIyMNn0aeWJGkdA%26cry%3D1%26dbm_d%3DAKAmf-CD4nIcLe0axg7y6A40bLUBkXWwnVIb-RLSKOwBb9qxp_8FbCJ8p65Qx-6C1inlMr6GQCyA_oa0MdX1ifNSXelY5YA-PnzR2IsPXKhWoYIIaKPaClR1kcfDVuzzzrS4ZNZkL7H8JLQuiYbsYHAGeARgdCbm2bCBqSPzYMVH4ElxjYDZWTGGW0ivmS6w5igFZUhqs9icfSArXrjfqsmrSysONTiZq1si2pIqsrBCchqSJSw5UAoSb3cA8PlqdFCY5GP7QHiGWMlprHL115AErMCzMC3Gwdj5geT1PB5mMpEPSlqk1bF8BGyuHe--HdOBSaT2Z4b0c4lgHxybK1C3siCG-VjpkkvaXIPielrWIk3x_lJcalu0uG7zmQN-AH9X6kE2QXwkExCeiTCgD3Ry0zWKkv8s4QrJVrlm4LYJNUPApfW548ybWl3wn3-XbYS15aVkWldEZTbfNbofmRjdIPXJQwj-mw%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.mackolik.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.mackolik.com&random=6262312961981&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 1643ffe0f1afce3055ec25d33eb66a9cdf3d8218dc0529c54e01cd2f20375f4d

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:12 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 17808000042613800044682011585022
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1075
Expires: Wed, 05 May 2021 07:33:12 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:12 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=72994c7080&subid=&uid=3148f6764a041ee9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2RYqJzySYJHjL73f7_UPofu6qAOBiOHUYIvY5umWCvAuEAEgupftHmDxhYCA0B_IAQmpAvaddiZ2K7Q-qAMBqgTXAU_QTXStxQBNP5dqewmsfDMdbpFss4B0lflWdCZWZJOkbcxCeAckqxWujge1wtmZwBgj6IzrzTTOUkOmMzyXmqKK5GRU6h6oOnVeCMCCidAQ5b-vO8XX47G2aYqdvvN_uNJx1uDsnwOQRKQW5kz-pmjzv87rrSTojodK-OFraw0EpYNkHK5uHfIu6O5erJKfWO5CLGtBmzqOjod9vM9ApenOedsA7fq7PgM7_4bq10IdqCh7-JhjX87ihqBl1zh51HR0SwvjwaEEt9ifBiVtQEAZj3nzh2nqwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NoAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoOZisRp2G7qopRSeZqK18K6y9gGAUeb4jy4buRIsSNZESeMoggLtfKJnG6IjHMr-uv3fkLxS5wilIREY%26sig%3DAOD64_1jbiyX5onJ6B1jIzqmtY5z5SzNJA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-C0tsErAKNAVqGauI0lsfXzb7EUv2uhypze3lCk7lht63tiCitkxmQ6Bafnto8cqPQhJavJltxvudkZ1a79D-iOgE0XfE256NxDD3IASW-BExzU-OSbUmtfbDqzAzoDCtTp8JQkxRc0R3xmIyMNn0aeWJGkdA%26cry%3D1%26dbm_d%3DAKAmf-CD4nIcLe0axg7y6A40bLUBkXWwnVIb-RLSKOwBb9qxp_8FbCJ8p65Qx-6C1inlMr6GQCyA_oa0MdX1ifNSXelY5YA-PnzR2IsPXKhWoYIIaKPaClR1kcfDVuzzzrS4ZNZkL7H8JLQuiYbsYHAGeARgdCbm2bCBqSPzYMVH4ElxjYDZWTGGW0ivmS6w5igFZUhqs9icfSArXrjfqsmrSysONTiZq1si2pIqsrBCchqSJSw5UAoSb3cA8PlqdFCY5GP7QHiGWMlprHL115AErMCzMC3Gwdj5geT1PB5mMpEPSlqk1bF8BGyuHe--HdOBSaT2Z4b0c4lgHxybK1C3siCG-VjpkkvaXIPielrWIk3x_lJcalu0uG7zmQN-AH9X6kE2QXwkExCeiTCgD3Ry0zWKkv8s4QrJVrlm4LYJNUPApfW548ybWl3wn3-XbYS15aVkWldEZTbfNbofmRjdIPXJQwj-mw%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.mackolik.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.mackolik.com&random=6262312961981&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 05 May 2021 07:33:12 +0200

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame 9295 1 KB
1 KB 227ms
75ms Document
text/html 13.224.111.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-314584.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.111.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-111-108.mad50.r.cloudfront.net
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://arsiv.mackolik.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fcb5d6664fcce90309288d9ff2cfb9a5.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: n6t8j_O6KHue0aqPZQx5Lh85z4ot257j44QJ1oXKA9sBI6o2q3G20A==
age: 3075760

GET
H3-29 200 container.html Show response
91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 65E8 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://arsiv.mackolik.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 05 May 2021 06:33:11 GMT
expires: Thu, 05 May 2022 06:33:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 65E8 1 KB
913 B 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 06:29:31 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 65E8 0
0 89ms
89ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWYQxKDySYNa4C7nE7_UPrM64iAfg27n5X4LuopOaCejiucn8EhABILqX7R5g8YWAgNAfoAGNz7HQA8gBCakC5LPrk3ixfz7gAgCoAwHIA5sEqgTkAU_Q9W3ByA3iNDOqb8lg-v6TOPhbKdyexZ8VtsPIujFDX6NX10xyoJAn1GzSqtLtwxAgMWqDJjRs0SyRcawur1IWLynzspum52RkMjDhx5pUUL3TglNSOiiwnHuhH5brSKwZnEea6SZWcfjPjzpATMrf0fpjacb6YU92GrZI2EaEQYlQXKHiSYXmLKoaE2k7l82iXp6pvjFxl6TFh-cW3fLol4VrCLO04qLRg1vXetPWaqKDa8zcfeTijP2cY4im-kpdUpITsPEgjlhjJxDbjH1TkpTS0v2AbI01CiVPi6jYeIjAlcAEtdzWnfsB4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9uwzi-oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIuZAtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NoAKA8gLAdgTDtAVAYAXAbIXGgoYCAASFHB1Yi01NjEwNjQ5MTQ2Njc0MzA2&sigh=JNdRR7tahFg&template_id=494
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame 65E8 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite_fy2019.js

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 16788430792231894627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 06:31:33 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 65E8 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 06:32:08 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 65E8 116 KB
35 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Wed, 05 May 2021 06:33:12 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 65E8 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 06:29:08 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 65E8 0
0 22ms
21ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIswC7bslExvIR_otTRU0Ew14y3Y8LbVGSQlC-vCAv2o3r2e570F7z5fzCm9nqM8Yd97TdeuFanGvK8cJR1oBjQNA7Mg
Requested by: Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 8ae5a72cfbd99e43f69fdf9d7c4a3504.js Show response
www.gstatic.com/mysidia/ Frame 65E8 25 KB
10 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ae5a72cfbd99e43f69fdf9d7c4a3504.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6976b567ff0c1b6de18e250b03f65237744b07900c8f6cecc2fdd9c52d71a52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 09:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 22:51:13 GMT
server: sffe
age: 248474
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10537
x-xss-protection: 0
expires: Sat, 31 Jul 2021 09:31:58 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E591 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 05 May 2021 03:14:09 GMT
expires: Thu, 06 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 11943
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 shopping
encrypted-tbn2.gstatic.com/ Frame 65E8 22 KB
22 KB 24ms
8ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTrVTvDb9WjxYcnEeRV5Bi_2qqC3RyAHcGGKbLkX7bB3dYKXDSwA6ZkN7sF-Ag&usqp=CAI

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b39eb944e8f720d203f10386ba037348bbbc4ebe97bedf778c69548d1dc8772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 05:34:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 13:02:43 GMT
server: sffe
age: 3500
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22559
x-xss-protection: 0
expires: Thu, 05 May 2022 05:34:52 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 65E8 13 KB
13 KB 15ms
9ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQQ3ObjZP8tCVGtaNvHC7MGaWiCiBUwiGmRt6Daij_cjD8zNJrvBXoOrpWmuA&usqp=CAI

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66a21b80656faf1934e81054afec4ef6365cf140a08bf564864b892626b01183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 11:07:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 20 Sep 2020 13:25:13 GMT
server: sffe
age: 69921
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13673
x-xss-protection: 0
expires: Wed, 04 May 2022 11:07:51 GMT

GET
H3-29 200 shopping
encrypted-tbn3.gstatic.com/ Frame 65E8 61 KB
61 KB 24ms
7ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSH2tFY5CODKWlamnrlaMvE6URIVXt5UIaYK2Ddu4APvgHk6sqXYFkVQdRJAQ&usqp=CAI

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5853cf99f48f3e358ce78cff19641ac33c3c0305901bd3acbabb96651fdf85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 14:24:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 10:23:40 GMT
server: sffe
age: 58135
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62228
x-xss-protection: 0
expires: Wed, 04 May 2022 14:24:17 GMT

GET
H3-29 200 shopping
encrypted-tbn2.gstatic.com/ Frame 65E8 10 KB
10 KB 21ms
6ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQWeolPd6Q3L_0Z9Hntt5sDQKrX1Yvtx7aGNT2sMgCotPuCe5GJ&usqp=CAI

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88688310b72a1edae054c4e07d6c069ee05616eca7858081ee1b15332915affd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:41:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 23 Sep 2020 09:58:24 GMT
server: sffe
age: 82314
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9943
x-xss-protection: 0
expires: Wed, 04 May 2022 07:41:18 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 65E8 30 KB
30 KB 11ms
6ms Image
image/png 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQKtGtDeHrB0tbhOF3uAQA9_vsHvXJmtANGGbN3PMg0A9b73uQ&usqp=CAI

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85b3b4dc43c45ad06b2f4fcb8a79e98c24022c0e52ea61f9d63e4419399c66d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 07:28:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 14:22:52 GMT
server: sffe
age: 255877
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30340
x-xss-protection: 0
expires: Mon, 02 May 2022 07:28:35 GMT

GET /
google2waycm.netmng.com/cm/ Frame E591 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E591
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFKCICpVJHBaMkgDhVVnlVw&google_cver=1&google_push=AQvitULtmXH11WasSFGL56h9JKITWvocskANctnzwiT__LqLfOSWWJLHz08kVj7ePTjYHBW0Us1v8jMhc79pIIFq...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=RIKVMo9KQje65aLhPU3Tkw2&google_push=AQvitULtmXH11WasSFGL56h9JKITWvocskANctnzwiT__LqLfOSWWJLHz08kVj7ePTjYHBW0Us1v8jMhc79pIIFqg_mCIJDhSec

170 B
188 B

70ms
69ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=RIKVMo9KQje65aLhPU3Tkw2&google_push=AQvitULtmXH11WasSFGL56h9JKITWvocskANctnzwiT__LqLfOSWWJLHz08kVj7ePTjYHBW0Us1v8jMhc79pIIFqg_mCIJDhSec

