www.odatv4.com Open in urlscan Pro
185.102.219.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.odatv4.com/
Effective URL:
https://www.odatv4.com/
Submission: On December 03 via api (December 3rd 2023, 4:32:25 pm UTC) from US — Scanned from DE

Summary HTTP 226 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 88 IPs in 14 countries across 80 domains to perform 226 HTTP transactions. The main IP is 185.102.219.172, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is www.odatv4.com. The Cisco Umbrella rank of the primary domain is 300657.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 4th 2023. Valid for: a year.

This is the only time www.odatv4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.102.219.173 185.102.219.173	60068 (CDN77 ^_^) (CDN77 ^_^)
1	185.102.219.172 185.102.219.172	60068 (CDN77 ^_^) (CDN77 ^_^)
50	195.142.105.13 195.142.105.13	199484 (SAGLAYICI) (SAGLAYICI)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
10	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700:20:... 2606:4700:20::ac43:4aca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	68.71.249.118 68.71.249.118	46562 (PERFORMIVE) (PERFORMIVE)
1	89.187.169.43 89.187.169.43	60068 (CDN77 ^_^) (CDN77 ^_^)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	195.142.105.24 195.142.105.24	199484 (SAGLAYICI) (SAGLAYICI)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
4 6	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:203... 2600:9000:2038:a400:5:c4ab:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
5 7	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	198.47.127.18 198.47.127.18	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	69.166.1.66 69.166.1.66	27630 (AS-XFERNET) (AS-XFERNET)
1	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	8.2.110.161 8.2.110.161	46636 (NATCOWEB) (NATCOWEB)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	142.132.241.141 142.132.241.141	24940 (HETZNER-AS) (HETZNER-AS)
1 14	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:d800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
2	34.255.40.44 34.255.40.44	16509 (AMAZON-02) (AMAZON-02)
2	23.36.225.193 23.36.225.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.127.166.56 3.127.166.56	16509 (AMAZON-02) (AMAZON-02)
2	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
1	2607:ae80:4::25 2607:ae80:4::25	26558 (FREEWHEEL) (FREEWHEEL)
2	3.65.104.224 3.65.104.224	16509 (AMAZON-02) (AMAZON-02)
3 3	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
3 4	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
5 5	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
3 3	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.194.196.88 54.194.196.88	16509 (AMAZON-02) (AMAZON-02)
2	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.248.140.235 34.248.140.235	16509 (AMAZON-02) (AMAZON-02)
1	52.92.36.24 52.92.36.24	16509 (AMAZON-02) (AMAZON-02)
2 2	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	3.248.3.218 3.248.3.218	16509 (AMAZON-02) (AMAZON-02)
2	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	108.138.233.103 108.138.233.103	16509 (AMAZON-02) (AMAZON-02)
2 3	46.137.164.248 46.137.164.248	16509 (AMAZON-02) (AMAZON-02)
2 3	54.76.220.42 54.76.220.42	16509 (AMAZON-02) (AMAZON-02)
1 1	35.156.81.16 35.156.81.16	16509 (AMAZON-02) (AMAZON-02)
1	72.246.168.208 72.246.168.208	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.57.12.239 52.57.12.239	16509 (AMAZON-02) (AMAZON-02)
1	69.169.85.6 69.169.85.6	29838 (AMC) (AMC)
2	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
2	23.205.93.33 23.205.93.33	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:211... 2600:9000:211e:d200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
2	18.192.146.238 18.192.146.238	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	145.40.97.67 145.40.97.67	54825 (PACKET) (PACKET)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	68.71.249.120 68.71.249.120	46562 (PERFORMIVE) (PERFORMIVE)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	72.246.168.23 72.246.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	52.17.57.59 52.17.57.59	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.195.142.193 18.195.142.193	16509 (AMAZON-02) (AMAZON-02)
1	52.40.123.248 52.40.123.248	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	52.59.107.120 52.59.107.120	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:b52b:a442:856c:78b2	14618 (AMAZON-AES) (AMAZON-AES)
1	108.128.110.227 108.128.110.227	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.191.8.9 18.191.8.9	16509 (AMAZON-02) (AMAZON-02)
1	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
226	88

1 185.102.219.173 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-173.datapacket.com

www.odatv4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.102.219.172 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-172.datapacket.com

www.odatv4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 195.142.105.13 (Istanbul, Turkey)

ASN199484 (SAGLAYICI, TR)

img.odatv4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.odatv4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4aca (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.bildirt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.71.249.118 (Toronto, Canada)

ASN46562 (PERFORMIVE, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.43 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-43.cdn77.com

cdn.p.analitik.bik.gov.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.142.105.24 (Istanbul, Turkey)

ASN199484 (SAGLAYICI, TR)

ad-cdn.bilgin.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2038:a400:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

bid.underdog.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.172.123 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.161 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cm-x.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.132.241.141 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.141.241.132.142.clients.your-server.de

ad.bilgin.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.157.2.228 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:d800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.40.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-40-44.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.225.193 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-225-193.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.166.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-166-56.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:4::25 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.104.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-104-224.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.243.51.122 (Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.51.121 (Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Loerrach, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.78.254.47 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.196.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-196-88.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.140.235 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-140-235.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.36.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.170.64 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.3.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-3-218.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.233.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-233-103.lhr61.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.137.164.248 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-164-248.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.76.220.42 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-220-42.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.81.16 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-81-16.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.168.208 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-208.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.12.239 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-12-239.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.85.6 (Commack, United States)

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.93.33 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-93-33.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:d200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.161.21 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.146.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-146-238.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.71.249.120 (Toronto, Canada)

ASN46562 (PERFORMIVE, US)
PTR: underdogmedia.com

edge.udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.57.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-57-59.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.142.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-142-193.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.123.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-123-248.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.107.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-107-120.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:b52b:a442:856c:78b2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.110.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-110-227.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.191.8.9 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-191-8-9.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	odatv4.com 1 redirects www.odatv4.com — Cisco Umbrella Rank: 300657 img.odatv4.com — Cisco Umbrella Rank: 361003 s.odatv4.com — Cisco Umbrella Rank: 495320	2 MB
25	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811 bidder.criteo.com — Cisco Umbrella Rank: 776 ads.eu.criteo.com — Cisco Umbrella Rank: 9522 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 18794 dis.criteo.com — Cisco Umbrella Rank: 550	38 KB
16	adform.net 1 redirects s2.adform.net — Cisco Umbrella Rank: 6115 track.adform.net — Cisco Umbrella Rank: 4289 c1.adform.net — Cisco Umbrella Rank: 560 dmp.adform.net — Cisco Umbrella Rank: 2870 cm.adform.net — Cisco Umbrella Rank: 1211	42 KB
12	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	78 KB
11	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	171 KB
7	semasio.net 6 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1234 se.semasio.net — Cisco Umbrella Rank: 21526	4 KB
7	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 478 ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	122 KB
6	udmserve.net udmserve.net — Cisco Umbrella Rank: 3048 edge.udmserve.net — Cisco Umbrella Rank: 42047	6 KB
5	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	332 B
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8902	3 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	416 KB
4	exelator.com 3 redirects loadm.exelator.com — Cisco Umbrella Rank: 1661 load77.exelator.com — Cisco Umbrella Rank: 3503 loada.exelator.com — Cisco Umbrella Rank: 29184	3 KB
4	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578 r.casalemedia.com — Cisco Umbrella Rank: 1462	2 KB
4	pubmatic.com image8.pubmatic.com — Cisco Umbrella Rank: 661 simage2.pubmatic.com — Cisco Umbrella Rank: 723 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504	454 B
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2112	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	718 B
3	gstatic.com fonts.gstatic.com	208 KB
3	rubiconproject.com pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4410 token.rubiconproject.com — Cisco Umbrella Rank: 461 pixel.rubiconproject.com — Cisco Umbrella Rank: 339	692 B
3	underdog.media bid.underdog.media — Cisco Umbrella Rank: 28061	164 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6765	622 B
3	bildirt.com cdn2.bildirt.com — Cisco Umbrella Rank: 111578	27 KB
2	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1855	87 B
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	279 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299 criteo-sync.teads.tv — Cisco Umbrella Rank: 2120	326 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12816	655 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	1 KB
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 699	673 B
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2916	921 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 638	648 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	928 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	326 B
2	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4166	470 B
2	360yield.com ad.360yield.com — Cisco Umbrella Rank: 666	397 B
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1296	1 KB
2	bilgin.pro ad-cdn.bilgin.pro — Cisco Umbrella Rank: 305212 ad.bilgin.pro — Cisco Umbrella Rank: 217889	9 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4182	70 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	185 KB
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1596	250 B
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2253	268 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2331	38 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2462	398 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	35 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 689	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 936	422 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1074	884 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10023	274 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 656	385 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1460	99 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 665	784 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	354 B
1	e-volution.ai sync.e-volution.ai — Cisco Umbrella Rank: 1756	103 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 23748	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	238 B
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 1812	72 B
1	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1808	417 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 499	489 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 20737	444 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 23648	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2473	264 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 799	265 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 408	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 981	344 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 526	637 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 4608	38 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 32226	466 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 48	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	30 KB
1	mgid.com 1 redirects cm-x.mgid.com — Cisco Umbrella Rank: 6820	561 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 951	401 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1276	9 KB
1	bik.gov.tr cdn.p.analitik.bik.gov.tr — Cisco Umbrella Rank: 56190
0	adsafety.net Failed cm.adsafety.net Failed
226	80

	Domain	Requested by
45	img.odatv4.com	www.odatv4.com
13	bidder.criteo.com	static.criteo.net bid.underdog.media
10	static.criteo.net	www.odatv4.com ads.eu.criteo.com
9	c1.adform.net	1 redirects track.adform.net c1.adform.net
5	cm.g.doubleclick.net	5 redirects
5	ups.analytics.yahoo.com	www.odatv4.com c1.adform.net ads.eu.criteo.com bid.underdog.media
5	mc.yandex.com	2 redirects www.odatv4.com
5	gum.criteo.com	4 redirects static.criteo.net
5	udmserve.net	www.odatv4.com bid.underdog.media
5	www.googletagmanager.com	www.odatv4.com www.googletagmanager.com www.google-analytics.com
5	s.odatv4.com	www.odatv4.com
4	se.semasio.net	3 redirects c1.adform.net
4	secure.adnxs.com	3 redirects c1.adform.net
3	dmp.adform.net	c1.adform.net
3	dpm.demdex.net	2 redirects ads.eu.criteo.com
3	a.audrte.com	2 redirects c1.adform.net
3	match.adsrvr.org	c1.adform.net bid.underdog.media
3	ib.adnxs.com	2 redirects www.odatv4.com
3	uipglob.semasio.net	3 redirects
3	fonts.gstatic.com	www.odatv4.com fonts.googleapis.com
3	bid.underdog.media	udmserve.net bid.underdog.media
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.google.de	www.odatv4.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	cdn2.bildirt.com	www.odatv4.com cdn2.bildirt.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	dis.criteo.com	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	www.odatv4.com ads.eu.criteo.com
2	e1.emxdgt.com	c1.adform.net ads.eu.criteo.com
2	eb2.3lift.com	c1.adform.net ads.eu.criteo.com
2	pixel.tapad.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	id5-sync.com	c1.adform.net ads.eu.criteo.com
2	pm.w55c.net	2 redirects
2	simage2.pubmatic.com	c1.adform.net ads.eu.criteo.com
2	beacon.krxd.net	c1.adform.net ads.eu.criteo.com
2	pixel.onaudience.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	x.bidswitch.net	c1.adform.net ads.eu.criteo.com
2	rtb-csync.smartadserver.com	c1.adform.net ads.eu.criteo.com
2	ad.yieldlab.net	c1.adform.net ads.eu.criteo.com
2	ad.360yield.com	c1.adform.net ads.eu.criteo.com
2	rules.quantcount.com	secure.quantserve.com
2	www.google.com	www.odatv4.com
2	track.adform.net	s2.adform.net
2	ssum-sec.casalemedia.com	2 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	mc.yandex.ru	1 redirects www.odatv4.com
2	securepubads.g.doubleclick.net	www.odatv4.com securepubads.g.doubleclick.net
2	pagead2.googlesyndication.com	www.odatv4.com pagead2.googlesyndication.com
2	www.odatv4.com	1 redirects
1	lexicon.33across.com	bid.underdog.media
1	s.thebrighttag.com	www.odatv4.com
1	sync-criteo.ads.yieldmo.com	ads.eu.criteo.com
1	criteo-partners.tremorhub.com	ads.eu.criteo.com
1	match.sharethrough.com	ads.eu.criteo.com
1	sync.outbrain.com	ads.eu.criteo.com
1	jadserve.postrelease.com	ads.eu.criteo.com
1	exchange.mediavine.com	ads.eu.criteo.com
1	matching.ivitrack.com	ads.eu.criteo.com
1	r.casalemedia.com	ads.eu.criteo.com
1	visitor.omnitagjs.com	ads.eu.criteo.com
1	cm.adform.net	ads.eu.criteo.com
1	criteo-sync.teads.tv	ads.eu.criteo.com
1	sync-t1.taboola.com	ads.eu.criteo.com
1	pixel.rubiconproject.com	ads.eu.criteo.com
1	contextual.media.net	ads.eu.criteo.com
1	widget.nl3.eu.criteo.com	ads.eu.criteo.com
1	edge.udmserve.net	bid.underdog.media
1	ads.eu.criteo.com	bid.underdog.media
1	prebid.a-mo.net	bid.underdog.media
1	hbopenbid.pubmatic.com	bid.underdog.media
1	sync.e-volution.ai	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	pixel.mathtag.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	loada.exelator.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	dsum-sec.casalemedia.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	server.seadform.net	www.odatv4.com
1	lh3.googleusercontent.com	www.odatv4.com
1	fonts.googleapis.com
1	ad.bilgin.pro	ad-cdn.bilgin.pro
1	code.jquery.com	ad-cdn.bilgin.pro
1	cm-x.mgid.com	1 redirects
1	pixel-us-west.rubiconproject.com	www.odatv4.com
1	sync.go.sonobi.com	www.odatv4.com
1	image8.pubmatic.com	www.odatv4.com
1	secure.quantserve.com	udmserve.net
1	mug.criteo.com	www.odatv4.com
1	s2.adform.net	www.odatv4.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	ad-cdn.bilgin.pro	www.odatv4.com
1	cdn.p.analitik.bik.gov.tr	www.odatv4.com
0	cm.adsafety.net Failed	c1.adform.net
226	112