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 05 May 2021 06:33:12 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=RIKVMo9KQje65aLhPU3Tkw2&google_push=AQvitULtmXH11WasSFGL56h9JKITWvocskANctnzwiT__LqLfOSWWJLHz08kVj7ePTjYHBW0Us1v8jMhc79pIIFqg_mCIJDhSec
x-host: tde-deliveryengine-production-cd64b4484-7ssxk
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E591
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBufWM_2xbIx5EEFlhganl0&google_cver=1&google_push=AQvitUJ0Z2OhwYM9r03Mnlb_d6JXHZb68Ep5GERe5dxN6zT8_2RvzCeEuAf6gWXxtLuKxIxh_-z9Nb967b_jg6JoXHEX...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBufWM_2xbIx5EEFlhganl0&google_cver=1&google_push=AQvitUJ0Z2OhwYM9r03Mnlb_d6JXHZb68Ep5GERe5dxN6zT8_2RvzCeEuAf6gWXxtLuKxIxh_-z9Nb967b_jg6...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJ0Z2OhwYM9r03Mnlb_d6JXHZb68Ep5GERe5dxN6zT8_2RvzCeEuAf6gWXxtLuKxIxh_-z9Nb967b_jg6JoXHEXe-zygIc&google_hm=EmGSoQpMQAyBTvEOmRgIyQ==

170 B
188 B

71ms
71ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJ0Z2OhwYM9r03Mnlb_d6JXHZb68Ep5GERe5dxN6zT8_2RvzCeEuAf6gWXxtLuKxIxh_-z9Nb967b_jg6JoXHEXe-zygIc&google_hm=EmGSoQpMQAyBTvEOmRgIyQ==

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJ0Z2OhwYM9r03Mnlb_d6JXHZb68Ep5GERe5dxN6zT8_2RvzCeEuAf6gWXxtLuKxIxh_-z9Nb967b_jg6JoXHEXe-zygIc&google_hm=EmGSoQpMQAyBTvEOmRgIyQ==
date: Wed, 05 May 2021 06:33:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 403
Forbidden gg_pixel
sync.adaptv.advertising.com/ Frame E591 14 B
14 B 590ms
145ms Image
text/plain 3.214.24.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEDp18-BlGPhWXtCG6biHv7o&google_cver=1&google_push=AQvitUK3v1p0X2OyWntkziIZ6PUbHepPCem72x_BcoIXRnLo4O6eHYKToJl4qMhmHPfnGwyTRNIDn01yhJ03V_PYNuCXQS0Fv7I
Requested by: Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.24.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-24-215.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: 0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: ribs2.0
Connection: keep-alive
Content-Length: 14
Content-Type: text/plain

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E591
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECch1swT6tLc-SfDmAU4XGE&google_cver=1&google_push=AQvitUJed_VFWvYOpnN6cnSjw71QyRQCoSBFwlpCufG61PtPMWlm_B0ViZ9DgBpczMvTBtR6K_QV-qS6m_rOplk4kOp-n8O...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJed_VFWvYOpnN6cnSjw71QyRQCoSBFwlpCufG61PtPMWlm_B0ViZ9DgBpczMvTBtR6K_QV-qS6m_rOplk4kOp-n8OWut8&google_hm=ODYxNDU0NDIyMDQ0MDE5ODE...

170 B
188 B

70ms
69ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJed_VFWvYOpnN6cnSjw71QyRQCoSBFwlpCufG61PtPMWlm_B0ViZ9DgBpczMvTBtR6K_QV-qS6m_rOplk4kOp-n8OWut8&google_hm=ODYxNDU0NDIyMDQ0MDE5ODEzNQ%3D%3D

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 05 May 2021 06:33:12 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJed_VFWvYOpnN6cnSjw71QyRQCoSBFwlpCufG61PtPMWlm_B0ViZ9DgBpczMvTBtR6K_QV-qS6m_rOplk4kOp-n8OWut8&google_hm=ODYxNDU0NDIyMDQ0MDE5ODEzNQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E591
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENdY0kP7vkOMFyiw-G-a9tw&google_cver=1&google_push=AQvitUKIdzeEuClq2N0y5BwIIhYC0yjqHYE6kAD4eUSDCcbsW23gChc-a7uuGkg-8alv00ZU6HoHw1a3rx-O-nbVreIPFZ8CcAo
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUKIdzeEuClq2N0y5BwIIhYC0yjqHYE6kAD4eUSDCcbsW23gChc-a7uuGkg-8alv00ZU6HoHw1a3rx-O-nbVreIPFZ8CcAo&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzODc5MTQ2NDA5NTk4MDgxNzA%3D&google_push=AQvitUKIdzeEuClq2N0y5BwIIhYC0yjqHYE6kAD4eUSDCcbsW23gChc-a7uuGk...

170 B
188 B

71ms
71ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzODc5MTQ2NDA5NTk4MDgxNzA%3D&google_push=AQvitUKIdzeEuClq2N0y5BwIIhYC0yjqHYE6kAD4eUSDCcbsW23gChc-a7uuGkg-8alv00ZU6HoHw1a3rx-O-nbVreIPFZ8CcAo

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTEzODc5MTQ2NDA5NTk4MDgxNzA%3D&google_push=AQvitUKIdzeEuClq2N0y5BwIIhYC0yjqHYE6kAD4eUSDCcbsW23gChc-a7uuGkg-8alv00ZU6HoHw1a3rx-O-nbVreIPFZ8CcAo
date: Wed, 05 May 2021 06:33:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame E591 0
12 B 71ms
67ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWE_npC4j3wa5EXbe60Tu8HJc7j77IvA_ahG1D0_VVVOgTVYmBmI_1To6-870hSA

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:12 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 65E8 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1accc85f49d1880c8df01404d3fdaa701454e5c03ad18af8d4e200d6a92dbeb7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK button.5573c974dc31bbdab5ea7923a0bd5cf3.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) /
Resource Hash: e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/67E2)
Age: 554958
Etag: "382be2960021b88f6ce982d997cdbd01+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H/1.1 200
OK follow_button.06c6ee58c3810956b7509218508c7b56.tr.html Show response
platform.twitter.com/widgets/ Frame BCB0 37 KB
14 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.tr.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) /
Resource Hash: 73e458e1ca6caf7a393f417ee0aec26bfb3b178821b74e12d97644da528b6f2b

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 554952
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 05 May 2021 06:33:12 GMT
Etag: "d6e546d8fa1ae90bec42d430591f9bb1+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:46 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67E2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13911

GET
DATA 200
OK truncated
/ Frame BCB0 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F664 0
0 106ms
105ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWa3E5bg5QsQYRaDHpRK45Xvhp-4VpK6-D1bqKTcEGERQVi1J9FuBiqAlQZXkix2u2wWwhB0-fPOf36X-VncxvDK6ULoamxksSdoYN9tHbNK0w81jpBdpDF4fk3wEX86Q5Pn5FTLh5nVELWgPkbXTCxmbPNZ6H5gxo6JgDnt5oBDvYO3N8veMw6mlEdi_uH65g-7YI8Tjd-afI51fLwX8xOKJT2Al5icc0f6-a-13ssXIaLIMWDtD7AJWia41rMSDFZuA_wD82GdlnZ4mlnF-IFZI3kLOuWz_mxUEHXQw-UiCaeUDFd5-vVg-hY_Vsv8IiC59xzrq11zYMU6oOxIDRR2fZu2AdNt16kkvPdauc7Nh8RSLTKeD_Ng&sig=Cg0ArKJSzExcD5yR4D6hEAE&urlfix=1&adurl=

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 06:33:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK t.js Show response
randiul.com/ Frame F664 17 KB
18 KB 170ms
120ms Script
application/javascript 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: 2be23d56ded54620c36ccf9f46c7d778143e0855ebd1af9783a4230737339192

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:12 GMT
Via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
X-Amz-Cf-Id: awuMeVyCbmFvJ-_a-51-zW3m3O3bdl8QaQRjupl47MtmiN7a8sCQsg==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F664 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Wed, 05 May 2021 06:33:12 GMT

GET
DATA 200
OK truncated
/ Frame F664 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9280ebe91e274fc08e3cadf24b8d976525222550fad4dbc8485cc9c495430cf0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
352 B 169ms
169ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1620196392739%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 05 May 2021 06:33:12 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 2f49dc4bf2c86a1428dcf4dd562c8caf803e66007da8bec5ad8aa358bb0e1870
x-transaction: 9920d4cffb4b2e7f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg Show response
static.tradetracker.net/se/material_image/02/ Frame F5BE
Redirect Chain

https://ti.tradetracker.net/?c=31577&m=1646244&a=157788&r=17808000042613800044682011585022&t=html
https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg

39 KB
39 KB

52ms
15ms

Document
image/jpeg

2600:9000:2104:3800:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=72994c7080&subid=&uid=3148f6764a041ee9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2RYqJzySYJHjL73f7_UPofu6qAOBiOHUYIvY5umWCvAuEAEgupftHmDxhYCA0B_IAQmpAvaddiZ2K7Q-qAMBqgTXAU_QTXStxQBNP5dqewmsfDMdbpFss4B0lflWdCZWZJOkbcxCeAckqxWujge1wtmZwBgj6IzrzTTOUkOmMzyXmqKK5GRU6h6oOnVeCMCCidAQ5b-vO8XX47G2aYqdvvN_uNJx1uDsnwOQRKQW5kz-pmjzv87rrSTojodK-OFraw0EpYNkHK5uHfIu6O5erJKfWO5CLGtBmzqOjod9vM9ApenOedsA7fq7PgM7_4bq10IdqCh7-JhjX87ihqBl1zh51HR0SwvjwaEEt9ifBiVtQEAZj3nzh2nqwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NoAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoOZisRp2G7qopRSeZqK18K6y9gGAUeb4jy4buRIsSNZESeMoggLtfKJnG6IjHMr-uv3fkLxS5wilIREY%26sig%3DAOD64_1jbiyX5onJ6B1jIzqmtY5z5SzNJA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-C0tsErAKNAVqGauI0lsfXzb7EUv2uhypze3lCk7lht63tiCitkxmQ6Bafnto8cqPQhJavJltxvudkZ1a79D-iOgE0XfE256NxDD3IASW-BExzU-OSbUmtfbDqzAzoDCtTp8JQkxRc0R3xmIyMNn0aeWJGkdA%26cry%3D1%26dbm_d%3DAKAmf-CD4nIcLe0axg7y6A40bLUBkXWwnVIb-RLSKOwBb9qxp_8FbCJ8p65Qx-6C1inlMr6GQCyA_oa0MdX1ifNSXelY5YA-PnzR2IsPXKhWoYIIaKPaClR1kcfDVuzzzrS4ZNZkL7H8JLQuiYbsYHAGeARgdCbm2bCBqSPzYMVH4ElxjYDZWTGGW0ivmS6w5igFZUhqs9icfSArXrjfqsmrSysONTiZq1si2pIqsrBCchqSJSw5UAoSb3cA8PlqdFCY5GP7QHiGWMlprHL115AErMCzMC3Gwdj5geT1PB5mMpEPSlqk1bF8BGyuHe--HdOBSaT2Z4b0c4lgHxybK1C3siCG-VjpkkvaXIPielrWIk3x_lJcalu0uG7zmQN-AH9X6kE2QXwkExCeiTCgD3Ry0zWKkv8s4QrJVrlm4LYJNUPApfW548ybWl3wn3-XbYS15aVkWldEZTbfNbofmRjdIPXJQwj-mw%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.mackolik.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.mackolik.com&random=6262312961981&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:3800:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b02d4c3687457ff762f830bbe51f5897b428906bf57f0aa15f185d5024c0f91