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
apps.apple.com
play.google.com
bilgin.pro

Subject Issuer	Validity	Valid
*.odatv4.com AlphaSSL CA - SHA256 - G4	`2023-09-04` - `2024-10-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
bildirt.com E1	`2023-12-02` - `2024-03-01`	3 months	crt.sh
udmserve.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.p.analitik.bik.gov.tr RapidSSL TLS RSA CA G1	`2023-05-08` - `2024-05-07`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.bilgin.pro AlphaSSL CA - SHA256 - G4	`2023-05-16` - `2024-06-16`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
underdog.media DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-29` - `2024-04-28`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ib-ibi.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-21` - `2024-04-02`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2023-10-25` - `2024-11-24`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
*.a-mo.net R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
itm.ivitrack.com R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-11-27` - `2024-02-25`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.odatv4.com/
Frame ID: 727607DA9B2D7D7CA0110D7C326B6782
Requests: 133 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 79D8C7AC5FB794B4CBDDA2F5F30B4E8B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.odatv4.com
Frame ID: 7E02295B637813A65EC62AB4F963378C
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Frame ID: 2289F635C2816C1FA84B6728DB815678
Requests: 46 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=19147;tid=1;dt=7;p=1;rri=1701621138976_473721_80.255.7.105;mid=48163;zzz=%5B48163%2C1701621138%2C%22Oco0Dau9YW10gt9gFymJGQ%22%5D;version=dev-100;cb=0.4220135678473238;qqq=29.331221691467775;session=1;style=slider;vis=visible;traffic_info=%7B%7D;gdprApplies=true;consentGiven=false;consentData=undefined
Frame ID: 14D6171292F3B99AA06AC0EB1A3573DF
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Frame ID: 32117E197678FEC02B082126428BB2E2
Requests: 11 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=164173&cb=656cad95adf259123aefe929a9b63fe2&r=https%3a%2f%2fwww.odatv4.com%2f&crossorigin=false
Frame ID: 65B5E5E056EC6828BF2C01B18986E74E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Da4iGlvoGz8FIU9VL290B-HN2ZIIkPfs_pZrdg&google_gid=CAESEGaED0MtKRcbguapIXye1j4&google_cver=1&google_ula=913071,0
Frame ID: 7547E087FB7462B5FFE089443862A2D5
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ODATV - Haberler, Son Dakika Haberleri ve Güncel Haberler

Page URL History Show full URLs

http://www.odatv4.com/ HTTP 301
https://www.odatv4.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

226
Requests

89 %
HTTPS

28 %
IPv6

80
Domains

112
Subdomains

88
IPs

14
Countries

3171 kB
Transfer

6274 kB
Size

90
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/odatv

Search URL Search Domain Scan URL

URL: https://twitter.com/odatv

Search URL Search Domain Scan URL

URL: https://www.instagram.com/odatvresmi

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCV8cU-Vdj1Cra6a2Eqco7EQ

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/odatv-mobil/id917422876

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.odatv.app&hl=tr

Search URL Search Domain Scan URL

URL: https://bilgin.pro/tr
Title: Bilgin Pro

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@OdatvResmi
Title: ODATV’yi YouTube’ta Takip Et

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.odatv4.com/ HTTP 301
https://www.odatv4.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10206.47AljaLDPqLOsh0_jx85cd03w9QzEl_WBNCoXxNKFwcNaaCC0fOCcDDXC3bLrJpd.VbKUZuXThk0fjGx0iMIQlrvdRD0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10206.Kre1QSvrClfh-zHCXFHaVpZdpRbKbvZ69uN0M_lbvexnMC7a1RltKYaSByHegtxLKSATZ_M1m3kzUl-0I8zsBVzytcZRFMpLL51hm6pwglzKK4h6PuCGlfR5hNsxxGaJe80lzazabPI39oZPtzRHrwPVQjsnDSp2_kTGW-naJcFHF8mJ5ydAbX7-af3GSry4dXuN1hzIG7SoA3kCZyGfjWQ__nq3aldgfxgdx-lAvEc%2C.oa2DMPZFo_bCSiXjLdlbfp9JTvU%2C

Request Chain 76

https://gum.criteo.com/sid/json?origin=publishertag&domain=odatv4.com&sn=ChromeSyncframe&so=0&topUrl=www.odatv4.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=pjZVJHxCNjA1Mnlrc2JtN1dUM3hPYk9SRWlaak1GeFk4NmowQm9aclBLMDhzOW9ZOU1hSC8yK3JQZnVoY1dESUtIY3pDMlUvd3M3QUlSVHRaV1piVWhrc3o1WlRZTXZNaXdyK3NxYU1YNXpNYmhSM3l0OER5bkk1Ly9tMmZtd0hoV0VWWGdUUlh2Yi9BSnVXQVc1QzVSb2EyK3BRd0JkVU0yaklNOU96cUMvZkpicTZheXZYWGJYUDg2QUdSYk9kVG5tMWYxZUc4dWRKYmdvcWNTRjh1aFQvazZxSGllOU4rTkJWc3ZLMWswajlSRjdZOVZjNjlWc0MzTmpHR25Nb0pMc09obzVYQ3ZFTTNqaGM0eXd4ZTNyN2Zrdz09fA&cppv=2

Request Chain 79

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.4188303 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.4188303 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;apnid=883596597126898388;cb=0.4188303

Request Chain 81

https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.4188303%3Bindx%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.4188303%3Bindx%3D&s=199174&C=1 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.4188303;indx=ZWytkwBIZvXBicVqLGK6lQAAFDkAAAIB

Request Chain 85

https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;mgid=f3aff62c-e7db-4b58-8d15-9b29d3f0ccd4

Request Chain 93

https://mc.yandex.com/watch/85990523?wmode=7&page-url=https%3A%2F%2Fwww.odatv4.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1050%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A706266841950%3Ahid%3A1031253189%3Az%3A60%3Ai%3A20231203173218%3Aet%3A1701621139%3Ac%3A1%3Arn%3A142784927%3Arqn%3A1%3Au%3A1701621139424745268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C118%2C193%2C113%2C164%2C0%2C%2C447%2C9%2C%2C%2C%2C1524%3Aco%3A0%3Acpf%3A1%3Ans%3A1701621137270%3Agi%3AR0ExLjEuNzEzODcyMDI5LjE3MDE2MjExMzk%3D%3Arqnl%3A1%3Ast%3A1701621139%3At%3AODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.com/watch/85990523/1?wmode=7&page-url=https%3A%2F%2Fwww.odatv4.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1050%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A706266841950%3Ahid%3A1031253189%3Az%3A60%3Ai%3A20231203173218%3Aet%3A1701621139%3Ac%3A1%3Arn%3A142784927%3Arqn%3A1%3Au%3A1701621139424745268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C118%2C193%2C113%2C164%2C0%2C%2C447%2C9%2C%2C%2C%2C1524%3Aco%3A0%3Acpf%3A1%3Ans%3A1701621137270%3Agi%3AR0ExLjEuNzEzODcyMDI5LjE3MDE2MjExMzk%3D%3Arqnl%3A1%3Ast%3A1701621139%3At%3AODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 137

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=114453476629338213&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=114453476629338213&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=114453476629338213&gdpr=&sInitiator=external HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7308407150787754143&sInitiator=internal&gdpr= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=883596597126898388&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NzczMDExRTM1REZEQzNERA&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEB-UC6vd7_82c5cVNFMtSlg&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEB-UC6vd7_82c5cVNFMtSlg&sInitiator=internal&google_cver=1&gdpr=

Request Chain 139

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=114453476629338213 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=114453476629338213&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 144

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 145

https://pixel.onaudience.com/?mapped=114453476629338213&partner=68 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6b636b8b8c55ab8351593e6f3ce7f780&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MTE0NDUzNDc2NjI5MzM4MjEz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MTE0NDUzNDc2NjI5MzM4MjEz&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOG5HMxcekHc0C84f4F4jsM&google_cver=1&google_ula=1641347,0

Request Chain 149

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=883596597126898388&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=114453476629338213

Request Chain 153

https://a.audrte.com/a?adform_uid=114453476629338213 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZGFiMXlYRTF0bTlUTldkLUFTWXZZLUtQUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 154

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=114453476629338213&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=114453476629338213&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=56544138387432592842528448480507451871&noredirect=1

Request Chain 155

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=114453476629338213 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216643104719003251135

Request Chain 156

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7308407150787754143

Request Chain 159

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=E2ZAMvtb1R9Poh5

Request Chain 163

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1590374989 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=TBZxn0MybYUNZwvHi07qyO

Request Chain 166

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=114453476629338213&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=114453476629338213&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=9a5a109d-7e96-404f-b8d7-051b68b297b2

Request Chain 186

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Da4iGlvoGz8FIU9VL290B-HN2ZIIkPfs_pZrdg&google_cm&google_hm=ay1EYTRpR2x2b0d6OEZJVTlWTDI5MEItSE4yWklJa1Bmc19wWnJkZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Da4iGlvoGz8FIU9VL290B-HN2ZIIkPfs_pZrdg&google_gid=CAESEGaED0MtKRcbguapIXye1j4&google_cver=1&google_ula=913071,0

Request Chain 188

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=883596597126898388

Request Chain 199

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=AkIg3CGqD73bidd1ngPDvPOM4DQqv8k4

Request Chain 216

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=aWVsdH_tnx7mBU98BK1igsK3WHCZLk1A

Request Chain 218

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Fs2_A58dzlxsuCU0WmviGIo8rgSCrsRC

226 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.odatv4.com/
Redirect Chain

http://www.odatv4.com/
https://www.odatv4.com/

243 KB
45 KB

312ms
193ms

Document
text/html

185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 91ac8217bbd3caf5b9c162e42fb7b0e8a4ff390d56dc2ce1ac9cb2a1475862b5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27
allow: GET, HEAD, POST
cache-control: max-age=30
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 16:32:17 GMT
pragma: no-cache
server: MerlinCDN
vary: Accept-Encoding
via: HTTP/2.0 Merlin CDN
x-cache-status: HIT
x-edge: de-fra-dp-s03
x-lb-cache: HIT
x-merlin-platform: desktop
x-midtier: nl-naw-ws-s08
x-platform: desktop

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Sun, 03 Dec 2023 16:32:17 GMT
Location: https://www.odatv4.com/
Server: MerlinCDN
Via: HTTP/1.1 Merlin CDN
X-Edge: de-fra-dp-s01

GET
H2 200 oylari-dusuruyor-delege-bile-secilemiyor-aday-oluyor-7m3x.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/03/ 73 KB
74 KB 606ms
154ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/03/oylari-dusuruyor-delege-bile-secilemiyor-aday-oluyor-7m3x.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 6ed88767e4cde46a642ded37afb8bebbbe0011b6e7062a59660e54e083abd7e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="oylari-dusuruyor-delege-bile-secilemiyor-aday-oluyor-7m3x.webp"
content-length: 74916
x-request-id: 5VPFP_LjyClIFJY8zKU7_
x-rocket-cachestatus: HIT

GET
H2 200 home.css
s.odatv4.com/assets/web/css/pages/ 23 KB
7 KB 476ms
212ms Stylesheet
text/css 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to

Full URL: https://s.odatv4.com/assets/web/css/pages/home.css?id=3c812161dc9e5b485e68ec6f588b0fc6
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 87c433bb7e62f40cfcdf4015678e9e6ed606a95fd4f9ab2d6fd79d9e4caf9610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: gzip
expires: Tue, 02 Jan 2024 16:32:18 GMT
last-modified: Thu, 30 Nov 2023 07:56:23 GMT
server: nginx
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
etag: W/"65684027-5b6b"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-mastercachestatus: HIT

GET
H2 200 app.js Show response
s.odatv4.com/assets/web/js/ 22 KB
5 KB 401ms
398ms Script
application/javascript 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to

Full URL: https://s.odatv4.com/assets/web/js/app.js?id=467473b7883e5e8e0f99de098df48029
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 7641f878b43499fe0704b8000d27907fc76647c093dbb267fee9d7db1e27ad3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: gzip
expires: Tue, 02 Jan 2024 16:32:18 GMT
last-modified: Thu, 30 Nov 2023 07:56:23 GMT
server: nginx
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
etag: W/"65684027-57f5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-mastercachestatus: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 289ms
168ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3263801491371855

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10c4dcd378ebb57a244523578f5c3b370c0186ac98ad9cc36b62b79842bb23db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.odatv4.com/
Origin: https://www.odatv4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51863
x-xss-protection: 0
server: cafe
etag: 2879374221746627110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 16:32:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
95 KB 274ms
153ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LCBC0RGKV6

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ce50ab1ea378453523735afc5d069f9da4240eaf6f9c4318bcb55475e4d7d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96404
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 16:32:18 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 264ms
112ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d8a184f4b549f226e8b2e99b5e326db26b47b4a84ac743a944df4adc3536ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30290
x-xss-protection: 0
server: cafe
etag: 281 / 19694 / 31079856 / config-hash: 14258460843960793757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 16:32:18 GMT

GET
H2 200 publishertag.standalone.js Show response
static.criteo.net/js/ld/ 98 KB
32 KB 197ms
77ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.standalone.js

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3b2011f4b5bc9c8ae2d7714429e66b688f9047d5d5675265907eb0fcea972066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-18743"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:32:18 GMT

GET
H2 200 BildirtSDKfiles.js Show response
cdn2.bildirt.com/ 75 KB
24 KB 269ms
133ms Script
application/javascript 2606:4700:20::ac43:4aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.bildirt.com/BildirtSDKfiles.js
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d8190bfa19f15fe8be6193f282e1560038fd666ea060dc3c57bce4e7958ddb2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 Oct 2023 22:58:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1861
etag: W/"653457ab-12c93"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IM2DVbO7lcABO2Y7E99POaPthQDDVFJ9UntMG2aOs5hw7lX1cjE3lQU7YlvluhQmGqzeloWwp2NVwhCwPQkBCuSeBBSh413jfHVWOkVcfq9RDIF2r94sxI48jcWlpypLTMfi2HSOvkt%2BOjf6ick%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 82fd34736e380394-FRA

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 13 KB
4 KB 775ms
195ms Script
application/x-javascript 68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=19147;tid=1;dt=6;
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: 99f2169684d594386f094278fd54e22fe9ef8ab67277ddc6ffa2b3bd6f09cad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 16:32:18 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Type: application/x-javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Expires: 0

GET
H2 200 logo.svg
s.odatv4.com/assets/web/images/ 61 KB
43 KB 401ms
399ms Image
image/svg+xml 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.odatv4.com/assets/web/images/logo.svg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 3fc01193dba3746d46bcd6098785c8e111eacee7182525c666744393281a8b0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: gzip
expires: Tue, 02 Jan 2024 16:32:18 GMT
last-modified: Thu, 30 Nov 2023 07:56:23 GMT
server: nginx
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
etag: W/"65684027-f20b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-mastercachestatus: MISS

GET
H2 200 alman-yolcu-tgs-personelini-dovdu-boksor-cikti-a8ts.jpg
img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2023/12/03/ 19 KB
20 KB 495ms
154ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2023/12/03/alman-yolcu-tgs-personelini-dovdu-boksor-cikti-a8ts.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 23721749aebf40c7701493e3b7ee6e93f355a90a895fb7180e5774ad2487c76b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="alman-yolcu-tgs-personelini-dovdu-boksor-cikti-a8ts.webp"
content-length: 19922
x-request-id: nryXIGLmYs-7lJ2aSy_Tc
x-rocket-cachestatus: HIT

GET
H2 200 vefat-eden-sinema-ve-tiyatro-sanatcisi-can-gurzap-akmde-son-yolculuguna-ugurlandi-z3g8.jpg
img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2023/12/03/ 18 KB
18 KB 495ms
154ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2023/12/03/vefat-eden-sinema-ve-tiyatro-sanatcisi-can-gurzap-akmde-son-yolculuguna-ugurlandi-z3g8.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: ca5690bf2510520ade2692f7cc19baddc8bbe317dcf890afce2cd161276d034c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="vefat-eden-sinema-ve-tiyatro-sanatcisi-can-gurzap-akmde-son-yolculuguna-ugurlandi-z3g8.webp"
content-length: 18450
x-request-id: nBrnfJZTBu29T12o3pLm8
x-rocket-cachestatus: HIT

GET
H2 200 108-yil-sonra-enver-pasa-tarihi-belge-ortaya-cikti-canakkale-savasi-detay-pmpc.jpg
img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2023/12/03/ 27 KB
27 KB 401ms
398ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2023/12/03/108-yil-sonra-enver-pasa-tarihi-belge-ortaya-cikti-canakkale-savasi-detay-pmpc.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 327a50ba3fa1f794c9f1b1bd889636f86acea9b7d03d47b73e2d3d9ea4352231

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="108-yil-sonra-enver-pasa-tarihi-belge-ortaya-cikti-canakkale-savasi-detay-pmpc.webp"
content-length: 27688
x-request-id: 3V6-CKyqDHdnUvoU7enYT
x-rocket-cachestatus: HIT

GET
H2 200 bu-bir-kozmik-oda-haberidir-ise-italyan-gazeteci-girdi-j3ax.jpg
img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2023/12/03/ 27 KB
27 KB 401ms
398ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2023/12/03/bu-bir-kozmik-oda-haberidir-ise-italyan-gazeteci-girdi-j3ax.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 2c18d94b5ef06d462d4b0546219ab82ed06e767a6e5f73f4dfdee8ad2ab46d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="bu-bir-kozmik-oda-haberidir-ise-italyan-gazeteci-girdi-j3ax.webp"
content-length: 27250
x-request-id: -7Ghpj-sJN9rHOj0b-rDL
x-rocket-cachestatus: HIT

GET
H2 200 turk-is-baskani-ergun-atalay-acikladi-asgari-ucret-pazarligi-kac-liradan-baslayacak-8pom.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/ 8 KB
8 KB 401ms
398ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/turk-is-baskani-ergun-atalay-acikladi-asgari-ucret-pazarligi-kac-liradan-baslayacak-8pom.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 4054260f1ff97bfb7ed3f4de360b5e4f59155c15921c1438321b1afa747a1f65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="turk-is-baskani-ergun-atalay-acikladi-asgari-ucret-pazarligi-kac-liradan-baslayacak-8pom.webp"
content-length: 8032
x-request-id: JM4_HthVwoNOCu123Ncgw
x-rocket-cachestatus: HIT

GET
H2 200 trafik-kazasinda-hayatini-kaybetmisti-akp-artvin-genclik-kollari-baskani-dogukan-islamoglu-son-yolculuguna-ugurlandi-dk0m.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/ 22 KB
23 KB 380ms
379ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/trafik-kazasinda-hayatini-kaybetmisti-akp-artvin-genclik-kollari-baskani-dogukan-islamoglu-son-yolculuguna-ugurlandi-dk0m.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

fa53dcbb25112430ae12b3bebf6706fd0a8e47be930d16e558dd156d8ec4117b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="trafik-kazasinda-hayatini-kaybetmisti-akp-artvin-genclik-kollari-baskani-dogukan-islamoglu-son-yolculuguna-ugurlandi-dk0m.webp"
content-length: 22908
x-request-id: KdHCvs7vW135m1JR6meKH
x-rocket-cachestatus: HIT

GET
H2 200 hedefinde-babasi-vardi-dolandiricilik-girisiminin-sonu-kotu-bitti-uehn.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/ 15 KB
16 KB 380ms
379ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/hedefinde-babasi-vardi-dolandiricilik-girisiminin-sonu-kotu-bitti-uehn.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 4bf6fa79a3403177a8ff24827737edc68a630068ba7733515ae150a46d6e0efd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="hedefinde-babasi-vardi-dolandiricilik-girisiminin-sonu-kotu-bitti-uehn.webp"
content-length: 15716
x-request-id: N7PbCPA_UFw9Hw_NxyNNr
x-rocket-cachestatus: HIT

GET
H2 200 hatayda-bankaci-gorunumlu-dolandiricilar-yakalandi-btqi.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/ 11 KB
11 KB 383ms
382ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/hatayda-bankaci-gorunumlu-dolandiricilar-yakalandi-btqi.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

7cd9dddf08291d82f46bf3507c6fcc408213b2c984a3660bf13c1355ba0eb441

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="hatayda-bankaci-gorunumlu-dolandiricilar-yakalandi-btqi.webp"
content-length: 11390
x-request-id: vKQ-4xPQwK6TkfBPzMcAa
x-rocket-cachestatus: HIT

GET
H2 200 gezegenin-patronu-spacexin-milyarder-sahibi-elon-musk-ilf6.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/ 11 KB
11 KB 85ms
85ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/gezegenin-patronu-spacexin-milyarder-sahibi-elon-musk-ilf6.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: ddc0257e095a4d765dc8adb72d1c965a3fce2504e66473e5019570937fa9341c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="gezegenin-patronu-spacexin-milyarder-sahibi-elon-musk-ilf6.webp"
content-length: 11174
x-request-id: TUgIu3nfFir-xqUC1LIy4
x-rocket-cachestatus: HIT

GET
H2 200 cumhurbaskani-recep-tayyip-erdogandan-yunanistan-acilimi-uebo.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/ 11 KB
12 KB 177ms
176ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/cumhurbaskani-recep-tayyip-erdogandan-yunanistan-acilimi-uebo.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 5cedc716cadfbdb922c1874e93b02b01dda19bd9d09cfcd4e54c3c9d8b9ff1d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="cumhurbaskani-recep-tayyip-erdogandan-yunanistan-acilimi-uebo.webp"
content-length: 11666
x-request-id: TxXTZm7UJiDDAHAbk3Lwu
x-rocket-cachestatus: HIT

GET
H2 200 ardi-arkasi-kesilmiyor-bir-sorusturma-daha-baslatildi-konu-uyusturucu-madde-9wga.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/ 20 KB
20 KB 182ms
182ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/ardi-arkasi-kesilmiyor-bir-sorusturma-daha-baslatildi-konu-uyusturucu-madde-9wga.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: c3415183b8639c46a6318b42e1121b404432f8ed59589bd2fc5596c6b2adcfaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="ardi-arkasi-kesilmiyor-bir-sorusturma-daha-baslatildi-konu-uyusturucu-madde-9wga.webp"
content-length: 20200
x-request-id: nWRC5HFmAVIlkMBT7u4cc
x-rocket-cachestatus: HIT

GET
H2 200 chp-lideri-ozgur-ozel-aday-olmak-istemeyen-baskani-aday-ilan-etti-dtzk.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/ 18 KB
18 KB 198ms
198ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/chp-lideri-ozgur-ozel-aday-olmak-istemeyen-baskani-aday-ilan-etti-dtzk.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

4dd89b3a1d31d9f70239a6eb2f781315fca4f301ec219c60f1db063d645a9d53

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="chp-lideri-ozgur-ozel-aday-olmak-istemeyen-baskani-aday-ilan-etti-dtzk.webp"
content-length: 18314
x-request-id: qQ3TW5OEcmDz_CZx1N2VS
x-rocket-cachestatus: HIT

GET
H2 200 bebek-arabalarina-aldirmadan-sokak-ortasinda-kavga-ettiler-g7cj.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/ 14 KB
15 KB 274ms
274ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/bebek-arabalarina-aldirmadan-sokak-ortasinda-kavga-ettiler-g7cj.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 6f66ae5d5e1223d30be18284ff71f052a2a3ab9e99597698d9aaa0741bfa3774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="bebek-arabalarina-aldirmadan-sokak-ortasinda-kavga-ettiler-g7cj.webp"
content-length: 14522
x-request-id: 74pBzBjjTSr9GxsS2r0is
x-rocket-cachestatus: HIT

GET
H2 200 cin-hamlesi-muslumanlarin-kalbini-kazandi-ah1o.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/ 15 KB
15 KB 184ms
183ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2023/12/03/cin-hamlesi-muslumanlarin-kalbini-kazandi-ah1o.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 96faffef4dc141b36ab4682623aa8954222d0171fb986e0efdb0c1b983bde8d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="cin-hamlesi-muslumanlarin-kalbini-kazandi-ah1o.webp"
content-length: 15072
x-request-id: oWIbUGuTY2vaBo2jaLlPd
x-rocket-cachestatus: HIT