Request headers

:method: GET
:authority: static.tradetracker.net
:scheme: https
:path: /se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: pi=7323f05710ba4b444545332151f03a24; uf=tS01MisrRAT%2FzJfq0rBuaTBHbGs5Zk5Ha3lzQlMxMlY3WTR4aGFjeENQbk5Ba2lDY1FweldyYnliZnl1Zjc4MFVPR2p6WWg5dkUwNm14N3V1cDNBZjl3RzNZWlorRkRUcklzdUhRPT0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/

Response headers

content-type: image/jpeg
content-length: 39656
accept-ranges: bytes
last-modified: Mon, 04 Nov 2019 09:13:22 GMT
server: nginx
date: Wed, 05 May 2021 06:32:21 GMT
etag: "5dbfebb2-9ae8"
x-cache: Hit from cloudfront
via: 1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: vnEI6Jh7VzqDLa9Ezj1wobQGoYykB1ZXmKWwIzrdokEpNR-ZL_vzqA==
age: 52

Redirect headers

date: Wed, 05 May 2021 06:33:13 GMT
content-type: text/html; charset=utf-8
location: https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg
server: nginx
x-powered-by: PHP/7.1.33-24+ubuntu18.04.1+deb.sury.org+1
p3p: CP="ALL PUR DSP CUR ADMi DEVi CONi OUR COR IND", policyref="https://ti.tradetracker.net/public/w3c/p3p.xml"
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, must-revalidate
set-cookie: uf=tS01MisrRAT%2FzJfq0rBuaTBHbGs5Zk5Ha3lzQlMxMlY3WTR4aGFjeENQbk5Ba2lDY1FweldyYnliZnl1Zjc4MFVPR2p6WWg5dkUwNm14N3V1cDNBZjl3RzNZWlorRkRUcklzdUhRPT0%3D; expires=Thu, 05-May-2022 06:33:13 GMT; Max-Age=31536000; path=/; SameSite=None; domain=.tradetracker.net; secure pi=7323f05710ba4b444545332151f03a24; expires=Fri, 13-Aug-2021 06:33:13 GMT; Max-Age=8640000; path=/; SameSite=None; domain=.tradetracker.net; secure

GET
H2 200 / Show response
ti.tradetracker.net/ Frame AC4F 453 B
1 KB 264ms
125ms Script
text/javascript 54.229.26.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=33102&m=1783943&a=157788&r=17808000042613800044682011585022&t=js&wid=tt-ffb01
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.26.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-26-200.eu-west-1.compute.amazonaws.com
Software: nginx / PHP/7.1.33-24+ubuntu18.04.1+deb.sury.org+1
Resource Hash: 2f5ba559cc1e8b8f6cea2e537655d5d93795b0873b64b24c785bb5a63b5503cc

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=utf8
server: nginx
p3p: CP="ALL PUR DSP CUR ADMi DEVi CONi OUR COR IND", policyref="https://ti.tradetracker.net/public/w3c/p3p.xml"
x-powered-by: PHP/7.1.33-24+ubuntu18.04.1+deb.sury.org+1
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900022.redintelligence.net/ Frame 4017 6 KB
2 KB 186ms
63ms Document
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request_content.php?s=17808000042613800044682011585022&a=ba3553a9
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=72994c7080&subid=&uid=3148f6764a041ee9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2RYqJzySYJHjL73f7_UPofu6qAOBiOHUYIvY5umWCvAuEAEgupftHmDxhYCA0B_IAQmpAvaddiZ2K7Q-qAMBqgTXAU_QTXStxQBNP5dqewmsfDMdbpFss4B0lflWdCZWZJOkbcxCeAckqxWujge1wtmZwBgj6IzrzTTOUkOmMzyXmqKK5GRU6h6oOnVeCMCCidAQ5b-vO8XX47G2aYqdvvN_uNJx1uDsnwOQRKQW5kz-pmjzv87rrSTojodK-OFraw0EpYNkHK5uHfIu6O5erJKfWO5CLGtBmzqOjod9vM9ApenOedsA7fq7PgM7_4bq10IdqCh7-JhjX87ihqBl1zh51HR0SwvjwaEEt9ifBiVtQEAZj3nzh2nqwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NoAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoOZisRp2G7qopRSeZqK18K6y9gGAUeb4jy4buRIsSNZESeMoggLtfKJnG6IjHMr-uv3fkLxS5wilIREY%26sig%3DAOD64_1jbiyX5onJ6B1jIzqmtY5z5SzNJA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-C0tsErAKNAVqGauI0lsfXzb7EUv2uhypze3lCk7lht63tiCitkxmQ6Bafnto8cqPQhJavJltxvudkZ1a79D-iOgE0XfE256NxDD3IASW-BExzU-OSbUmtfbDqzAzoDCtTp8JQkxRc0R3xmIyMNn0aeWJGkdA%26cry%3D1%26dbm_d%3DAKAmf-CD4nIcLe0axg7y6A40bLUBkXWwnVIb-RLSKOwBb9qxp_8FbCJ8p65Qx-6C1inlMr6GQCyA_oa0MdX1ifNSXelY5YA-PnzR2IsPXKhWoYIIaKPaClR1kcfDVuzzzrS4ZNZkL7H8JLQuiYbsYHAGeARgdCbm2bCBqSPzYMVH4ElxjYDZWTGGW0ivmS6w5igFZUhqs9icfSArXrjfqsmrSysONTiZq1si2pIqsrBCchqSJSw5UAoSb3cA8PlqdFCY5GP7QHiGWMlprHL115AErMCzMC3Gwdj5geT1PB5mMpEPSlqk1bF8BGyuHe--HdOBSaT2Z4b0c4lgHxybK1C3siCG-VjpkkvaXIPielrWIk3x_lJcalu0uG7zmQN-AH9X6kE2QXwkExCeiTCgD3Ry0zWKkv8s4QrJVrlm4LYJNUPApfW548ybWl3wn3-XbYS15aVkWldEZTbfNbofmRjdIPXJQwj-mw%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.mackolik.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.mackolik.com&random=6262312961981&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 08c2c12a3f83c41fcbcbdcd6244362a567c280582ed3436c0e2f7ce48538f883

Request headers

Host: hal900022.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=c3e8de9c0ecef99d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/

Response headers

Date: Wed, 05 May 2021 06:33:12 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 05 May 2021 07:33:13 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1829
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

cshow.php
www.zenaps.com/ Frame AC4F
Redirect Chain

https://www.awin1.com/cshow.php?s=2636829&v=12846&q=389131&r=566725&pref1=17808000042613800044682011585022&pv=1
https://www.zenaps.com/cshow.php?pvr=c43844e1-ad6b-11eb-a946-692d09249d6c&v=12846&r=566725&q=389131&s=2636829&viewref=17808000042613800044682011585022&pv=1

43 B
705 B

207ms
91ms

Image
image/gif

104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zenaps.com/cshow.php?pvr=c43844e1-ad6b-11eb-a946-692d09249d6c&v=12846&r=566725&q=389131&s=2636829&viewref=17808000042613800044682011585022&pv=1

Requested by

Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 06:33:13 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.zenaps.com/cshow.php?pvr=c43844e1-ad6b-11eb-a946-692d09249d6c&v=12846&r=566725&q=389131&s=2636829&viewref=17808000042613800044682011585022&pv=1
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ Frame AC4F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65c0aa5e626125e85c6834580f68cf080f6c904a75ca80f308f2fbd48039694d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Cookie set user Show response
randiul.com/ Frame 4B1A 9 KB
10 KB 101ms
101ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=d050c52bdd6883ba985109b9a8c8dbfc8&cb=4698161620196392896
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:12 GMT
Set-Cookie: SSID=1cfd43f6ed241fe24e290a39f9c5a183f3555bc3; Path=/; Expires=Fri, 07 May 2021 06:33:12 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: jnedKPZaPCr0lCLsffx3AadVftDf7hGIrLIiQAGAzVvLbFNE0vz-mw==

GET
H/1.1 200
OK Cookie set usersync Show response
randiul.com/ Frame D562 9 KB
10 KB 133ms
101ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/usersync?i=ojb32u3hlwggqu144yrdx&a=c09dbd0f7246aa15e66d81153fb482b45&cb=7069511620196392898
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:12 GMT
Set-Cookie: SSID=2406d607fcff4d8dcf7c32c6ab91af7a4a611f93; Path=/; Expires=Fri, 07 May 2021 06:33:12 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: OBnTt743AVD946FVUXB5yt6A60s0HTgj6OojfzA7b0yB8wDdi2_Siw==

GET
H/1.1 200
OK Cookie set sync Show response
randiul.com/ Frame 6898 9 KB
10 KB 128ms
96ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=0ceab00f6aa2fa44097419a12b6178ab3&cb=9872581620196392900
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:12 GMT
Set-Cookie: SSID=44b29e50577ca85ed311d7a275b7158ba712edc1; Path=/; Expires=Fri, 07 May 2021 06:33:12 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: lch6sCgRWTyxmldVpIL9SIhWGY8xXS0ojgcPn7nTb4tg7BnRaY8NiQ==

GET
H/1.1 200
OK Cookie set send Show response
randiul.com/ Frame 5E95 9 KB
10 KB 125ms
93ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/send?i=ojb32u3hlwggqu144yrdx&a=265e42e3ace33c8282484bff3757965b9&cb=0143431620196392901
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:12 GMT
Set-Cookie: SSID=68dbf754c6ea0e4506d5a26163bc79b768ae699a; Path=/; Expires=Fri, 07 May 2021 06:33:12 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: TQ_g0cvjz49JMaie4AQevqdfd-oPlSErksgynQ6DGVxefN4xstVHTA==

GET
H/1.1 200
OK Cookie set async_usersync Show response
randiul.com/ Frame 8EF1 9 KB
10 KB 131ms
99ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=9cf6e67faca94146d7fa322769bc417d3&cb=0993871620196392903
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:12 GMT
Set-Cookie: SSID=90387c2af3d2bcc84bde6258ee62b1cf0618e78f; Path=/; Expires=Fri, 07 May 2021 06:33:12 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: zAyeMMmLKoP8Yk4JaYUhEN4wBhXnKaZ2qvx7DT0N2I-egHpQxKJ2xA==

GET
H/1.1 200
OK Cookie set stats Show response
randiul.com/ Frame 2B30 9 KB
10 KB 155ms
124ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=f87e5c8f7cfd18312c8b3d901f50f9d19&cb=2810581620196392904
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:13 GMT
Set-Cookie: SSID=2f1798b09a398991dfbb505ba0a65d63395656e1; Path=/; Expires=Fri, 07 May 2021 06:33:13 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: cBfbEGw8HdxnFxTIyKEweGftESugp3agCi_VjjG_XmjonhDYyehX_A==

GET
H/1.1 200
OK Cookie set sync Show response
randiul.com/ Frame FE05 9 KB
10 KB 204ms
80ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=b024928c8882978034c90387283d126f3&cb=3578831620196392905
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:13 GMT
Set-Cookie: SSID=c0da0f32ecd77484c21f7e539c881f37afbbd4a4; Path=/; Expires=Fri, 07 May 2021 06:33:13 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: 0KEdtK6LapB-iSTQ67Ai0B4H-F-J43-DhtCm5Sct15sAqyMpM7NnwA==

GET
H/1.1 200
OK Cookie set async_usersync Show response
randiul.com/ Frame 2CCD 9 KB
10 KB 204ms
78ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=eddfcbfb128a526f56e05c92a9b481f47&cb=4519831620196392906
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:13 GMT
Set-Cookie: SSID=0de9da217f7dd52e9c381aa350e6d069ba7c2c22; Path=/; Expires=Fri, 07 May 2021 06:33:13 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: QQKslPoa5DnHaZnvXLzlxWBBTg0zuPaVQQdE2jHqbBkyJ2yfy-armw==

GET
H/1.1 200
OK Cookie set stat Show response
randiul.com/ Frame B878 9 KB
10 KB 202ms
76ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/stat?i=ojb32u3hlwggqu144yrdx&a=8532c942a93c6249819307957e97deaf9&cb=7097721620196392907
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:13 GMT
Set-Cookie: SSID=a21e4b0539b365e97d9a8b99ef43a6737e9fce5d; Path=/; Expires=Fri, 07 May 2021 06:33:13 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: 3bvsX8WCyJR2OvYeViC7CLh2mjrjvj_hiCHJ9UTzR3V71zYlqX7jJA==

GET
H/1.1 200
OK Cookie set async_usersync Show response
randiul.com/ Frame 8E96 9 KB
10 KB 216ms
77ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=c3afc70488875e49613c775c64163c0d1&cb=5015241620196392909
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:13 GMT
Set-Cookie: SSID=e312771dea093e259b5ad0d7cf5fae0c3109ce7f; Path=/; Expires=Fri, 07 May 2021 06:33:13 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: VZFIDRjm26ZMPdCFztUNqXq-z3po-CqodKzt7BnUh7uQmC8OzXAM-A==

GET
H/1.1 200
OK Cookie set counter Show response
randiul.com/ Frame 39C4 9 KB
10 KB 226ms
77ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/counter?i=ojb32u3hlwggqu144yrdx&a=52f6a328dbddd0d88897f54da3db11387&cb=7153421620196392910
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:13 GMT
Set-Cookie: SSID=34c0424718c0915fab938a5d1c1aacb6ff476350; Path=/; Expires=Fri, 07 May 2021 06:33:13 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: M8YYMy6ERF82qRHA7KWK78vvOmKZTzgvgpe5EUJB4XaOt1jGOpwU0w==

GET
H/1.1 200
OK Cookie set usync Show response
randiul.com/ Frame 35A4 9 KB
10 KB 226ms
77ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=ae7a4d7162c85e5c88a28e14dfee11201&cb=9214861620196392911
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:13 GMT
Set-Cookie: SSID=e12b33b17d84892cbfab12f5afe49781b2519303; Path=/; Expires=Fri, 07 May 2021 06:33:13 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: k44-emKFCkOyEflcqWxpXjDSjucJPUBvlkhxJpDjUfTk-d8ULOMYlQ==

GET
H/1.1 200
OK Cookie set user Show response
randiul.com/ Frame 7013 9 KB
10 KB 280ms
76ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=d220d3457426e10bf1c6fcfe7156c3c69&cb=2105971620196392912
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:13 GMT
Set-Cookie: SSID=aa059238572c1d33b2bb8de4b83b7be356baa13c; Path=/; Expires=Fri, 07 May 2021 06:33:13 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: qxlvHTb4Ry7OdakoUEYMIAyxQTXwoYbdt-_8vVhJRzTPydghAZm3iw==

GET
H/1.1 200
OK Cookie set stat Show response
randiul.com/ Frame 2292 9 KB
10 KB 279ms
76ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/stat?i=ojb32u3hlwggqu144yrdx&a=33201c76a9a8497517064f431b42e3517&cb=4729331620196392913
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:13 GMT
Set-Cookie: SSID=3e7da381efc36aa15f850536cb515b6f28f25a97; Path=/; Expires=Fri, 07 May 2021 06:33:13 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: n8b_ld3pwddOmHUgVO8_BUX5puYZQ88yWytAn7mpmTg1BbONgdfpKQ==

GET
H/1.1 200
OK Cookie set stats Show response
randiul.com/ Frame 47C2 9 KB
10 KB 289ms
85ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=e07324e7b863c76bb1289590caf138d81&cb=0551991620196392914
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:13 GMT
Set-Cookie: SSID=fff16853630de4467b204180b4db60d86d05e934; Path=/; Expires=Fri, 07 May 2021 06:33:13 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: 8BH_tlfOoFb2vInjMTf4R8ZE7y8Y36MH244G52k_t9ewkUaTckIzOA==

GET
H/1.1 200
OK Cookie set async_usersync Show response
randiul.com/ Frame 6C7F 9 KB
10 KB 314ms
99ms Document
text/html 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=372391a348f7da1692060bd764e144639&cb=8916111620196392915
Requested by: Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host: randiul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://arsiv.mackolik.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 05 May 2021 06:33:13 GMT
Set-Cookie: SSID=e82991b99852169e1b0de58175f99921d9df5d79; Path=/; Expires=Fri, 07 May 2021 06:33:13 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: U37RtVczXXzryUcWpzsI32MhkFJXUDA4ict9Rxbd60JJe6aNDHSUUg==

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 34D0 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHCi12xEC8bGR2UVwrGsPGidJoi_vAQ44NFOYP-R5iyhJxcCDMgUJj6u2i7RXMvfe7UG4vEwvBS5FmuLpCngyvKzLs9AS7B4NRMOCzv6tU8kmGZO4D4BSxlxoh0g&sai=AMfl-YQTDGBq9OqpcAYq1_pKb5MUnxDIrrwlEpyOX8476XeSO1xd2x5ss1F5nQGO_fP9o27C3YQbcofLIlyM3tgRn6XnkCd5EasYJ_BPtI0ZjmrMktRmCYigACW5peVyb4o&sig=Cg0ArKJSzDeNjxHW9dtoEAE&cid=CAASPeRoyoF567x66oT4wfnHeyVtiMT20ZhiwkDyDB2SMVKkWqWJEohN72gAZ5oB-1oxz-7lF6Pb0nPvLkoj9-o&id=lidar2&mcvt=1000&p=134,320,384,1300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210503&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=821623584&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1620196391858&dlt=24&rpt=123&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pxl.jpg
randiul.com/ Frame F664 597 B
1 KB 205ms
79ms Image
image/jpeg 143.204.202.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://randiul.com/pxl.jpg?i=ojb32u3hlwggqu144yrdx&s=784&p=http%3A%2F%2Farsiv.mackolik.com%2Fdefault.aspx&rstk=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&h=1214241620196393017
Requested by: Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol: HTTP/1.1
Server: 143.204.202.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-49.fra53.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:13 GMT
Via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Miss from cloudfront
Content-Type: image/jpeg; charset=UTF-8
Connection: keep-alive
Content-Length: 597
X-Amz-Cf-Id: K2AhYe2YKQvnerNh_DLwg_jgGab5DjZgphFJf-hVyMrsqK_eBIp7Ig==

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 6898
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

84ms
31ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=0ceab00f6aa2fa44097419a12b6178ab3&cb=9872581620196392900
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zj%2BCGYGrwiR5nQz2UdPkdAo0899zlmYM8vgZp2g3yFT7tweiJgS43yqjiP3IE6wTaFLmruHakK2VaiYP%2BmzNyJ3AJKdqioW4TBKy2lO1LriIh939Rdtv4mV%2B"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd418a3000005cc90be4000000001
cf-ray: 64a7efa10d1805cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Dz1%2FlS1yHojNzZL4lHEUKcVmhG67DRPoT7ln%2F8cb1u1eBJA1%2B3Uf%2FNfoAOsi2L6BN2Hvv0w%2FW2Ue9xatJVbqky3L7qExWAAVaDkNyeE9LFXS%2Fm881LRwMGzl"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa08f7b4e0e-FRA
cf-request-id: 09dcd4185700004e0e1eb00000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame D562
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

37ms
31ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/usersync?i=ojb32u3hlwggqu144yrdx&a=c09dbd0f7246aa15e66d81153fb482b45&cb=7069511620196392898
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=33FQ918mzMTvhJVuhKOPo4kjSXdb9mIQfyUXIy7NTDUGpFEc0vRYCu%2FKWqgYjYRMLz20C8WD%2Fjv8svnp3pEOe0HUSGIvVURzDKObkEtSihmPe3eZYMLXT51V"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd418a2000005cc8626d000000001
cf-ray: 64a7efa10d1d05cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nTKpXNUkPWmH0v4kU90ofWo9%2F%2FZt1RsxWc%2FxMKbRYE64a289N%2BIvNRsZIrQv%2F31JJ%2BlluNPo0%2FK37C2Xiwg3aSMAznbdBiwgo%2BcSIpofZN1Fo4QZMkQ91jLS"}]}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa09b181f4d-FRA
cf-request-id: 09dcd4186200001f4db419a000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 4017 4 KB
648 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=17808000042613800044682011585022&a=ba3553a9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 May 2021 05:01:58 GMT
server: ESF
date: Wed, 05 May 2021 06:33:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 May 2021 06:33:13 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4017 16 KB
16 KB 181ms
60ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55313/creativesup/native_1200x627.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=17808000042613800044682011585022&a=ba3553a9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1923020f2baeb1d78cb3ff36b916fd27310b97b68dd98d181eb7f4412d179df5

Request headers

Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:13 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15841
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4017 18 KB
17 KB 181ms
60ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55483/creativesup/Teknikproffset-SE-1200x627.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=17808000042613800044682011585022&a=ba3553a9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 48c8ca0bc9df53fb3c293d01bdbc10ccc7860827b158729fde082e3982525717

Request headers

Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:13 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 17600
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4017 13 KB
13 KB 188ms
63ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53597/creativesup/Native1-1200x627.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=17808000042613800044682011585022&a=ba3553a9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 18df88292c2fd97a7f4c3e5594e11f9540946fe9a14885a33f52304ec6447ec2

Request headers

Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:13 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13532
Vary: Accept-Encoding
Content-Type: image/png

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 8EF1
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

37ms
32ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=9cf6e67faca94146d7fa322769bc417d3&cb=0993871620196392903
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MOEVrD3HecqPOTN26L1ruclQSLCxdIgkEtnnZHRx0HIJWVshFg07cwPym6WklrxiC31T2iYPMFxmwwxAkXPY4dMkjZgDrpC2cZ1Ka%2BulDGDO3F6Ke9%2FBsyYL"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd418a1000005cc7c245000000001
cf-ray: 64a7efa10d1b05cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wIOnAdBjsRsbHmi8v4B%2Fe8fWuBRLjnsuCyg0VufD3JR1mwMt2wYioCmcgVUY5d9lYbX1KVM0NdM%2FWqebFYhpL80a5AdsOwgXtAOGY9OpkNRrgKWDPrTWLelO"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa0afac4e0e-FRA
cf-request-id: 09dcd4186800004e0e5e1ae000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 4B1A
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