GET
H2 200 hava-kuvvetleri-komutanligina-ait-turk-f-16lari-romanyada-semalarinda-oms8.png
img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2023/12/03/ 4 KB
5 KB 381ms
379ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2023/12/03/hava-kuvvetleri-komutanligina-ait-turk-f-16lari-romanyada-semalarinda-oms8.png
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 6a53c1f9ced6ace6cc0e28b2806a3e428d357651b6476ff7a12c2bdcbbbf523b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="hava-kuvvetleri-komutanligina-ait-turk-f-16lari-romanyada-semalarinda-oms8.webp"
content-length: 4348
x-request-id: 8osSw5Bg7ebsBJ69i5QHH
x-rocket-cachestatus: HIT

GET
H2 200 merve-taskin-turkiyeden-ayrildi-q1ve.jpg
img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2023/12/03/ 5 KB
6 KB 381ms
379ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2023/12/03/merve-taskin-turkiyeden-ayrildi-q1ve.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

e4d7ed5e68fd9ac744d96fe2abddf7b7df1be4f91413e0f86b67d370652f04f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="merve-taskin-turkiyeden-ayrildi-q1ve.webp"
content-length: 5332
x-request-id: itdXJvDLqKO384eumpmvG
x-rocket-cachestatus: HIT

GET
H2 200 mac-sonucu-trabzonspor-0-1-kayserispor-firtina-85te-yikildi-30zo.jpg
img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2023/12/03/ 6 KB
7 KB 381ms
380ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2023/12/03/mac-sonucu-trabzonspor-0-1-kayserispor-firtina-85te-yikildi-30zo.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: ff379ee7037879c0bb1d2105eb42a0f55ca105d838be6c977a1fe87d4d4380a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="mac-sonucu-trabzonspor-0-1-kayserispor-firtina-85te-yikildi-30zo.webp"
content-length: 6324
x-request-id: UvItaPcD3-AanbSMIjaeF
x-rocket-cachestatus: HIT

GET
H2 200 galatasaray-trendyol-super-ligde-tarih-yaziyor-jhqz.jpg
img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2023/12/03/ 6 KB
7 KB 383ms
382ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2023/12/03/galatasaray-trendyol-super-ligde-tarih-yaziyor-jhqz.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

2d7fbeab76dc5dc5428a15c37d70030ba18e0ef829001cf0d8c8504717becbcd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="galatasaray-trendyol-super-ligde-tarih-yaziyor-jhqz.webp"
content-length: 6586
x-request-id: cODr91mzgRFch-T67p1ch
x-rocket-cachestatus: HIT

GET
H2 200 fenerbahce-yildizinin-gorme-kaybi-yasadigini-acikladi-hsuo.jpg
img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2023/12/03/ 4 KB
5 KB 383ms
382ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2023/12/03/fenerbahce-yildizinin-gorme-kaybi-yasadigini-acikladi-hsuo.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: d7909d1662dfa85f109f348ee94b273f01e58c529993cf3e00cb19feb28d8869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:18 GMT
date: Sun, 03 Dec 2023 16:32:18 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="fenerbahce-yildizinin-gorme-kaybi-yasadigini-acikladi-hsuo.webp"
content-length: 4442
x-request-id: vZXl4aZ-52_M31R46UphL
x-rocket-cachestatus: HIT

GET
H2 200 ugur-mumcunun-kizi-ozge-sesiyle-sasirtti-ciub.jpg
img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2023/12/03/ 3 KB
4 KB 170ms
169ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2023/12/03/ugur-mumcunun-kizi-ozge-sesiyle-sasirtti-ciub.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 2067d983568d8564595457afddf28a4518c5617ca7d18349ca51103daa471706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="ugur-mumcunun-kizi-ozge-sesiyle-sasirtti-ciub.webp"
content-length: 3342
x-request-id: 9oUn2oGtmMBkQqSdY2pkt
x-rocket-cachestatus: HIT

GET
H2 200 home.js Show response
s.odatv4.com/assets/web/js/pages/ 79 KB
26 KB 401ms
400ms Script
application/javascript 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to

Full URL: https://s.odatv4.com/assets/web/js/pages/home.js?id=5ce643781b1be5288fe91a694dbdc7a0
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 1826a350c731f9556d3b5709c082e53caf1581ebd94ee860a32c919dd392923c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: gzip
expires: Tue, 02 Jan 2024 16:32:18 GMT
last-modified: Thu, 30 Nov 2023 07:56:23 GMT
server: nginx
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
etag: W/"65684027-13ad5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-mastercachestatus: HIT

GET
H2 504 tracker1.js
cdn.p.analitik.bik.gov.tr/ 0
0 199ms
57ms Script
text/html 89.187.169.43
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-43.cdn77.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 200 KB
70 KB 406ms
220ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c3d606568f389989dd02561ca2b0d20d29eeb477ed633a690a518879748f487a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 30 Nov 2023 11:42:35 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6568752b-113c3"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70595
expires: Sun, 03 Dec 2023 17:32:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
74 KB 322ms
231ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MTJ33LH

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf7fb92cb985de5741ce8f20da6049ab6e208c240d16b6d144cb5f3ca99b168d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75238
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Dec 2023 16:32:18 GMT

GET
H2 200 ad-3.0.9.lazy.beta.min.js Show response
ad-cdn.bilgin.pro/app/ 24 KB
9 KB 788ms
205ms Script
application/javascript 195.142.105.24
SAGLAYICI

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.bilgin.pro/app/ad-3.0.9.lazy.beta.min.js?v=1
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.24 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: bbdb6233272d7b44024a33dd82124282e9e6b0e99184e2051866b75a2a17bac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Sun, 03 Dec 2023 16:32:19 GMT
content-encoding: gzip
x-rocket-mastercachestatus: HIT
last-modified: Tue, 22 Aug 2023 08:30:50 GMT
server: nginx
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
etag: W/"64e4723a-60c7"
vary: Accept-Encoding
content-type: application/javascript
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
expires: Tue, 02 Jan 2024 16:32:19 GMT

GET
H2 200 logo-white.svg
s.odatv4.com/assets/web/images/ 27 KB
21 KB 379ms
377ms Image
image/svg+xml 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.odatv4.com/assets/web/images/logo-white.svg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: caaee48c36c85aeb82c99b4ef24be6bfec39bdbaae300e7788777f84f7451f06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: gzip
expires: Tue, 02 Jan 2024 16:32:18 GMT
last-modified: Thu, 30 Nov 2023 07:56:23 GMT
server: nginx
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
etag: W/"65684027-6b23"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-mastercachestatus: HIT

GET
H2 200 akpnin-ibb-anketine-odatv-ulasti-imamogluna-rakip-yok-oguo.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/01/ 118 KB
118 KB 162ms
161ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/01/akpnin-ibb-anketine-odatv-ulasti-imamogluna-rakip-yok-oguo.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: c7b2a425ddab8491e8a5c6f99b6b08ea14645d414cc246e3901610206e923b20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="akpnin-ibb-anketine-odatv-ulasti-imamogluna-rakip-yok-oguo.webp"
content-length: 120610
x-request-id: 7rDKtrGFYirz7tncYcwge
x-rocket-cachestatus: HIT

GET
H2 200 10-ton-tuketildi-orduda-hamsi-cilginligi-yqgj.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 28 KB
28 KB 138ms
138ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/10-ton-tuketildi-orduda-hamsi-cilginligi-yqgj.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

8722d3ed89b2e86a5cc229b0156492a2005fc542ff6791c6152e470866a1eb00

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="10-ton-tuketildi-orduda-hamsi-cilginligi-yqgj.webp"
content-length: 28310
x-request-id: yXxfw6wuH7TawKnyo_ljq
x-rocket-cachestatus: HIT

GET
H2 200 80-dakika-10-kisi-oynayan-paris-saint-germain-psg-hata-yapmadi-zwht.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 24 KB
25 KB 423ms
422ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/80-dakika-10-kisi-oynayan-paris-saint-germain-psg-hata-yapmadi-zwht.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 5a7c6b51aeedd1ae773d2f49ef441555f02e2ad1c583614e54add46dab73332b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="80-dakika-10-kisi-oynayan-paris-saint-germain-psg-hata-yapmadi-zwht.webp"
content-length: 24866
x-request-id: jbxDewgzw5h5H19BMutfF
x-rocket-cachestatus: HIT

GET
H2 200 kismetse-olur-programinin-eski-yarismacisindan-dikkat-ceken-sozler-n7kj.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 13 KB
14 KB 350ms
349ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/kismetse-olur-programinin-eski-yarismacisindan-dikkat-ceken-sozler-n7kj.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: fb456a09a9ec6d09e9b9014b77fff9b358121aacfbbe9534befa35245601b084

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="kismetse-olur-programinin-eski-yarismacisindan-dikkat-ceken-sozler-n7kj.webp"
content-length: 13488
x-request-id: f8NuaxN7tuu7dcpprcs2b
x-rocket-cachestatus: HIT

GET
H2 200 yakisikli-guvenlikin-hayran-bulusmasinda-kavga-cikti-o4xw.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 14 KB
15 KB 264ms
264ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/yakisikli-guvenlikin-hayran-bulusmasinda-kavga-cikti-o4xw.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

de2efb122ce5c4a08a17aea68216b27157f8fff09197d0a633c379299a66c343

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="yakisikli-guvenlikin-hayran-bulusmasinda-kavga-cikti-o4xw.webp"
content-length: 14682
x-request-id: dgYN128cZk6qsQdBI9DXS
x-rocket-cachestatus: HIT

GET
H2 200 israilde-mavi-marmara-korkusu-mossad-teyakkuzda-t40r.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/01/ 75 KB
75 KB 264ms
264ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/01/israilde-mavi-marmara-korkusu-mossad-teyakkuzda-t40r.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

38a62c169f9611d3b192ac9a483cd11d5aa0348b4cef6faaaad1e66d53e3bc41

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="israilde-mavi-marmara-korkusu-mossad-teyakkuzda-t40r.webp"
content-length: 76570
x-request-id: gPEQhrHIvXfnW5nakpCzL
x-rocket-cachestatus: HIT

GET
H2 200 kasimpasadan-gaziantepe-bol-gollu-tarife-5zn2.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 30 KB
30 KB 97ms
96ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/kasimpasadan-gaziantepe-bol-gollu-tarife-5zn2.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 38e7e049d8b7fc48e9fd7aa49becfb9b5782beb7a75956e7c5dbf1c51c22bfd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="kasimpasadan-gaziantepe-bol-gollu-tarife-5zn2.webp"
content-length: 30644
x-request-id: 19EOFqnv991X15wPjnj43
x-rocket-cachestatus: HIT

GET
H2 200 hukumet-sayesinde-dolar-milyoneri-oldugunu-soyleyen-amca-genclere-tuyo-verdi-9zjj.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 14 KB
14 KB 93ms
93ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/hukumet-sayesinde-dolar-milyoneri-oldugunu-soyleyen-amca-genclere-tuyo-verdi-9zjj.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 10c5a58e664c7a0c8c5299f6f37ae5edae7c891ad09251402016afdaa9db3d92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="hukumet-sayesinde-dolar-milyoneri-oldugunu-soyleyen-amca-genclere-tuyo-verdi-9zjj.webp"
content-length: 14204
x-request-id: WUEnX5BXhU05ADZJZHZTz
x-rocket-cachestatus: HIT

GET
H2 200 iphone-15-kullanicilari-dikkat-casus-kameralar-devrede-oem3.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 10 KB
10 KB 94ms
93ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/iphone-15-kullanicilari-dikkat-casus-kameralar-devrede-oem3.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 1f046e88291aa0ea014ad1b0927673de397a1fb97103bf447664a6c49711f4ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="iphone-15-kullanicilari-dikkat-casus-kameralar-devrede-oem3.webp"
content-length: 9910
x-request-id: tNvwC4hSC21YHGt1i2kL5
x-rocket-cachestatus: HIT

GET
H2 200 papa-franciscus-ateskesin-bozulmasi-uzuntu-verici-9mdf.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 12 KB
13 KB 93ms
93ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/papa-franciscus-ateskesin-bozulmasi-uzuntu-verici-9mdf.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 957912264e5dd383c47506b75cd99ca56c9e330d34f1ea888f3b4739473336bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="papa-franciscus-ateskesin-bozulmasi-uzuntu-verici-9mdf.webp"
content-length: 12536
x-request-id: PXPJOPXLFGSLDLmcMi381
x-rocket-cachestatus: HIT

GET
H2 200 kararin-murekkebi-kurumadi-hemen-satisa-cikti-her-sey-yalan-oldu-yh5z.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/01/ 122 KB
122 KB 204ms
204ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/01/kararin-murekkebi-kurumadi-hemen-satisa-cikti-her-sey-yalan-oldu-yh5z.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 3b139863ffc6a9eeabe3e4971bd4ed1d3afae34c3e634bc1639479a43dc49f40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="kararin-murekkebi-kurumadi-hemen-satisa-cikti-her-sey-yalan-oldu-yh5z.webp"
content-length: 124618
x-request-id: MCwC2blIHvpCtVw_x80zo
x-rocket-cachestatus: HIT