30ms
24ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=d050c52bdd6883ba985109b9a8c8dbfc8&cb=4698161620196392896
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ocFHePSwoXZhBacK3aytCRkeA6CPMGvGst2DUgJZqvjcGoV%2FwnHWv3mECsWpR4ztXh0ntzDHpxN7aDe%2BsgTGdOYuPUtnZPTHUyzk0OeJRhg7F7pb0ZDtl9LI"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd418a1000005cc888fc000000001
cf-ray: 64a7efa10d1c05cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y9EsFYaY8V9MzE9ovBC%2BDIG70MaLDNRi99iZJ8d19bPQEdJkjEXo%2BlycE%2BShf2pTgSymXFowBdqcy%2BVpnsW8IO6F6E05LgNJUisz%2Fyle7AuIGzX%2FQgT6OcfG"}],"group":"cf-nel"}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa0ab324ec8-FRA
cf-request-id: 09dcd4186800004ec85d3a3000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 5E95
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

37ms
32ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/send?i=ojb32u3hlwggqu144yrdx&a=265e42e3ace33c8282484bff3757965b9&cb=0143431620196392901
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iT%2BE%2BJH5vdOx57cODSiNRcoVYTEdptUzI0j2wm4Op5BbdqQBkVJydwRUmAWGdVC6eiC2IbYnif0aJcYMnEBOG05YenoA90tRGne%2BrjnbUxGA740sa%2BsLq40h"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd418a2000005cc6e39f000000001
cf-ray: 64a7efa10d1f05cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ReT7EjfLriWvgxKosaYQYF9S3Jtem9%2F14AduqCLWxz70fnVp2iT1%2BFi4aXmlt1Kl%2BVZJdTaM0IfK098jSlLD6vjhEAIuquAxn31pae7%2BcvNnbowZtzeZ1pMp"}]}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa0bb291f4d-FRA
cf-request-id: 09dcd4186e00001f4d5c017000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 2B30
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

26ms
26ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=f87e5c8f7cfd18312c8b3d901f50f9d19&cb=2810581620196392904
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PRQhNLwoqH1Zwy2YgOej0gf3w65OyFxT2Y4YQgCWIbfs3zx%2FAI8lANQv2iwSCLj9FajD2wn20fABSBYYPJG7kUBPDuljCKdWiEBVvnnUSh7bJjKZ3564rABp"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd418b1000005cc7914e000000001
cf-ray: 64a7efa11d5805cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h0IMQr%2FcpGnn4f2CoiW%2FyXEbtuqwRx92L0mdPLTj%2FbH1c3Y8W%2B3N1UMM%2FJgrHFpEbRlwQ%2FQ7fvBQCzMlK%2BjQsgRTnXCaodLQ0n%2FN6OVTObNRb5V%2FotFdXeJC"}]}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa0fb911f4d-FRA
cf-request-id: 09dcd4189b00001f4d72285000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H2

200

5a0f5218ee2dad558ebed56f97a5bb2b45316d.png
static.tradetracker.net/se/material_image/35/ Frame AC4F
Redirect Chain

https://ti.tradetracker.net/?c=33102&m=1783943&a=157788&r=17808000042613800044682011585022&t=html
https://static.tradetracker.net/se/material_image/35/5a0f5218ee2dad558ebed56f97a5bb2b45316d.png

72 KB
72 KB

14ms
14ms

Image
image/png

2600:9000:2104:3800:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/se/material_image/35/5a0f5218ee2dad558ebed56f97a5bb2b45316d.png
Requested by: Host: 91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
URL: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:3800:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f57092bb84b3b7ab8ca3766e0f5b873b5307847ee1b9084e9c858bdd6e2b636c

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:30:04 GMT
via: 1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 12:05:20 GMT
server: nginx
age: 257
etag: "5f4e3900-11e3e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 73278
x-amz-cf-id: VDMpXVgnzKkqYcYniPT5ivPF8weMPB_u6xqX-MWxv54oK9sV-Pniwg==

Redirect headers

date: Wed, 05 May 2021 06:33:13 GMT
server: nginx
x-powered-by: PHP/7.1.33-24+ubuntu18.04.1+deb.sury.org+1
p3p: CP="ALL PUR DSP CUR ADMi DEVi CONi OUR COR IND", policyref="https://ti.tradetracker.net/public/w3c/p3p.xml"
location: https://static.tradetracker.net/se/material_image/35/5a0f5218ee2dad558ebed56f97a5bb2b45316d.png
cache-control: no-cache, must-revalidate
content-type: text/html; charset=utf-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame 4017 0
150 B 182ms
62ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=17808000042613800044682011585022&a=0db341ca&vb=m
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=17808000042613800044682011585022&a=ba3553a9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900022.redintelligence.net/request_content.php?s=17808000042613800044682011585022&a=ba3553a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:13 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 4017 16 KB
16 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal900022.redintelligence.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 21:36:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
age: 464185
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
expires: Fri, 29 Apr 2022 21:36:48 GMT

GET
H3-29 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 4017 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal900022.redintelligence.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 21:36:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
age: 464185
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
expires: Fri, 29 Apr 2022 21:36:48 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame FE05
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

29ms
25ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=b024928c8882978034c90387283d126f3&cb=3578831620196392905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OlwFE07lravWH3%2BpKd4bICpZ0LPGRF2e%2BPdNKu7ei4FJw2eF7fApUdF49G59cRa4PyQhXG9ZzmV%2FT%2BQyI8%2BnIEWd2J1E7KheB3vlfLbv%2BG3xh3y%2FQejHLWc9"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd418d6000005cc7c249000000001
cf-ray: 64a7efa15dcf05cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PqmghmOfLaP0USQWSbcmbQ%2FXzyCcHmAM2Id8GSBFfYJbkx%2BIPsZWrB2yImBwx4s4gSkAzd0WaJWKu9z%2BfdZd36ePre82HWfhULI1LO6rAPwygFbgX2QIbWQx"}]}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa12be11f4d-FRA
cf-request-id: 09dcd418b900001f4d94b5f000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 2CCD
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

30ms
25ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=eddfcbfb128a526f56e05c92a9b481f47&cb=4519831620196392906
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5uUpai5B9pXXZVn3WjJDh%2Fw2FGty81N8ewXlszYHOwtvdZIsDgioO6Vr3Hp42UXaNC8dkpEjnH%2FXsd9aG6pinabyHf%2BCLThIwjdkCoIjXhkD2EVLyG18ljIj"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd418d9000005cc6daaa000000001
cf-ray: 64a7efa15de005cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nWS9AqLy4VwA39HWXc%2B%2Fmk32ZTrONo9AJiMAtdX9j9M4JFRHUyRBKwGID4F2o06JcHqm2YKmWOHj9BnTx%2BkHVCHus5imbZihcoucIlb62%2BdvcHN%2BHav64QST"}],"group":"cf-nel"}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa13c7e4ec8-FRA
cf-request-id: 09dcd418bf00004ec85b2c3000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame B878
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

24ms
24ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/stat?i=ojb32u3hlwggqu144yrdx&a=8532c942a93c6249819307957e97deaf9&cb=7097721620196392907
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yLYucfXKQK1zalFa8ccjnUlkaY6uTlPgwa17CcAMOsMNaITU05LrytXqJLKLzDKR0F1Yh2h462tyVVhIqqegsFeyA9XPPj3N3o1ZlPQ4uSf68lA9Kq3nm8r7"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd418e0000005cca43e9000000001
cf-ray: 64a7efa16dfe05cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wcHwHLXTxDKvLSPUDpgfY22ZFAED1aDY%2Bu4Q4evl9R2Kw501y8TCLDHY1hpFvX6VrO3IuNeO2q4nTblhPGOdJBRcJDQ625v1urGIo9B3n6iUhOd40bI9yvlH"}]}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa14c0b1f4d-FRA
cf-request-id: 09dcd418cc00001f4d61a74000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 8E96
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

25ms
24ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=c3afc70488875e49613c775c64163c0d1&cb=5015241620196392909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0sLIvMF9VIB7bYxROWH1vq3Ifp3Fp58qm65mxUj0pO4iOBVv2rNuvJoy%2FjIDmBXY2wcGc0mmf8yulory%2FOBBRlFMXsdcLU5XAAAzq2T5LxAL7JgWU%2FbVx%2BTq"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd418ff000005ccbca8b000000001
cf-ray: 64a7efa19e6b05cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t3jEpKErY0ksgBjqNVFI8tQ0bAB1zHUDUWmjF1MtNnNi9l1thPinCZQhszkuKDitBbwAxckHkwba1ENgrkbrnO4%2FQnfY%2B%2BzrxlqkbCiOjZ9myQorTrbwu5pB"}]}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa15c361f4d-FRA
cf-request-id: 09dcd418da00001f4dc9221000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 39C4
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

25ms
25ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/counter?i=ojb32u3hlwggqu144yrdx&a=52f6a328dbddd0d88897f54da3db11387&cb=7153421620196392910
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wo99iN3cTH6C%2Ff8PFYb%2BRq%2FfdbdZH05%2FZfeYIVQmm%2FzLH8LO07h9oFCAa%2F8%2FC3xDLsSYznNLYNWmlITJZqNfM9AgZyQPtEO1%2FIdOCLF1PuHeWj81XP0HsHbg"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd41901000005cc8b8cf000000001
cf-ray: 64a7efa19e7805cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d3aNAI6JX%2Fek91lClVYg0sGSuwzW7s5cnvBbKiEzIOc6OiMBpThGgadFdebdWWhdcLLl8mPdGn%2Bx8haFA2o99K9AK89yIQcU2%2BFbTRNOTq9%2F4IYFlczvAI3b"}],"group":"cf-nel"}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa16cee4ec8-FRA
cf-request-id: 09dcd418de00004ec87ca6e000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 35A4
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

25ms
25ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=ae7a4d7162c85e5c88a28e14dfee11201&cb=9214861620196392911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lp8sLQ3sItWPdE8UrytoCl8xRckZM0AUuPayP6U9Uu624QqFIiNzFgQAsFdg2D54uF42E45Sp%2ByMJDO8ksWQyaKi91YoCXHujEBTswoms70ecWGXix4%2Bif0f"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd41904000005cc7c24e000000001
cf-ray: 64a7efa1ae8805cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HCqpkKwqXzMiSNFNgKaYnIOQoAbfsZcTl5BEZ2vw7CAd5oi9aQWHFxUC8FX8vpgMbq9z9qzOjIfWyBbcrcDBJGtFCUJjpWf86zIR4%2FNHORyIiwZLIaEX9C9%2B"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa1693d4e0e-FRA
cf-request-id: 09dcd418e500004e0e5e1b9000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F664 0
0 172ms
100ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpFfS5GocrxcOxf713LBXWntBx5guebfOwgF3Lzv3jfSbvqD99rrtg0sOahl18Q2kMYDdSo1wFM3AnoAqfdzsJv0A4MLt-qVOwTk637xGYiNkgWD-GrCKKyDMmsfIsGRWKozOialyfaR_erS2QaVw2tr8lSY74Ht45PWx09sAlH_G1HyBho9HN8D6aVCR_f7Vw5kiNfe3TXAu10Qj2EIFaxItjQyvU-5kwDZtCV_FbjbFP7EuD8qcUF1S0TPyeThuCYTyvl8Nk1uFon8GaodEmT7dbhgbO8uWpDHc8C07BVXvqkPeFm3-L5rWBtLrlB_-lZaIInaBnf7rvm2rTLSgjDIifapYW4tnsTD8ITA&sig=Cg0ArKJSzLa6tz0uD3_7EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 06:33:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 05 May 2021 06:33:13 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 7013
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

24ms
24ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=d220d3457426e10bf1c6fcfe7156c3c69&cb=2105971620196392912
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0MGpnIr2TEiK957Ox2QGnbXtmZyOFgWtla3HRZjopY40ZRIz0STMx%2FvH3%2Fk3evQvTgAMG4eK%2BrmY5rBNvcQrjrO5e63N9EhaHviTk6XTME3X%2FgQVEUSIa4tT"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd419c3000005ccce3c5000000001
cf-ray: 64a7efa2d95705cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t956p1pHj1h301pxDXR2dVbBrKL2ALoo7YvNFB1Xe6Iqcj9JS4bvX9gR2ceyMf84B5qRRt8cv1xIemA0LLFzePbw08sqNVwa%2BVy4k7dOvS28Q1AGu%2BHnvEYI"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa25b0c4e0e-FRA
cf-request-id: 09dcd4197c00004e0e873c9000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 2292
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

25ms
25ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/stat?i=ojb32u3hlwggqu144yrdx&a=33201c76a9a8497517064f431b42e3517&cb=4729331620196392913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6uoo5QtDfxgG%2Bcb4lmJcuZ2jJxhYMg5wP3iXjzPE8J0R%2Bm71cNHVZoyfHQH2HwLxicnqA5CaoQkvOOsMInEjfSIsaipwlquf%2BLYYo0MowEQWjAIzcYt1pr66"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd419b5000005cc90bfe000000001
cf-ray: 64a7efa2b92405cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eclkPNPwcwnKyIXzsOgd5hF31Ka6FwCiS3Onplv6M9HDqG2kh5zl7p%2BZyaZJT%2F%2BvK4OiPx%2FPdh5Y6XzqcmjZ7Mb9RPUcGKrgQjdBFPjw7L%2Bw%2B8hNyIp8T8wS"}],"group":"cf-nel"}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa26eda4ec8-FRA
cf-request-id: 09dcd4198000004ec88f8e4000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 47C2
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

23ms
23ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=e07324e7b863c76bb1289590caf138d81&cb=0551991620196392914
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D224nkv2SSLDgSLgvQbF29PRaomK0Gw2cHBS111RqXPtlGkRF4%2BjxYOt2Cl2D7VkJ5PsKZrPjRGzLSm6dZnltt%2FgYksvrvpNRnzC6dxNLwAToBlonpMmDeyg"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd419b5000005ccbca9f000000001
cf-ray: 64a7efa2b92505cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eNfieHesmLrXoR7HvJHSK2Bh83qUn0q1V8kpl%2FkkcbEOAL63mpZF7bq9yhJZ9QQS8b%2F0hkzN8V%2BuAc%2Bjhxg74whKCnI2IKdvkURVL6M%2F9QdF%2FPAn2iCeIo9R"}]}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa26da81f4d-FRA
cf-request-id: 09dcd4198900001f4dc2869000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 6C7F
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

29ms
29ms

Script
application/javascript

2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: randiul.com
URL: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=372391a348f7da1692060bd764e144639&cb=8916111620196392915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://randiul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2541
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N78AN7Ukzpm1e9RczlzzLd2km6ecYv76jjsaj2wxGYB2WFe19E9l%2FqM4fqaeqvvYdkfxD5aTp2AygpktGbsENPaAoj0YqA4VXiwPMqNGk%2FdfngBLQE4KMoGV"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 09dcd419e2000005cc71ab2000000001
cf-ray: 64a7efa309b005cc-FRA

Redirect headers

Date: Wed, 05 May 2021 06:33:13 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZSdGGdJrbIBbkzN6RqgQCL%2FsxvJKFJ334vfT46ecq4AUuFbi4b7r2NFObRRcmHdJ1nDoiapvMjuhzXDr4qH8EfPa0kHZcTiNWGjif8dDu5x7iRDd7vHxe6aW"}]}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 64a7efa2be0a1f4d-FRA
cf-request-id: 09dcd419b200001f4d98193000000001
Expires: Wed, 05 May 2021 07:33:13 GMT

GET
H3-29

200

dark-bottom.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css

3 KB
1 KB

17ms
15ms

Stylesheet
text/css

2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d2af3977cc879022d4f18d519ac1bce009ef573d3676b719d93d4752f4cda51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2894205
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 702
cf-request-id: 09dcd41a450000d6d99ca40000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-c28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wStzI7nElk8azQb1h09tko83EqALLMmIyhHCXMDsrjpXVhGQXihwlYSd0ANOI4X6yomEXHfzLUE1UlyHeCmowFwXlQbUIUEPfeXn1pWadlFc4NR5VJen6E9EF%2FoKxqWOKQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64a7efa3aa9ed6d9-FRA
expires: Mon, 25 Apr 2022 06:33:13 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
Non-Authoritative-Reason: HSTS

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 20ms
20ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4535a10cc2cfac4e133ef62be257d081395943e8a050449c477425d58eedbb72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 06:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 05 May 2021 06:33:13 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 65E8 42 B
64 B 33ms
32ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_5BGaqito9WW6OPrXy2nTsxN38dPQtAhYHwT5pIZqeN05IV_OBljgBH_kJv7NmmaQ9matXc8dYEgXbnqwpopmLQybypVscn9SjD6qFBq2mpKbiuQha3s0jRqxHw&sai=AMfl-YQybY9ILiH8ztuVa3i_5QW8MmryBuHsKrlYBMo_gOloP282IRnVxVIKvnGr-XBg09mniM2Uwv7k3Tprhfnizi01Fj6Zp8DAGsmCaVG7OGPPqvY3PiE108bIboQ&sig=Cg0ArKJSzGPEGEcvtekjEAE&cid=CAASF-Ro-dqnCe8VGvpgVHiVDg4A_1MgD-BX&id=lidar2&mcvt=1007&p=0,150,600,310&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20210503&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=267919333&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620196392480&dlt=8&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 9FAB 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://arsiv.mackolik.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://arsiv.mackolik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 05 May 2021 06:30:48 GMT
expires: Thu, 05 May 2022 06:30:48 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 145
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FAB 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 23:42:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 24661
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 23:42:12 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 28ms
28ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=607888675540967&bg=!39yl3JjNAAYXzPaOF8w7ACkAdvg8Wuv3Xwz9bBeituQSigAtW3j03jj5A33DxTIshbXVYzo4S0IyBQIAAABdUgAAAApoAQcKAIk9kXV182QoUxtKuXjw4geGhx1va04Ir5OfuUve7DcgNMtFqogRY8OOhCKRwAOlT2q8zhvLUrJAh4iHjwED7gLP6lNEUzGUIpJKc-TVpLETwruJmvkJh-FPF5S929rFRYqWHx96LYGzfySsju6Agef0MCjfE7h1wziB0TMo5kFiDAzu1RsR5ik29pkCRd5RmQtXvYTmB_gvmzGuzCfc3Q9OEYq51UyanqzmDP6z3UUqCLA3kGuukPnX9XRA7MuXEX2CduH-B4JHhn8VeCe_EVASbHXXwtE5QSqlzM038ejlvXw8qoC4uezyrCOQOfIeoWYZ4QDqpiEMoJyP_zikn7y7MEh8VZ4eijppl0zHLE6RNYQE7m9zDmIfdzdUw7Mqts5GaSNdK0hucHIo0euyRX1vf3c7Jcr3FAfyqa9Lb0Ice2YiGmom7LS5IZzjdrylnL2G9Gk0oVKznNe97O-oJUSCEfXXyFmFVeAha3OuWBSjHAXxr6NfzXNRsThwzOwXG653Of0mLoTeNjf-FobCpTXe9DgKv1CW6Wow5nOxC7ZTYs2-mslMEoYxFTUI5f1nJ56OU99mjPGbF-Wyhx35RMurL2p9uJ174vMbkLL13OieSYcem0fpk0Cy0h2RwRRvAzQlT8OuhZRMOWcMQfxCnxO00MM4HGRSFMnn20lqq_R4oiOZq2OY_9juenYSjt6U6iiz1bS-ajU5obt3CcYpBzGDGPUVyyDe5niy_Us84VU_T6x9PeqdQXhGhpocCMHaMLmeFkutm6ob0HTaqpSIFYDix1tg3w0RWNEkuANfTH-yodhxobjuKLN0ul9h8KbpCkdW7tanT0oyQFUXzBd_jlbIo_Qbl6Z4WyDfsiDSwHDR7k92Eb1YL3QVMjbjwFUA5ZyCpZT6r3M9Phe1MgBll8g47YoCr9du_PhKTVTR0UGtYYMi18h44ERwZnsFyayaglP3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AC4F 42 B
64 B 28ms
28ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWzz1zqLz7WWFPMgboeaI1l1JTD0Ql5hzRkjKibIQj7QK_Qxy1wuGk5I3qWVi73qJxSIqb3-ATuaqXgGSt077gUC6zxB2MG8iGJ76O7bSF9UcM&sai=AMfl-YSuVgHHeOMq8Hpsm-9G5g8GvEyWlYBhtunkFlt8-plIdoTIFO333ZBFzWsXX1MsXs-t4wGU0bWie9N5g2PFSBQoXTia6N1qVPTQj82boYZPF6RgmJLxcjiQyCT7lIpS&sig=Cg0ArKJSzG-PWteE-4lIEAE&cid=CAASPeRoOZisRp2G7qopRSeZqK18K6y9gGAUeb4jy4buRIsSNZESeMoggLtfKJnG6IjHMr-uv3fkLxS5wilIREY&id=lidar2&mcvt=1001&p=405,972,659,1272&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210503&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3491219890&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620196392124&dlt=10&rpt=2&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame 4017 0
150 B 186ms
63ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=17808000042613800044682011585022&a=0db341ca&vb=v
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=17808000042613800044682011585022&a=ba3553a9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900022.redintelligence.net/request_content.php?s=17808000042613800044682011585022&a=ba3553a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 06:33:14 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F664 42 B
501 B 44ms
26ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqhyVZbwwvBSCBD7d9hhrdIuVRK5dBmwimxfxCudUQfH_BctZa-3FRhsYRc0XhyJ7shDZEXEzk_cHzGI0d1buAJmYbvwlN-8ueTd2rPbk&sig=Cg0ArKJSzB9xjL5S078WEAE&id=lidar2&mcvt=1001&p=0,1290,600,1450&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210503&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1264633616&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1620196392666&dlt=0&rpt=40&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://arsiv.mackolik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 06:33:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEHFm6srScyAp9Qh7pvkY74w&google_cver=1&google_push=AQvitULJm28OQNaVyWAKNS0_iiLixfHLnF2-U3-JAUiwzZQ5R0Fq5tE5B2ChfX5nRuUzkYw00q62Ki4QZYs4ihFp3myZgDMIRg