GET
H2 200 erzurumda-bu-da-oldu-kar-otomobilin-camini-kirdi-4ize.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 31 KB
32 KB 264ms
264ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/erzurumda-bu-da-oldu-kar-otomobilin-camini-kirdi-4ize.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

586f6c4c97639db1d6bb53ce90431c37b18145eadbe830bc827bcd995433f785

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="erzurumda-bu-da-oldu-kar-otomobilin-camini-kirdi-4ize.webp"
content-length: 32120
x-request-id: 6ITX3vvHKKlzpY8UneYNk
x-rocket-cachestatus: HIT

GET
H2 200 alacaklisini-goren-vatandas-otomobilin-sutune-boyle-atladi-xcb3.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 12 KB
13 KB 278ms
278ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/alacaklisini-goren-vatandas-otomobilin-sutune-boyle-atladi-xcb3.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

a1bbda6ffb7578ca6f8b2752fb0dfcf523b9ea22b4cba0a3d5eb1cae850d6602

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="alacaklisini-goren-vatandas-otomobilin-sutune-boyle-atladi-xcb3.webp"
content-length: 12558
x-request-id: tp7SW52fv85XBw4urxbuO
x-rocket-cachestatus: HIT

GET
H2 200 sosyal-medyada-yeni-sacmalik-hirsizlar-da-etkilesim-pesinde-xlwb.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 14 KB
14 KB 212ms
212ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/sosyal-medyada-yeni-sacmalik-hirsizlar-da-etkilesim-pesinde-xlwb.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

4fb005ccd19283514b64aabd9fe28e4b8ec6138608645b5a19ff90643ee1719f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="sosyal-medyada-yeni-sacmalik-hirsizlar-da-etkilesim-pesinde-xlwb.webp"
content-length: 14368
x-request-id: 40Tons4IN71-pTaWpaxia
x-rocket-cachestatus: HIT

GET
H2 200 evsiz-kalan-arkadasini-evine-aldi-basina-gelmeyen-kalmadi-mycm.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 14 KB
15 KB 205ms
205ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/evsiz-kalan-arkadasini-evine-aldi-basina-gelmeyen-kalmadi-mycm.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: f0e55a5c0d19bd77688aa8606b8b60fe1b7f9a8440bed63c8ce938375e36bd42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="evsiz-kalan-arkadasini-evine-aldi-basina-gelmeyen-kalmadi-mycm.webp"
content-length: 14812
x-request-id: T_j2fh4aKRZMa4Z-Jj-wp
x-rocket-cachestatus: HIT

GET
H2 200 tum-erkekler-sucsuz-bir-tek-secil-erzan-suclu-azxx.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/01/ 100 KB
101 KB 198ms
198ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/01/tum-erkekler-sucsuz-bir-tek-secil-erzan-suclu-azxx.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

373e3462319a67f69cfd56c8d78c851c09b7cc18a5a553f4b6e547b3d20dc8b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="tum-erkekler-sucsuz-bir-tek-secil-erzan-suclu-azxx.webp"
content-length: 102492
x-request-id: Eq8oYvxo2Yaeh_0Y436yu
x-rocket-cachestatus: HIT

GET
H2 200 kayseride-kopek-dovusturerek-bahis-oynayanlara-sucustu-awx2.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 23 KB
23 KB 181ms
181ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/kayseride-kopek-dovusturerek-bahis-oynayanlara-sucustu-awx2.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 7630bec6eb19ecd0f813a50a64e22940c0cbe167636f1a30b6d2f266bc7bf98b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="kayseride-kopek-dovusturerek-bahis-oynayanlara-sucustu-awx2.webp"
content-length: 23226
x-request-id: A4oOwrYRzEJ_VtAgT98hg
x-rocket-cachestatus: HIT

GET
H2 200 dukkaninin-onune-park-edilen-araci-hurdaya-cevirdi-w45b.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 22 KB
22 KB 152ms
151ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/dukkaninin-onune-park-edilen-araci-hurdaya-cevirdi-w45b.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: c092575f7dda8bc7a62a05ee57021b52f8b32178a4f57cf2eb8cb07f1fb53d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="dukkaninin-onune-park-edilen-araci-hurdaya-cevirdi-w45b.webp"
content-length: 22156
x-request-id: d3g6ZrCV8EZCSTY-nfx_V
x-rocket-cachestatus: HIT

GET
H2 200 yasli-vatandasin-ataturk-icin-okudugu-siir-gundem-oldu-hlbf.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 19 KB
19 KB 192ms
191ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/yasli-vatandasin-ataturk-icin-okudugu-siir-gundem-oldu-hlbf.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: e64425040a74b4139a61e171c38abf4d6ed5e2cb6ce7154596d9414824c4e4cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="yasli-vatandasin-ataturk-icin-okudugu-siir-gundem-oldu-hlbf.webp"
content-length: 19450
x-request-id: suYnIo9oxNaW7C2NGp_4N
x-rocket-cachestatus: HIT

GET
H2 200 maci-kapattirmak-isteyen-kadinin-esine-uyguladigi-taktik-viral-oldu-ofeg.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/ 16 KB
17 KB 192ms
191ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2023/12/03/maci-kapattirmak-isteyen-kadinin-esine-uyguladigi-taktik-viral-oldu-ofeg.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 36119e5448a5b47db3e3d9e88bbe7d7ed65c6dfb0d9380e912f088921d562459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="maci-kapattirmak-isteyen-kadinin-esine-uyguladigi-taktik-viral-oldu-ofeg.webp"
content-length: 16890
x-request-id: DiJ2vTsjnw4loIXLbAXKT
x-rocket-cachestatus: HIT

GET
H2 200 Config-sw.js Show response
cdn2.bildirt.com/ 6 KB
2 KB 247ms
137ms Fetch
application/json 2606:4700:20::ac43:4aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.bildirt.com/Config-sw.js?uygulamaid=9538-9076-9206-3919-8871-6
Requested by: Host: cdn2.bildirt.com
URL: https://cdn2.bildirt.com/BildirtSDKfiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: b04a6c4eb3d2cc4a3ab426c10c44ee28fdf0fd545039a645f4c1798f5d1512c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33, PleskLin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54g0CPtmUFFEH3rUXMbHIOorYA98aq1CaZNYHjNoSBCm6cacYPnebtjKNIYs25Y17EVsq6SkPRX11pp%2FZrpzIsrqXySFGH5EebA2wPK%2FmctYwOiaQ%2BLH9pJK9dbNimhco833EuAe%2BD%2FLFyM2bCE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset: UTF-8
access-control-allow-origin: *
cf-ray: 82fd3474ff261cab-FRA

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ 398 KB
134 KB 239ms
129ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3263801491371855&plah=www.odatv4.com&bust=31079861

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3263801491371855

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0da7824e7b6d99e58ed6ff0d7600f23f0de4245cc80235e429e85b4feb17283e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137521
x-xss-protection: 0
server: cafe
etag: 13552517561827994805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 16:32:18 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 79D8 9 KB
4 KB 180ms
57ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3263801491371855

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.odatv4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 20:59:29 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 20:59:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/ 432 KB
135 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4887
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138259
x-xss-protection: 0
server: cafe
etag: 16445146976575771301
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 02 Dec 2024 15:10:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2957967-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCBC0RGKV6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6faeef0c16319390fead451bf580c37a691adda3f351b243a491979afd0b2de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69040
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Dec 2023 16:32:18 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 181ms
58ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LCBC0RGKV6&gtm=45je3bt0v870390465&_p=1701621138268&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=713872029.1701621139&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701621138&sct=1&seg=0&dl=https%3A%2F%2Fwww.odatv4.com%2F&dt=ODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1487
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCBC0RGKV6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 472ms
66ms Ping
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LCBC0RGKV6&cid=713872029.1701621139&gtm=45je3bt0v870390465&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCBC0RGKV6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 226ms
91ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LCBC0RGKV6&cid=713872029.1701621139&gtm=45je3bt0v870390465&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=202236019

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
85 KB 102ms
102ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P3X8GHNT5P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTJ33LH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c378744e4ceaa806f204021ac89d055b29a3e1ff4d21242fd0e7745725f4a0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 16:32:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 241ms
55ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTJ33LH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 16:31:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 38
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 03 Dec 2023 18:31:40 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 199ms
46ms Script
application/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:31:47 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx00000ecfa310e87705ee7-00646c8ee1-3295a825-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7E02 15 KB
6 KB 189ms
63ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.odatv4.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 16:32:17 GMT
server: Kestrel
server-processing-duration-in-ticks: 333906
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 bell.png
cdn2.bildirt.com/images/ 1 KB
1 KB 62ms
62ms Image
image/png 2606:4700:20::ac43:4aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.bildirt.com/images/bell.png
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 23d968342a52b86e5f3bba69ab439e051c1447c1ea8655135c2e014bb8c6c887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 497
x-powered-by: PleskLin
content-length: 1155
last-modified: Sat, 21 Oct 2023 22:58:51 GMT
server: cloudflare
etag: "653457ab-483"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqdoQMFD9GVnKK%2FE4Z20PAPG9fSlxyM1lX8ZfSaz0NJ5xXseR%2BOkjMsRtjGMWNRBLJGuZJU1WeMkxh02KdvjiHTdBPcn9vPDYnyDIcv4wfq%2F6YdK3k%2BurmMb1kWVTMW5sfRnJ9BIL5myDNlFrgw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 82fd3475da0a0394-FRA

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10206.47AljaLDPqLOsh0_jx85cd03w9QzEl_WBNCoXxNKFwcNaaCC0fOCcDDXC3bLrJpd.VbKUZuXThk0fjGx0iMIQlrvdRD0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10206.Kre1QSvrClfh-zHCXFHaVpZdpRbKbvZ69uN0M_lbvexnMC7a1RltKYaSByHegtxLKSATZ_M1m3kzUl-0I8zsBVzytcZRFMpLL51hm6pwglzKK4h6PuCGlfR5hNsxxGaJe80lzazabP...

43 B
491 B

90ms
90ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10206.Kre1QSvrClfh-zHCXFHaVpZdpRbKbvZ69uN0M_lbvexnMC7a1RltKYaSByHegtxLKSATZ_M1m3kzUl-0I8zsBVzytcZRFMpLL51hm6pwglzKK4h6PuCGlfR5hNsxxGaJe80lzazabPI39oZPtzRHrwPVQjsnDSp2_kTGW-naJcFHF8mJ5ydAbX7-af3GSry4dXuN1hzIG7SoA3kCZyGfjWQ__nq3aldgfxgdx-lAvEc%2C.oa2DMPZFo_bCSiXjLdlbfp9JTvU%2C

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10206.Kre1QSvrClfh-zHCXFHaVpZdpRbKbvZ69uN0M_lbvexnMC7a1RltKYaSByHegtxLKSATZ_M1m3kzUl-0I8zsBVzytcZRFMpLL51hm6pwglzKK4h6PuCGlfR5hNsxxGaJe80lzazabPI39oZPtzRHrwPVQjsnDSp2_kTGW-naJcFHF8mJ5ydAbX7-af3GSry4dXuN1hzIG7SoA3kCZyGfjWQ__nq3aldgfxgdx-lAvEc%2C.oa2DMPZFo_bCSiXjLdlbfp9JTvU%2C
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
485 B 131ms
131ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 30 Nov 2023 11:42:35 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6568752b-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 03 Dec 2023 17:32:19 GMT

GET
H2 200 75046542 Show response
fundingchoicesmessages.google.com/i/ 176 KB
59 KB 295ms
89ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/75046542?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06ef311a80988a87a61f907e648fe086982a4f61cf9b7bf67dfe6afb68ecb557

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g8UCY2RyrD5HhZy4LNt9qA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-g8UCY2RyrD5HhZy4LNt9qA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 66ms
64ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P3X8GHNT5P&gtm=45je3bt0v873431896z8859010942&_p=1701621138268&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=713872029.1701621139&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701621138&sct=1&seg=0&dl=https%3A%2F%2Fwww.odatv4.com%2F&dt=ODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&en=page_view&_fv=1&_ss=1&tfd=1711
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P3X8GHNT5P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 oylari-dusuruyor-delege-bile-secilemiyor-aday-oluyor-7m3x.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/03/ 73 KB
74 KB 192ms
191ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/03/oylari-dusuruyor-delege-bile-secilemiyor-aday-oluyor-7m3x.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 6ed88767e4cde46a642ded37afb8bebbbe0011b6e7062a59660e54e083abd7e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:19 GMT
date: Sun, 03 Dec 2023 16:32:19 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="oylari-dusuruyor-delege-bile-secilemiyor-aday-oluyor-7m3x.webp"
content-length: 74916
x-request-id: 5VPFP_LjyClIFJY8zKU7_
x-rocket-cachestatus: HIT

GET
H2 200 italyanin-secil-erzani-ponzi-tosuncukun-fikir-babasisteven-spielbergin-konu-ile-ilgisi-fwej.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/02/ 88 KB
89 KB 136ms
135ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/02/italyanin-secil-erzani-ponzi-tosuncukun-fikir-babasisteven-spielbergin-konu-ile-ilgisi-fwej.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 245bc2579d4758311be9954686b431fce0cf2017f1a2d0061ee564b4fa44c858

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:20 GMT
date: Sun, 03 Dec 2023 16:32:20 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="italyanin-secil-erzani-ponzi-tosuncukun-fikir-babasisteven-spielbergin-konu-ile-ilgisi-fwej.webp"
content-length: 90450
x-request-id: QDh3JQuEm9l92f39ecdwM
x-rocket-cachestatus: HIT

GET
H2 200 hamas-acikladi-esir-takasi-yapilmayacak-vyxh.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/02/ 82 KB
82 KB 190ms
189ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/02/hamas-acikladi-esir-takasi-yapilmayacak-vyxh.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 0e55325851f3be0bdf56a78c5256b6529932bd764d0d9a8bd43c5bbf8462c5d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:20 GMT
date: Sun, 03 Dec 2023 16:32:20 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="hamas-acikladi-esir-takasi-yapilmayacak-vyxh.webp"
content-length: 83706
x-request-id: zq8g3Nbij8Jb-4IXXznz5
x-rocket-cachestatus: HIT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7E02
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=odatv4.com&sn=ChromeSyncframe&so=0&topUrl=www.odatv4.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=pjZVJHxCNjA1Mnlrc2JtN1dUM3hPYk9SRWlaak1GeFk4NmowQm9aclBLMDhzOW9ZOU1hSC8yK3JQZnVoY1dESUtIY3pDMlUvd3M3QUlSVHRaV1piVWhrc3o1WlRZTXZNaXdyK3NxYU1YNXpNYmhSM3l0OER5bkk1Ly9tMm...