Verdicts & Comments Add Verdict or Comment

237 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 20:12:52	Name: 8lcfmzhxc8d6_uid Value: c3e8de9c0ecef99d
.tradetracker.net/	1970-01-20 02:48:52	Name: uf Value: tS01MisrRAT%2FzJfq0rBuaTBHbGs5Zk5Ha3lzQlMxMlY3WTR4aGFjeENQbk5Ba2lDY1FweldyYnliZnl1Zjc4MFVPR2p6WWg5dkUwNm14N3V1cDNBZjl3RzNZWlorRkRUcklzdUhRPT0%3D
.tradetracker.net/	1970-01-19 20:27:16	Name: pi Value: 7323f05710ba4b444545332151f03a24
.mackolik.com/	1970-01-20 03:24:52	Name: __gads Value: ID=376eeb3c3e7d826a:T=1620196391:S=ALNI_MaeFr4xNIzvVor4HnYHajw-j7wrTw
.doubleclick.net/	1970-01-20 03:24:52	Name: IDE Value: AHWqTUlLyoR6ybCnuEufOI3zELj5WAoJfRsfCmvYCCv130VSC8SP9j1oS7D1Mid9dNo
.mackolik.com/	1970-01-20 11:34:28	Name: _ga Value: GA1.2.1793803758.1620196391
arsiv.mackolik.com/	1970-01-20 02:48:52	Name: intdate Value: 1620196391875
arsiv.mackolik.com/	1970-01-19 18:03:16	Name: am_cookie_test Value: true
.mackolik.com/	1970-01-19 18:04:42	Name: _gid Value: GA1.2.467206847.1620196391
.mackolik.com/	1970-01-20 02:48:52	Name: _hjid Value: 9b6a37c8-079e-465e-9895-90790cdd3ef3
.mackolik.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.mackolik.com/	1970-01-19 18:03:16	Name: _gat Value: 1
.mackolik.com/	1970-01-19 18:03:18	Name: _hjFirstSeen Value: 1
.mackolik.com/	1970-01-20 18:03:16	Name: __gfp_64b Value: UBSHtl7c2puN4bWIHaGLiEayd8UQsrip7XJX1b4R08n.L7\|1620196390

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://cm.cdn.md/js5/porthole.js(Line 123) Message: Porthole: Using built-in browser support
console-api	log	URL: http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js(Line 1) Message: Safari control removed!
console-api	log	URL: http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js(Line 1) Message: QUARK PLAYER: Version 1.20.1
console-api	error	URL: http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js(Line 1) Message: GEMIUS PLUGIN NOT LOADED
console-api	log	URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1031631620196392665(Line 30) Message: %c [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