430 B
652 B

66ms
65ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pjZVJHxCNjA1Mnlrc2JtN1dUM3hPYk9SRWlaak1GeFk4NmowQm9aclBLMDhzOW9ZOU1hSC8yK3JQZnVoY1dESUtIY3pDMlUvd3M3QUlSVHRaV1piVWhrc3o1WlRZTXZNaXdyK3NxYU1YNXpNYmhSM3l0OER5bkk1Ly9tMmZtd0hoV0VWWGdUUlh2Yi9BSnVXQVc1QzVSb2EyK3BRd0JkVU0yaklNOU96cUMvZkpicTZheXZYWGJYUDg2QUdSYk9kVG5tMWYxZUc4dWRKYmdvcWNTRjh1aFQvazZxSGllOU4rTkJWc3ZLMWswajlSRjdZOVZjNjlWc0MzTmpHR25Nb0pMc09obzVYQ3ZFTTNqaGM0eXd4ZTNyN2Zrdz09fA&cppv=2

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a9534467205e41db29ca6726fca0db6f71e01c082f1e67ab768f8223e4be0e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:18 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1551288
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=pjZVJHxCNjA1Mnlrc2JtN1dUM3hPYk9SRWlaak1GeFk4NmowQm9aclBLMDhzOW9ZOU1hSC8yK3JQZnVoY1dESUtIY3pDMlUvd3M3QUlSVHRaV1piVWhrc3o1WlRZTXZNaXdyK3NxYU1YNXpNYmhSM3l0OER5bkk1Ly9tMmZtd0hoV0VWWGdUUlh2Yi9BSnVXQVc1QzVSb2EyK3BRd0JkVU0yaklNOU96cUMvZkpicTZheXZYWGJYUDg2QUdSYk9kVG5tMWYxZUc4dWRKYmdvcWNTRjh1aFQvazZxSGllOU4rTkJWc3ZLMWswajlSRjdZOVZjNjlWc0MzTmpHR25Nb0pMc09obzVYQ3ZFTTNqaGM0eXd4ZTNyN2Zrdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 251472
content-length: 0
expires: 0

GET
H2 200 udm-r3_Thu_11_30_14_29_47_2023.js Show response
bid.underdog.media/ 490 KB
161 KB 300ms
83ms Script
application/javascript 2600:9000:2038:a400:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=19147;tid=1;dt=6;
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2038:a400:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7feafe3222c16e891566da12031bf29ddee0148a0f09603064d26ef007012e58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 22:35:51 GMT
content-encoding: gzip
via: 1.1 3f6ea9dc2daf7899e40c190c4d465fd0.cloudfront.net (CloudFront)
last-modified: Thu, 30 Nov 2023 22:29:50 GMT
server: AmazonS3
x-amz-cf-pop: HEL50-C2
age: 237389
etag: "2da8f95ed68a83d208b2521ead27dba8"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 163900
x-amz-cf-id: QSYLL6GwgKIdujxrh6DSLwXMOMAoOai3ruEB_4LYKEvcgoU-xk3Zfg==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 21 KB
9 KB 236ms
102ms Script
application/javascript 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=19147;tid=1;dt=6;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:19 GMT
content-encoding: gzip
etag: "e23JaXq4HVtlOmThpFhluQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 10 Dec 2023 16:32:19 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.4188303
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.4188303
https://udmserve.net/udm/fetch.pix?dt=1;apnid=883596597126898388;cb=0.4188303

43 B
611 B

711ms
711ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;apnid=883596597126898388;cb=0.4188303
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 16:32:20 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:19 GMT
an-x-request-uuid: 5f3eabfc-597c-4030-8a2a-960a42a8f457
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://udmserve.net/udm/fetch.pix?dt=1;apnid=883596597126898388;cb=0.4188303
x-proxy-origin: 80.255.7.105; 80.255.7.105; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 179ms
47ms Image
text/plain 198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.4188303
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:19 GMT
content-length: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.4188303%3Bindx%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.4188303%3Bindx%3D&s=199174&C=1
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.4188303;indx=ZWytkwBIZvXBicVqLGK6lQAAFDkAAAIB

43 B
624 B

500ms
194ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;cb=0.4188303;indx=ZWytkwBIZvXBicVqLGK6lQAAFDkAAAIB
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 16:32:20 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lv4z2IXH6TspU%2FYwqRX6wMh%2BVOipaL6RUxCOXNKX%2FbRDTnhUTbtYAX5ouovE%2FYz7HGn3VlCWW6GegJg9mMs3BVZQiiWfW6lC6Fy%2FWFaf0dL70I5hbSoRm2J3helJJMrDWlmFR26Q7uJdRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://udmserve.net/udm/fetch.pix?dt=1;cb=0.4188303;indx=ZWytkwBIZvXBicVqLGK6lQAAFDkAAAIB
cache-control: no-cache
cf-ray: 82fd347b7d594516-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58806/ 0
125 B 215ms
48ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.4188303

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 us
sync.go.sonobi.com/ 0
401 B 405ms
130ms Image
text/plain 69.166.1.66
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.4188303%3Bsonobi%3D%5BUID%5D

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:20 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-136
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-west.rubiconproject.com/exchange/ 0
239 B 1505ms
670ms Image
image/gif 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.4188303
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 948563be522c07ceb297f9b507489bca
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D
https://udmserve.net/udm/fetch.pix?dt=1;mgid=f3aff62c-e7db-4b58-8d15-9b29d3f0ccd4

43 B
628 B

193ms
193ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;mgid=f3aff62c-e7db-4b58-8d15-9b29d3f0ccd4
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 16:32:20 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 16:32:20 GMT
Transfer-Encoding: chunked
Location: https://udmserve.net/udm/fetch.pix?dt=1;mgid=f3aff62c-e7db-4b58-8d15-9b29d3f0ccd4
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 217ms
65ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.9.lazy.beta.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:20 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1018523
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-sof1510023-SOF
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701621140.288882,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 23, 1415569

POST
H2 200 load Show response
ad.bilgin.pro/ 2 KB
609 B 451ms
72ms XHR
text/html 142.132.241.141
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.bilgin.pro/load
Requested by: Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.9.lazy.beta.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.241.141 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.141.241.132.142.clients.your-server.de
Software: nginx /
Resource Hash: ab0144bae8791df2f7b587d4d00660b877b37cf0300634d6ae3ae283c484e58b

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 03 Dec 2023 16:32:19 GMT
cache-control: no-cache
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
222 B 65ms
65ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1587796533&t=pageview&_s=1&dl=https%3A%2F%2Fwww.odatv4.com%2F&ul=en-us&de=UTF-8&dt=ODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=763589177&gjid=684186551&cid=713872029.1701621139&tid=UA-2957967-2&_gid=1878566373.1701621139&_r=1&_slc=1&gtm=45He3bt0n81MTJ33LHv859010942&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=824429455

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1695bb295ba2a947f017855bfd9ac29b52fa9646e8b7005aebab71b04c1d2ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 65ms
64ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1587796533&t=pageview&_s=1&dl=https%3A%2F%2Fwww.odatv4.com%2F&ul=en-us&de=UTF-8&dt=ODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=608707946&gjid=1714458243&cid=713872029.1701621139&tid=UA-2957967-2&_gid=1878566373.1701621139&_r=1&gtm=457e3bt0z8870390465&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1944004877

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 66ms
65ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2957967-2&cid=713872029.1701621139&jid=763589177&gjid=684186551&_gid=1878566373.1701621139&_u=YADAAEAAAAAAACAAI~&z=313725488

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 03 Dec 2023 16:32:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
95 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LCBC0RGKV6&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f3f93930632f90c099cedb0498dd6739b7483bc7028234075d9cfaf53a837a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 16:32:19 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 66ms
66ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2957967-2&cid=713872029.1701621139&jid=608707946&gjid=1714458243&_gid=1878566373.1701621139&_u=YADAAUABAAAAACAAI~&z=971100151

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 03 Dec 2023 16:32:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/85990523/
Redirect Chain

https://mc.yandex.com/watch/85990523?wmode=7&page-url=https%3A%2F%2Fwww.odatv4.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1050%3Afu%3A0%3Aen%3Aut...
https://mc.yandex.com/watch/85990523/1?wmode=7&page-url=https%3A%2F%2Fwww.odatv4.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1050%3Afu%3A0%3Aen%3A...

420 B
553 B

91ms
91ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/85990523/1?wmode=7&page-url=https%3A%2F%2Fwww.odatv4.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1050%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A706266841950%3Ahid%3A1031253189%3Az%3A60%3Ai%3A20231203173218%3Aet%3A1701621139%3Ac%3A1%3Arn%3A142784927%3Arqn%3A1%3Au%3A1701621139424745268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C118%2C193%2C113%2C164%2C0%2C%2C447%2C9%2C%2C%2C%2C1524%3Aco%3A0%3Acpf%3A1%3Ans%3A1701621137270%3Agi%3AR0ExLjEuNzEzODcyMDI5LjE3MDE2MjExMzk%3D%3Arqnl%3A1%3Ast%3A1701621139%3At%3AODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

16f7852759cefc18a231744ac78814ed091713d9f1b738171a6aef91cb5d3e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 03-Dec-2023 16:32:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.odatv4.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Sun, 03-Dec-2023 16:32:19 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 03-Dec-2023 16:32:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/85990523/1?wmode=7&page-url=https%3A%2F%2Fwww.odatv4.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1050%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A706266841950%3Ahid%3A1031253189%3Az%3A60%3Ai%3A20231203173218%3Aet%3A1701621139%3Ac%3A1%3Arn%3A142784927%3Arqn%3A1%3Au%3A1701621139424745268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C118%2C193%2C113%2C164%2C0%2C%2C447%2C9%2C%2C%2C%2C1524%3Aco%3A0%3Acpf%3A1%3Ans%3A1701621137270%3Agi%3AR0ExLjEuNzEzODcyMDI5LjE3MDE2MjExMzk%3D%3Arqnl%3A1%3Ast%3A1701621139%3At%3AODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://www.odatv4.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 03-Dec-2023 16:32:19 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 830 B
1 KB 173ms
47ms Script
text/javascript 37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2616896&ADFPageName=Odatv_TumSayfalar&ADFdivider=%7C&ord=809629505934&ADFtpmode=2&itm=eyJzdjEiOiJodHRwczovL3d3dy5vZGF0djQuY29tLyIsInN2MiI6Imh0dHBzOi8vd3d3Lm9kYXR2NC5jb20vIn0&loc=https%3A%2F%2Fwww.odatv4.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b164af3f87c993141bf6ebcd2af8dd669a53031065131af6435a9bc2155ec5e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 544
expires: -1

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 222ms
96ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2957967-2&cid=713872029.1701621139&jid=763589177&_u=YADAAEAAAAAAACAAI~&z=62205043

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 97ms
96ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2957967-2&cid=713872029.1701621139&jid=763589177&_u=YADAAEAAAAAAACAAI~&z=62205043

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 148ms
96ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2957967-2&cid=713872029.1701621139&jid=608707946&_u=YADAAUABAAAAACAAI~&z=238133924

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 94ms
94ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2957967-2&cid=713872029.1701621139&jid=608707946&_u=YADAAUABAAAAACAAI~&z=238133924

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-effSsmMYCbAck.js Show response
rules.quantcount.com/ 160 B
642 B 354ms
199ms Script
application/javascript 2600:9000:223c:d800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:43:10 GMT
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2959
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 22:21:01 GMT
server: AmazonS3
etag: "435cbd9bc4b3440e866ad1f4f7d1ef02"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: CG5GBueRzLsl0Y3g7Z0NXKjMFN5Js-2lwlrWvdZe-kFUUyzl48Ga-A==

GET
H2 200 rules-p-Pz67dCqdsHfxh.js Show response
rules.quantcount.com/ 160 B
643 B 353ms
198ms Script
application/javascript 2600:9000:223c:d800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:15:15 GMT
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1028
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 23:00:33 GMT
server: AmazonS3
etag: "eee1bd1fc55b604b66cd9e63c4f811b8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: WPqsTthHyL6CVYT7EYkFEGJvpcoAe8aHj4aw29mLFVUBPreF9zTZUQ==

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 232ms
83ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=92183420661

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 239ms
91ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=44415094677

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 332ms
186ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=22044789097

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 329ms
186ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=94010390560

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 328ms
186ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=17702790337

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 325ms
185ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=48239049510

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:18 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 AGSKWxXoLSvNCgenCkA-iEEcza1wln74TkzWaRZT9rlPs_qhWLVZGX-XcMZ4NitjtSbx8cH4voIRbAxjWwhInp4yR8973yzLv0CGJm0fwIhPVfPaDlSFifl3pn9cMLsYTgDVaFol-PGMUQ== Show response
fundingchoicesmessages.google.com/f/ 401 KB
62 KB 541ms
540ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXoLSvNCgenCkA-iEEcza1wln74TkzWaRZT9rlPs_qhWLVZGX-XcMZ4NitjtSbx8cH4voIRbAxjWwhInp4yR8973yzLv0CGJm0fwIhPVfPaDlSFifl3pn9cMLsYTgDVaFol-PGMUQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNjIxMTM5LDU5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cub2RhdHY0LmNvbS8iLG51bGwsW1s4LCJGYVlQdVJ3ZXFJSSJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMytfF6m19eh4g6bfBvkWRwpynfzCw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4af1c92f828b2436bd38e6ffa0b371b8962914318c1a2e650f34df1ca56a014

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OidJYLO9MTS9d-ece5dY5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-OidJYLO9MTS9d-ece5dY5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 101ms
100ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 67ms
67ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 27 Nov 2024 16:32:19 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 61ms
61ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 27 Nov 2024 16:32:19 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 463ms
462ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 bc_OpV5lEF_yGayY-MVa1Sz2X7gdWk.js Show response
bid.underdog.media/ 5 KB
2 KB 183ms
183ms Script
application/x-javascript 2600:9000:2038:a400:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/bc_OpV5lEF_yGayY-MVa1Sz2X7gdWk.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2038:a400:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40381d253b86d7ab8c32fd7713e3149a470f9245153f51f7234f24658f8fdc78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:09:11 GMT
content-encoding: gzip
via: 1.1 3f6ea9dc2daf7899e40c190c4d465fd0.cloudfront.net (CloudFront)
last-modified: Sun, 03 Dec 2023 16:00:07 GMT
server: AmazonS3
x-amz-cf-pop: HEL50-C2
age: 1389
etag: "1afe673ca945f16f8d967830444abaa8"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1739
x-amz-cf-id: 1iXNV6ngqW_vXqfGdupbpEfh5gHyR_MLFkw7XjA9B3XpWPRiurIrZw==

GET
H2 200 rrv7.js Show response
bid.underdog.media/ 2 KB
1 KB 170ms
170ms Script
application/x-javascript 2600:9000:2038:a400:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/rrv7.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2038:a400:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2b82bd854012eba02d6e8c962548c97919b3196472dffe920ae0d8b88779361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:52:28 GMT
content-encoding: gzip
via: 1.1 3f6ea9dc2daf7899e40c190c4d465fd0.cloudfront.net (CloudFront)
last-modified: Sun, 03 Dec 2023 15:30:02 GMT
server: AmazonS3
x-amz-cf-pop: HEL50-C2
age: 2392
etag: "5fce4c4d287b16d335745838340015bf"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
accept-ranges: bytes
content-length: 686
x-amz-cf-id: pWFjjsy8Wunr8vXT_ZQfD1_e0SSnpu9ax78p0JUxdqm_xeigNnxnlg==

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 58ms
57ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 58ms
57ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 59ms
58ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 58ms
58ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 css
fonts.googleapis.com/ 69 KB
4 KB 265ms
68ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FaYPuRweqII.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwlLW_mylTS11_htG8IL16Oj6Xnrw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4cb7ee295b14fe670ced1e8271273041990ca3d5af39accf8e960c227148eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 16:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 16:32:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 16:32:20 GMT

GET
H2 200 MH80wOXmOMhA52yl10uiBXjS1oISel-NZHW1qa89XWXy08A7qrlDMvZ8viimCwnpDdAHcBa_3JmUtmb8IZqHv5Qe6iqSIvpEWoAygMXnXeG-RVzBns4=h60
lh3.googleusercontent.com/ 6 KB
6 KB 299ms
171ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/MH80wOXmOMhA52yl10uiBXjS1oISel-NZHW1qa89XWXy08A7qrlDMvZ8viimCwnpDdAHcBa_3JmUtmb8IZqHv5Qe6iqSIvpEWoAygMXnXeG-RVzBns4=h60

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

46d49584af9defb5738f3f1668afec311f85f86258ecb94575a06949fa16cf92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:34:35 GMT
x-content-type-options: nosniff
age: 14265
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5885
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 04 Dec 2023 12:34:35 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 265ms
141ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.odatv4.com/
Origin: https://www.odatv4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:20 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 16:32:20 GMT

POST
H3 204 AGSKWxV2I8PPe6rJxbS990AtZY1HF-RQ2xvnog_EstsoSMjZb6m-V94saY1fsSZ3MR1RGrG41oHd2Irm7ioJZ8GQivrOWc4NQS1wVeV7cj1-EuYl8cVTrU6QoKzX4qeoX1sx5Gk68FRhzg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 189ms
71ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV2I8PPe6rJxbS990AtZY1HF-RQ2xvnog_EstsoSMjZb6m-V94saY1fsSZ3MR1RGrG41oHd2Irm7ioJZ8GQivrOWc4NQS1wVeV7cj1-EuYl8cVTrU6QoKzX4qeoX1sx5Gk68FRhzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wEYLiVWa0C0VMxvhTuPRpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 03 Dec 2023 16:32:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-wEYLiVWa0C0VMxvhTuPRpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.odatv4.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 842 B
1 KB 50ms
50ms Script
text/javascript 37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2616896&ADFPageName=Odatv_TumSayfalar&ADFdivider=%7C&ord=809629505934&ADFtpmode=2&itm=eyJzdjEiOiJodHRwczovL3d3dy5vZGF0djQuY29tLyIsInN2MiI6Imh0dHBzOi8vd3d3Lm9kYXR2NC5jb20vIn0&loc=https%3A%2F%2Fwww.odatv4.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=7289333222611354281

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4e5540558575f0987b4285b570b0f68b1c45fdb994fd5ec64c6c6d65b9f464d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 681
expires: -1

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 2289 5 KB
2 KB 239ms
48ms Document
text/html 37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Requested by

Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2616896&ADFPageName=Odatv_TumSayfalar&ADFdivider=%7C&ord=809629505934&ADFtpmode=2&itm=eyJzdjEiOiJodHRwczovL3d3dy5vZGF0djQuY29tLyIsInN2MiI6Imh0dHBzOi8vd3d3Lm9kYXR2NC5jb20vIn0&loc=https%3A%2F%2Fwww.odatv4.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=7289333222611354281

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4f2e508c60054786c932b26f02804adda62a22567272fbe5669886d10a9c6fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.odatv4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 16:32:20 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
466 B 159ms
47ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=114453476629338213&stamp=b5y3AiJlT5UDvP-67D9Y4w2

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 182ms
182ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.odatv4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:29:28 GMT
x-content-type-options: nosniff
age: 180172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 14:29:28 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 34 KB
34 KB 311ms
311ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.odatv4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:40:31 GMT
x-content-type-options: nosniff
age: 111109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35120
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:40:31 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 2289 0
384 B 47ms
47ms Image
text/plain 37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame 2289 43 B
199 B 235ms
66ms Image
image/gif 34.255.40.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=114453476629338213&Expiration=1702830740
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.255.40.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-40-44.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 03 Dec 2023 16:32:20 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 2289 0
235 B 230ms
90ms Image
text/plain 23.36.225.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.36.225.193 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-225-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 16:32:20 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sat, 02 Dec 2023 16:32:20 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 2289 0
214 B 607ms
61ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 1f4afaf10c6b5898421df1cdca3fc7f5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame 2289 0
38 B 157ms
53ms Image
text/plain 3.127.166.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=114453476629338213&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.166.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-166-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:20 GMT
content-length: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 2289 43 B
163 B 286ms
72ms Image
image/gif 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=114453476629338213&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:20 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55944/ Frame 2289 0
38 B 52ms
49ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=114453476629338213&_origin=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:20 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 2289 43 B
637 B 1418ms
55ms Image
image/gif 2607:ae80:4::25
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::25 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 16:32:22 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1701621142006006-569

GET
H2 200 sync
x.bidswitch.net/ Frame 2289 43 B
146 B 251ms
49ms Image
image/gif 3.65.104.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.104.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-104-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 rum
dsum-sec.casalemedia.com/ Frame 2289 43 B
558 B 89ms
81ms Image
image/gif 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=114453476629338213&expiration=1702830740
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcktggXiavX535OglZ58YvuCEfDubTiVu1pVvw7JJ2WoxWwZfw%2FCU8v2FRSdsM3dLxlCaf%2B51iIp7o1vVQouGhN3qaLL%2BH3Bhw0eeUFmdFyifqynC8R3Eb8%2FJ3mDao1fxPFA3c1IriUT4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82fd34810c554516-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H/1.1

200
OK

12092831
se.semasio.net/sync/1/ Frame 2289
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=114453476629338213&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=114453476629338213&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=114453476629338213&gdpr=&sInitiator=external
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/647471?sExtCookieId=7308407150787754143&sInitiator=internal&gdpr=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=883596597126898388&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NzczMDExRTM1REZEQzNERA&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEB-UC6vd7_82c5cVNFMtSlg&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEB-UC6vd7_82c5cVNFMtSlg&sInitiator=internal&google_cver=1&gdpr=

0
415 B

54ms
54ms

Image
text/plain

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEB-UC6vd7_82c5cVNFMtSlg&sInitiator=internal&google_cver=1&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:32 GMT
uip-status: Ok
frontend-id: 10
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:32 GMT
frontend-id: 7
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEB-UC6vd7_82c5cVNFMtSlg&sInitiator=internal&google_cver=1&gdpr=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 2289 0
344 B 383ms
122ms Image
text/plain 3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=114453476629338213&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 16:32:20 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 2289
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=114453476629338213
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=114453476629338213&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
382 B

229ms
56ms

Image
image/gif

2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 03 Dec 2023 16:32:21 GMT
x-age-lb: 720018
x-77-cache: HIT
x-accel-date: 1700901123
content-length: 43
x-77-nzt: EQwBnJIhiwH3kvwKAA
x-accel-expires: @1701937195
x-77-age: 720018
x-cache-lb: HIT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: cf878727d81adb7a95ad6c6522ea5313
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Sun, 03 Dec 2023 16:32:21 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame 2289 0
98 B 270ms
146ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=114453476629338213/gdpr=/ Frame 2289 49 B
265 B 299ms
66ms Image
image/gif 54.194.196.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=114453476629338213/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.196.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-196-88.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.0.253
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 2289 62 B
218 B 465ms
240ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 03 Dec 2023 16:32:21 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 2289 43 B
264 B 275ms
69ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 2289
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

218ms
70ms

Image
image/gif

52.92.36.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: HTTP/1.1
Server: 52.92.36.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 16:32:22 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: 278V7EAD6YKMYEBQ
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 7nizExMSUgt6Ojyt1+2FC/V3KUFx87G7HE44nMcyHXPR4o+AxBNr+ey0Vsq/M/nnkbHimLwxACU=

Redirect headers

X-Error-Reason: Missing UserId
Date: Sun, 03 Dec 2023 16:32:20 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 2289
Redirect Chain

https://pixel.onaudience.com/?mapped=114453476629338213&partner=68
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6b636b8b8c55ab8351593e6f3ce7f780&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
149 B

203ms
65ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:21 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET /
cm.adsafety.net/ Frame 2289 0
0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 2289 0
337 B 309ms
65ms Image
text/plain 3.248.3.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.3.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-3-218.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: beacon-n008-dub-prod.krxd.net
date: Sun, 03 Dec 2023 16:32:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=56 t=1701621141
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 2289
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MTE0NDUzNDc2NjI5MzM4MjEz
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MTE0NDUzNDc2NjI5MzM4MjEz&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOG5HMxcekHc0C84f4F4jsM&google_cver=1&google_ula=1641347,0

35 B
590 B

49ms
49ms

Image
image/gif

37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOG5HMxcekHc0C84f4F4jsM&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Protocol

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOG5HMxcekHc0C84f4F4jsM&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
secure.adnxs.com/ Frame 2289
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=883596597126898388&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=114453476629338213