91e7c2a35f621f9ea705e9a80e2795ba.safeframe.googlesyndication.com
admost-banner.b-cdn.net
ads.travelaudience.com
adservice.google.com
adservice.google.se
ajax.googleapis.com
arsiv.mackolik.com
b.scorecardresearch.com
baltar.dimml.io
cdn.dimml.io
cdn.eksiup.com
cdnjs.cloudflare.com
cm.cdn.md
cm.g.doubleclick.net
d17e0d8d4491a0f07466b9b191de90ef.safeframe.googlesyndication.com
daznplayervod.daznservices.com
dsum-sec.casalemedia.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
go.admost.com
google2waycm.netmng.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900022.redintelligence.net
hb.adpone.com
hm.cdn.md
ib.adnxs.com
im.cdn.md
images.performgroup.com
imasdk.googleapis.com
js.duhnet.tv
mackolik.com
pagead2.googlesyndication.com
platform.twitter.com
pr-bh.ybp.yahoo.com
randiul.com
run.admost.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
static.hotjar.com
static.tradetracker.net
stats.g.doubleclick.net
str.hit.gemius.pl
sync.adaptv.advertising.com
syndication.twitter.com
tags.bluekai.com
ti.tradetracker.net
tpc.googlesyndication.com
tr.hit.gemius.pl
vars.hotjar.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.mackolik.com
www.zenaps.com
x.bidswitch.net
google2waycm.netmng.com
104.111.239.217
104.244.42.72
13.224.111.108
13.224.111.44
138.201.63.165
142.250.185.226
142.250.186.130
143.204.202.49
144.76.104.53
147.135.15.116
185.42.236.147
185.59.220.199
195.244.38.50
2.16.186.91
2.18.232.159
2.18.234.21
217.182.200.19
217.182.200.20
23.45.99.241
2600:9000:2104:3800:1a:7c92:efc0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:49e4
2606:4700:3033::ac43:9ddd
2606:4700::6810:125e
2606:4700::6810:135e
2a00:1288:110:c305::8000
2a00:1450:4001:802::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9b
2a00:1450:400d:802::2001
2a00:1450:400d:804::2002
2a02:26f0:120::211:7929
2a02:6ea0:c700::2
2a03:2880:f11c:8183:face:b00c:0:25de
3.120.242.149
3.124.79.200
3.214.24.215
35.190.0.66
37.252.172.36
54.229.148.178
54.229.26.200
65.9.84.103
65.9.84.4
74.91.19.202
89.187.169.122
0133a3a8bad96c183d5fd19407b4cc471dcdd5eb0e81c5504c198ae5a04d6d40
037921b880f09ad6fadb833e28069c2dc8a6f5564587bad9695885b3b62ffae9
051bcb4e7ec2e3a0a3e136cc2cc74f650f78a389ac7e4d88a8bc2d27d10859c1
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
08c2c12a3f83c41fcbcbdcd6244362a567c280582ed3436c0e2f7ce48538f883
09f0fa32fa39db3e3da2eea89bf806be0b147366343a0934e30f164a12431b43
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be4f543ecce71aa0e5096763d2834f52ff57e754e2f549219c3148c17534aab
0c517de5058bc5f692d108e46b1a7f5ee79523b54046da8def1e7f935f8d256e
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
0f2942b414a2db8e19bc57379fc2292df05dc4fa675979aa7063af6e5fa36d34
113939c820b3432933472ce3a627acd88c9ff77b7ed47b57c8e23a48edd347a0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12bb3a8cbbbbe578fc0e90eae189437733fc4cae4a46679c6e0e5269fde0932e
12ede91a905350378daf0b12a4c34e774f688a67f98c9becc8793277e8c05b24
13b739979ec0e1fac2c53b5a86c48b42308f457225c96e842246bd1f011877e2
146c53518c6967e7e13ea9b117028f06b5af60bc1035e670ff35fede53253a30
161cc822f646ad5ead174946f4c3c8f444d32ad15de482a938959a08edc75931
1643ffe0f1afce3055ec25d33eb66a9cdf3d8218dc0529c54e01cd2f20375f4d
1820b768bbed677d552ebb3a64b1141c0c48c64acd3dba9cd63c188ca5c87da9
185562bf0f3784ee957b6dc068bbad0d7002d5ecb5d37503702fface827566c6
18df88292c2fd97a7f4c3e5594e11f9540946fe9a14885a33f52304ec6447ec2
1923020f2baeb1d78cb3ff36b916fd27310b97b68dd98d181eb7f4412d179df5
1970006acdf437a48e6fcad001faa0dfc7984d48c3d8612c0f68c048c09c9e28
1aa5cf8f3e2c48af812db6dc3b35e9dc6d90e39f0008f5c3c2c83f4aca1e469c
1accc85f49d1880c8df01404d3fdaa701454e5c03ad18af8d4e200d6a92dbeb7
1b166552e1c8f279c918f29322cb9454674cc1ed076263106c95781994579e96
1c0ebfe3482cef643ce84216797b38555c84feacc385807066ce1c9d34c12f26
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
1cac081799a0f288c62d4ad60a40e417f74dc3e3a1768d04f7a03de722cca911
1e089fe4af7bafaac381f0e4504e20ec5251795a7024ad64ecbda182d73dd2cb
1e595ffdb4049c7633bd1260ce2b5011ddf3443217889d672c882e55068e1347
2ae616d31a32c6165ddfddf11e118e38937392c395711393f7528b69ae6f4cb9
2be23d56ded54620c36ccf9f46c7d778143e0855ebd1af9783a4230737339192
2c13be7e6baf352ce470ded3c4ea9a4689ab876b4c07fdbfe7d5b4fb1be05787
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ccffddd7ff2e9c0cb1325a12c4786ece0872eac077ee85c4068482270e7f647
2cfd819fbd75277ef9c79698e0f96ba2d6a46d1453a7b625f7e4d5d9551322ea
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f5ba559cc1e8b8f6cea2e537655d5d93795b0873b64b24c785bb5a63b5503cc
3177712e455be4da8e6afb3efe5d1f5dd26346917d63c22becb6d1c953102362
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b
384b935474ab09f84f7e845a6e91d8cbad2ff14ed25053d0be524d4624550875
3955a3073559f4f51c645bcef25f023a7c7cfba87d3bb1fb4a6c5fde2760e865
3ae830068399ffead55c272748252cda43e6103da5e6b0d673ae751c27d52200
3ded594bfd95863f866c4b24536f659919a4ad740817ed80c7c4213428ae44fe
3dfb78d105e89ffe3359c30a219301b46640e01cb726e00693b9a1e745b678b8
3ef707fc4a3c01523d30510ce8a91d224e4b80d31be2fd7b18ceee18fb5c437b
417174f84ccf7dbe35df5ee525f9167ee63053452c785e4a0751f5cd314db2a7
43522c2bf8d77ccab466f6334c7621176e0bcb6fe8604de4f56a2b6f8f615e0d
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
441f219ed57ed9ba64aedc1344c051924b4427e129a31df2528bd7e53d5cb7b5
4535a10cc2cfac4e133ef62be257d081395943e8a050449c477425d58eedbb72
464b7a366c6dbc59fd6e8e7af63e9c161d018681b39ca51301a18a36341fdeae
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47c9ac90d4519600c96b8e3a69bb9f6d6bf39cdf1dff9aae44306e0ceeab02d0
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
48c8ca0bc9df53fb3c293d01bdbc10ccc7860827b158729fde082e3982525717
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a9d45eae6684c377da6ab1d3f191910ec099aa6d3d423de9a62b78433e7d1ad
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f64f8e57fceff16ab30429262845ed261ba56e666ee48dd8c0f0616eefd0702
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c
574f4a4a3338f3d2972c605bdccef07a223aa0bee14fdec68a8f7a4a41254273
58f047e5fdba8b46c00955c2986b253772a95da12ffdaa2eda3742a63d24ce30
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
5ab2cb2850706571717a74499e8430164270ac8305586d45e1d0a3581f43a8b9
5ae42226599cbac001f2db8f5a32cb3f389de9893e4f9e1d88de3118fefa412f
5aff8b1abcb6212d44a19927db2e892166a403245e076a5f6b64e6d9dac3bbd2
5b02d4c3687457ff762f830bbe51f5897b428906bf57f0aa15f185d5024c0f91
5d0070afe85ad97f374bb2c0e442853497a1c9aba921a320c7667ffc3cd6d34a
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
611a7dd3b2291b8d305deaf3398c20aa9f7418f1d7bbfa7d64fa6396682bfdc4
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235
61ac0055643f185e2957d5a8c5d8e7c1f526101ed2394381207ba1ac49b7f4ed
65c0aa5e626125e85c6834580f68cf080f6c904a75ca80f308f2fbd48039694d
66a21b80656faf1934e81054afec4ef6365cf140a08bf564864b892626b01183
6793b37a48a4b85151458405cf6c5b9e4f18039328cb14fc8e32e29177a08b65
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6976b567ff0c1b6de18e250b03f65237744b07900c8f6cecc2fdd9c52d71a52a
6997ed5d149499d545612b3dffb3b16f2ae9b3f10c7193533115e09ae4733012
6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df79e98ac3f39a612316d11ac887567173d8b940ca5ca1c48582e5ac57e79b0
709edf07ebabeb5d4a2e3a0e7ac5fc920b86e8c8bfc27d5440f7b760b292953e
71da956c41c2147c988d4d8c98db749c20b9e4f50f51a4a8c665c12c962d54b3
71de2b556685fe99997bb893a59d4a6aaa0c915633f646db2ce030bbda438de1
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73e458e1ca6caf7a393f417ee0aec26bfb3b178821b74e12d97644da528b6f2b
7709df895a6a66348aaf1b8045c84eb9032075ec9e2f94ef03a2ca03b01c35f9
796027d4dba4cd6269e6f40609144c06aaff52be2ae40faa09e8240d19d0215f
7acea79c2521213b0e379bcb9c0fe0c690e5cb7ccad1998c5920b2a5699843ad
7be05514fe338ed6cfbab82e994319ab6bab03cc038a24e6e6bbf99980e9e5f2
812031ef332b67aa8f3efe65e4dec304864ceb58b8442e08cdbdd82be187ce55
81f5e8672a0895c95e0d3e3a500778d9f39c854fb3be84ebcc29846876cf30da
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
858361d285ad5b0369469afc26ff28e975019a3b3a25ad4748e95178eae88192
85b3b4dc43c45ad06b2f4fcb8a79e98c24022c0e52ea61f9d63e4419399c66d3
86390a794d4b05dd508e9d726fcfdd9c31101f0a7d35d4d46ca702d3cebb61b8
86efa42fcec119039e2eb953c8030585e3831fcbd38f2b9e3c342e1437feb35c
87067822b7a1880e918f8d8648a8df3bbc9ac01c1fb0cec2aefa15e8f5751ec8
873ebd413711780ef503eb0d9adc5f26a8f1addb18e5b407fb345ec51d61a61e
88688310b72a1edae054c4e07d6c069ee05616eca7858081ee1b15332915affd
8985bad9bc1075a1519bc3cc1baba8fd995256b3f8f6d6a511de5302077a05fd
8b39eb944e8f720d203f10386ba037348bbbc4ebe97bedf778c69548d1dc8772
8ba3fca4771216f3448961a826c41dad86523141636c503f91134cdf00110ead
8c436eec795b1183584e101ace45481f6ca62b0d96a19e6f0ad65cf4e49105ec
8ec3eb4e98e6667ad6a6ab471e6de5ba7d8bdd2caedde38d888ba5dfaad30599
8f748c119d9d5751485d0df940353e5e21757a21874166a52e71fdd67a409f97
91365534c6efb0b5b61a167af1e26b5be0cc73a60db9d1cfb898bb2adc6d3bb6
9280ebe91e274fc08e3cadf24b8d976525222550fad4dbc8485cc9c495430cf0
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
932bdfb828436b081101296ca3c21e1232156bb95ecce0ab39c0f34dc4086dc9
939ec52ac0dd04dc5bcbd3fe8f4027e42a79989d9a7588fecd2c85aaa2987ba2
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
9734efdaee5ede1757edad925319f494ae76b01a625efc50b382b9428d10e92f
97d4d828b296784064da5cb5cd0ff1bfb74d87a79714d117bdf6896b31d94ced
983cfd08e05acbb6688d3b881f39dc1d875970138ff41c4c9a1374f4cb399014
98ed689434c165dcaee863a2f9d1880d3c8827f1133a1ff1051e74d2e2b51166
99b5e9bdcd8b2fe01d9952d123885bbc4d0b9db3c6ac42774e82607ca0bd3147
99e55b7c506804ba286a8b3e3ad537d7a92b2938a500a6d74752df22b2a4aa3e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d2af3977cc879022d4f18d519ac1bce009ef573d3676b719d93d4752f4cda51
9e819dba55e363c3ff35efb9ae33c236175dc6f5ae7ee1bd7625a90fa69c620f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a13329727556eb03b67a9ae8a13ced0ba088dc4d11dfa26570e78ff7cbe2bb56
a156603d59ff5dfa2ffadffe143de68ce7eb50071ba19a45ccaa2c54d7beb1cc
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c148a715cfa8bb4aa015f2b06947980cfe97e86eed59a5f95af0d566388569
a54bba77b3aeac1b0a38caee5711c2c452e3eac65ae4238f5b0716b9436e6e56
a5853cf99f48f3e358ce78cff19641ac33c3c0305901bd3acbabb96651fdf85b
a6121e496afc82cd9dac0022c7824ef5af01e40e99e4f1171729d1e486ea20d6
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a91d2339b87d400657d27011d1e418ad9e65d7d60727101a64f12278b42f5412
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
affa7d0257fe05717ee0484e34d3747939c9f66cbffd49a6b62c15781d427b11
b08835e0e96d0237ab2ed9d316a032b5219ed5b68c201cca1eb48180aa13149e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b653f066f750ee7c49d7625ecca7cf8c9aa713e7c2aed11255c663b43479d732
b6ce275258ff5e50ea4c81fa0b177bd54afdf6ca3a695181d8efd928d58dbe4e
b9373534d408ef10e20b3e0653c9d4b901e94a81237b9cdef1cc06c8a0464756
b9a09427f1a1422f7302c8eaf58695c42f47466675e86202ebe401a9548adddb
baa9495d62f57a51e558c8eed6ee3c00f83b86a6cc22773fb540a151515f2372
bb5824e55fb08d11d1bbcc144d776acc19dddf21298c684ff143c1b0cfd046af
bd5fcf182e343c02c360c3a5080eb4499a4a5e297783b2728306443dd54c4bae
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
bebc0981127f986ba607aef97f330089538711fccc5571a5eb5c3dc1bf1d420f
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bfa28e9c96636d842d8028f2e76fafb6491d3e5d4a61a36418672f5842f406a3
c123ad847c18a2ec3113d9754a655569ee100e494f0cee10c574008c16ab64a7
c13f5ac7ae0e10138056f4c238226392ad28e883f78d3e19fb43dcb9c1b58582
c1517ff23b17159795e65199e7fc06805bc36c10fe95ef8cd6b696b0fc3b7744
c36028122e14e2fdecbec5dcbc95a1c69806bd84f452851c51f4167d4054cfe1
c45435989dbfa92ad5a498960feea35a92a8ccfa8032d929c29e6da89114e737
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8793509b08afcc3849deecb90ecb38d6ac55937b2035cae4b686f447900100c
caa8795fdc2d03becd1b1fadaf4ba16ca8a02a18bc901b67a305ad70ab39c9e3
ccfbcccdd761f6901f9c2225e022cc7fd07f82a15df3170c210996e9d6cae089
ce94599488ec9e8c575525914a25e9c7d97fabebf8570ce64939fea303cca39f
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1a95693da4f11aa4645d8ed704614f14679cb6d46e3a2b67137d81f036eaba2
d34307c9a22438c45e974f24d07f41f83227ecbf729a1a3b0f36cb0c38f1b30c
d5004a9ada961a31405757982290a429a8c264b2a154659e32fab194b53d140c
d7771dde2892e058642cecd14c076c7d5290028bad01d52bbbff01ddcd17867b
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b
d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561
d8f3158538563e9d17b8f1e736a6bba0edc169188048863bdbb6eb71a01f02ad
da6abd5cd7d7da4e9caaee5f07b1a613641a2ddb09f0934917fa7b31003c7797
ddc21f2e288de35020ce7562ae82a1f3f1716996ccd3c52747b4fda5f2136631
de00817d2456b6108f78a2774d70d1ab8658a5ba300ab4023c55dd2817de052a
df9d84c4762e3b1606153ce8f027f554865f5421c7422b27b0121bfa793e4b0d
e05877ec1cc3a0f91bd0726fab6baca1bbf8caf6048941bd6fbf805088e357d7
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395
e339219d347effa315af137b67c0442a018ed4e5f38c2c2748d994644a372ab2
e3a18f24b2e9053869d6fb6745303dd7289043df0a84c92c1c71aee1e27f57d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d9353c7dff604a9facde8b43b0cbd852d137d80ed20aad3a76291a26da50d0
e444291a8eb00c0786a77e8b783c318b2d77db35e6715aff504a46d8e64b3335
e471e87ed4beab1580036363f9cf3a9877751cacbffa0bab58b83cc6cf944f8b
e85ed70f54fcdcdbf8739151b7398df3e8bcb38f4afd38dba0e6ac802dd30995
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e9ef8c5630768eac23544ef13c37e2158f1508b43657a11f482c6dbdf2ffad79
ec56b2a59262e7489dfdeb863840fbf779478550f423b3cb9b4a9047342da21b
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
eda9846b69b757d57a66b57c171e1b1ee3e26071ccceaee503c9576c62fca9b0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f0754ba26b5564598ef1b014fd26e849540f2fe60303f91522f25d2a65b04f0f
f20dafc9f52f410cb8d31261d8eb82197df655c212e3c4c679937553f9353526
f2ff5e9280f6a481345116d335ff6f334378f045afed98c85815e3c3a717dbd3
f324e01e06560f8cf72e66ba86e85294b4ddb2775c3690b18efbb7e6ef6c68eb
f46774ce119fe427877f181509287b971834830f0b61155e904d123bfce03bfe
f488d6066d50bfe347630a80172d48288fa60b2cefe99936c54603f09b60ad2d
f52aa41fe57e300903688afc11101a540a97fca44746aa4e1083c6a4648f9731
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f57092bb84b3b7ab8ca3766e0f5b873b5307847ee1b9084e9c858bdd6e2b636c
f82fa028dce989ca4321ce730ff7ebdf14845f2529464866c95f2b64c68a118d
f99658f600eb7f107a3504c806a5a5865d173edfe3de1b5e2c4d9593e234886a
f9cc986ad446124bd63a173147db95b5736f89ce93d212db264049dad917211d
f9f3facbbca03a3c32a03c74da2152f3888997c01e9c523e8801cc7e0d89d516
fa589b0dc7e5cbc8fb038114db91bb6ecd872408092a0624fb47e798db79f56f
fc4c88210236fb8e2e96c0e8b048470b77b6a6067a20c8d1a18e0b94085b06e2
fcea0b2bf6dd0c2433efd74345c2bb5fbfb0b017ba404de6373d14b9596d872c
ff9e832991a492c92de8dca85225f55e5f19b3290292f411c9ef2ba31e59bdee

arsiv.mackolik.com Open in urlscan Pro 147.135.15.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

302 Requests

52 %HTTPS

50 %IPv6

39 Domains

66 Subdomains

55 IPs

7 Countries

4702 kBTransfer

17373 kBSize

14 Cookies

11 Outgoing links

Page URL History

Redirected requests

302 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

arsiv.mackolik.com Open in urlscan Pro
147.135.15.116 Public Scan

Screenshot
Live screenshot

Full Image

302
Requests

52 %
HTTPS

50 %
IPv6

39
Domains

66
Subdomains

55
IPs

7
Countries

4702 kB
Transfer

17373 kB
Size

14
Cookies

302 HTTP transactions
9 data transactions