43 B
832 B

58ms
58ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=114453476629338213

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:20 GMT
an-x-request-uuid: 7c1bc774-f529-4bdc-9b56-1026bebf3d2e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.105; 80.255.7.105; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=114453476629338213
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame 2289 0
384 B 50ms
50ms Image
text/plain 37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 2289 0
225 B 178ms
51ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 16:32:20 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 2289 43 B
444 B 194ms
53ms Image
image/gif 108.138.233.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.233.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-233-103.lhr61.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 10:19:16 GMT
Via: 1.1 4cafceb008e6fb971d9321d02b918f8e.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: LHR61-P4
Age: 22385
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: uKS2kKi9zWplR6NGmzc2SnWXBBDGDbyNNqpxuVCNySFQcPd6Ji2v3w==

GET
H/1.1

200

p
a.audrte.com/ Frame 2289
Redirect Chain

https://a.audrte.com/a?adform_uid=114453476629338213
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZGFiMXlYRTF0bTlUTldkLUFTWXZZLUtQUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

64ms
64ms

Image
image/png

46.137.164.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: HTTP/1.1
Server: 46.137.164.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-164-248.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 16:32:21 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 03 Dec 2023 16:32:21 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 2289
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=114453476629338213&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=114453476629338213&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirec...
https://c1.adform.net/serving/cookie/match?party=1007&cid=56544138387432592842528448480507451871&noredirect=1

35 B
590 B

50ms
50ms

Image
image/gif

37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=56544138387432592842528448480507451871&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Protocol

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-irl1-1-v054-0000ed5b8.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: s7dmDb/tQwA=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=56544138387432592842528448480507451871&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 2289
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=114453476629338213
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216643104719003251135

35 B
599 B

48ms
47ms

Image
image/gif

37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216643104719003251135

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Protocol

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216643104719003251135
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 2289
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7308407150787754143

35 B
599 B

64ms
48ms

Image
image/gif

37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7308407150787754143

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Protocol

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7308407150787754143
Date: Sun, 03 Dec 2023 16:32:21 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 2289 62 B
430 B 256ms
256ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 03 Dec 2023 16:32:21 GMT
content-length: 62
content-type: image/gif

GET
H/1.1 200
OK img
pixel.mathtag.com/sync/ Frame 2289 43 B
417 B 494ms
72ms Image
image/gif 72.246.168.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.246.168.208 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-208.deploy.static.akamaitechnologies.com
Software: MT3 1143 599e619 master zrh zrh-pixel-x24 config_version:"121" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 16:32:22 GMT
Server: MT3 1143 599e619 master zrh zrh-pixel-x24 config_version:"121"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sun, 03 Dec 2023 16:32:20 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 2289
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=E2ZAMvtb1R9Poh5

35 B
599 B

48ms
48ms

Image
image/gif

37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=E2ZAMvtb1R9Poh5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Protocol

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 16:32:21 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=E2ZAMvtb1R9Poh5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2289 70 B
148 B 64ms
64ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:21 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 2289 0
72 B 553ms
133ms Image
text/plain 69.169.85.6
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.85.6 Commack, United States, ASN29838 (AMC, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame 2289 43 B
921 B 191ms
59ms Image
image/gif 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=114453476629338213

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 03 Dec 2023 16:32:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 2289
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1590374989
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=TBZxn0MybYUNZwvHi07qyO

35 B
590 B

49ms
48ms

Image
image/gif

37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=TBZxn0MybYUNZwvHi07qyO

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Protocol

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
via: 1.1 google
last-modified: Sun, 03 Dec 2023 16:32:22 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=TBZxn0MybYUNZwvHi07qyO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 2289 23 B
163 B 622ms
176ms Image
image/gif 23.205.93.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-93-33.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Sun, 03 Dec 2023 16:32:22 GMT
pragma: no-cache
date: Sun, 03 Dec 2023 16:32:22 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 204 /
s.ad.smaato.net/c/ Frame 2289 0
238 B 222ms
73ms Image
text/plain 2600:9000:211e:d200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:d200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
cache-control: no-cache, must-revalidate
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: GQTJNI2Y3FAcVWmPLF6rAiv9DBZYNNAgeBpkJrkMBHjYP0eU8cxxRg==
x-cache: Miss from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 2289
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=114453476629338213&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEV...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=114453476629338213&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7B...
https://c1.adform.net/serving/cookie/match?party=2007&cid=9a5a109d-7e96-404f-b8d7-051b68b297b2

35 B
599 B

46ms
45ms

Image
image/gif

37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=9a5a109d-7e96-404f-b8d7-051b68b297b2

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Protocol

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=9a5a109d-7e96-404f-b8d7-051b68b297b2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 114453476629338213
match.contentexchange.me/adform/ Frame 2289 0
49 B 491ms
73ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/114453476629338213?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 2289 37 B
140 B 169ms
50ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=114453476629338213&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 204
No Content 296800c6dbd7f8eb22cf034b9927d719.gif
sync.e-volution.ai/ Frame 2289 0
103 B 217ms
52ms Image
text/plain 109.206.161.21
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.161.21 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 109.206.161.21.serverel.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 03 Dec 2023 16:32:22 GMT
Server: nginx

GET
H2 204 put
e1.emxdgt.com/ Frame 2289 0
44 B 170ms
49ms Image
text/plain 18.192.146.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=114453476629338213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.146.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-146-238.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
server: awselb/2.0

GET
H2 200 plf
c1.adform.net/imatch/ Frame 2289 0
384 B 48ms
48ms Image
text/plain 37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=114453476629338213&agencyId=7233&advertiserId=2120834&src=tp&rnd=766067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 505ms
289ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ 2 KB
2 KB 150ms
150ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.8.0&cb=9954051925&lsavail=1&bundle=_LaQx195NDZDNUhqZmZHZGZTWHQ0WEFNQm1DZ2h1cXZyeTRyT0ZaVkVXbnhXNEQlMkJUSDZIcU0lMkYzaG53RnlXSlN5UzJaUzF3QVlUNE50eXRsYjFyaVY4R1l5ZiUyQlFnQTdxV0VvSyUyQnJ2cHRteFBldGsxYWNxJTJCUGlzUm9WYzJLREJpMnBRcDdhQ2YwVjhuMmJzM2UzUEE5eTU2ZHdBJTNEJTNE

Requested by

Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9676646b3e05326c577adcbf14c7fb000e8f217597fdd01eef1f6a2712f4c188

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 03 Dec 2023 16:32:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.odatv4.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
354 B 263ms
62ms XHR
text/plain 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Sun, 03 Dec 2023 16:32:20 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
server: envoy
vary: origin, Accept-Encoding

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ Frame 14D6 0
803 B 197ms
197ms Script
application/x-javascript 68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=19147;tid=1;dt=7;p=1;rri=1701621138976_473721_80.255.7.105;mid=48163;zzz=%5B48163%2C1701621138%2C%22Oco0Dau9YW10gt9gFymJGQ%22%5D;version=dev-100;cb=0.4220135678473238;qqq=29.331221691467775;session=1;style=slider;vis=visible;traffic_info=%7B%7D;gdprApplies=true;consentGiven=false;consentData=undefined
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: application/x-javascript
Date: Sun, 03 Dec 2023 16:32:21 GMT
Expires: -1d
Connection: Keep-Alive
Content-Length: 0
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3211 55 KB
21 KB 557ms
151ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g

Requested by

Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1a4e283faf221f8e188c3c81418a1ed38824014d0983fba4a7ab4c60be973ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 16:32:21 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=maR2z6PZG99iY4XzehmECegXvEozR0rD6vQK-2Z4PRqKPc1TTnZJFei2iWr9agj91I0qGdUmQYrB00wjqyweNYFi022gvB0UXNmQ_fKLxEWX0s96uuFGEJVC1Fu0bqAvJi5RT54N_JCH4UYMS52b9zngMmzjlRvJvyPoawuSjXQavr6HoPlAia8A-vHt8uqXDzLBU3RdFL5LWCcwpHND3_q6fu-giUsZ4OAKcuEgCgW6VvN-u-gXVOXI5pNKdd-UEiBqiQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 4709831
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 tpd
cat.nl3.eu.criteo.com/ Frame 14D6 43 B
462 B 258ms
50ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/tpd?dd=pRlt8l9yNkVXSllYdFo0Z2hLdEs1TEF0Sk5ncE1weHo3RkVFYm54U2dPTTgwMSUyQktoZloyY1Vya0dFNTdEZ3U2Y3p0VjE2Q3VPb2o4YW5XTmhNQlBkQiUyQkZTd3I1WkpRemtkb3dBUnpIemFRZG1vMktVWWNpOVVkc1p6VTVlaUpkZnFlZXpkZ2hDYmplaGlrNzFSTCUyQjdERGdjaUJNNFQ3ME1BR1RMbG9IWktiN1NmZU9lTmFJbzY2d0ZlRWJNcnlYeFQwQUl5bWRra0tBTzFIZzRsUEk0azBRVlBlaFJQakZEdWRTbURNR25zSEVnOFdUSnRoek5PcmNtOVNLQWdvRWtiYUwxNkZxa0lsTDN1Y211bVNwSHlIS3N3ZjVCS1dTRG5JejF4SzB2ZFIzcGtPUFRaTmVWa21JMDdNUEt6YWkwRHFxS2JneGFkOEFGbyUyRkolMkIzNlhsWnVHWVJpelNvTlI5d01mM3J1TFIxVDJvSTNmU1A2WCUyRnglMkZHdldCSVh2dFVMOUxXWWhHbzJucE51WG9qdWRPN1N3Mk0wbGgyMUYlMkZya2hpMWs1MEIlMkI2ZWhCN2pjUXF2VzJmaGlibXlLY3d1VVUlMkZvQiUyRms3cjZBQTlhQXB3cERPOHlRVWxkNVpaU0x1bUwlMkZZSXFhZElPdVBneTNDVSUzRA

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 175147
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H/1.1 200
OK radApi Show response
edge.udmserve.net/ 20 B
160 B 778ms
190ms XHR
application/json 68.71.249.120
PERFORMIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.udmserve.net/radApi
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.120 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS: underdogmedia.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 03 Dec 2023 16:32:22 GMT
Content-Length: 20
Content-Type: application/json

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3211 2 KB
1 KB 453ms
452ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Nov 2024 16:32:22 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3211 2 KB
1 KB 453ms
453ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Nov 2024 16:32:22 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3211 308 B
636 B 63ms
62ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 27 Nov 2024 16:32:22 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3211 293 B
621 B 453ms
452ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 27 Nov 2024 16:32:22 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 3211 43 B
347 B 53ms
53ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=eHAwzx044nux41qFERYdEyWg6Aqa-mxbwgUiq3Ahg2qDflgH-kJ5NcY5P4_XdATzMKyrk6Yi4e3FzRiQPZkWteGRn94nA7yAHL7goklsNFtg7qtHlcmdVxA1-u4eoe1lF5OaUkV3sW1wD67d4SRLBlBvwJrDdMl95vaUeQg7pueq29cikpgta56khUB51yOt9IGzSO74SwBPUNPMfwabhIdAqto4XKNVeQ59O2TXNQeO6A6zNP893BDK-dGduc3_vYUoSMrxcnlaDQBlf8EhYdUcGGKjOCKmjsVOYD7WWS7ftYKb3xb89v8vMswFfrodpnKwTjEKVDmtXpCm4fDWmGS8d6pr9659OuAdgt2qig5T0t9jKoNnbN-GlbIuyeghFfzZ7N1scH_yx9YEe6K4Y4_Lj-hSlnnUKSf9gsY-64n2Cm53P2l_XTUCMJytf_fxJMizM79AjKw7sCB6-kigIYph3IY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2349070
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 f3074b72f72342ad9df070b6c547113f_image_ad_728x90.gif
static.criteo.net/design/dt/25298/210905/ Frame 3211 38 KB
39 KB 451ms
450ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/25298/210905/f3074b72f72342ad9df070b6c547113f_image_ad_728x90.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4ca095eaf5371e8277fd32c74da2e56ddd048a84d44587d8d13338c2357c90da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Sun, 05 Sep 2021 17:16:35 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6134fb73-98d3"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 39123
expires: Wed, 27 Nov 2024 16:32:22 GMT

GET
H2 200 dis.aspx Show response
widget.nl3.eu.criteo.com/dis/ Frame 65B5 6 KB
3 KB 239ms
54ms Document
text/html 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=164173&cb=656cad95adf259123aefe929a9b63fe2&r=https%3a%2f%2fwww.odatv4.com%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

959ecb16109104295939b4130c02cd233e4e709d13414dd81f89750aac094b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Sun, 03 Dec 2023 16:32:22 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 2962007
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 7547
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Da4iGlvoGz8FIU9VL290B-HN2ZIIkPfs_pZrdg&google_cm&google_hm=ay1EYTRpR2x2b0d6OEZJVTlWTDI5MEItSE4yWklJa1Bmc...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Da4iGlvoGz8FIU9VL290B-HN2ZIIkPfs_pZrdg&google_gid=CAESEGaED0MtKRcbguapIXye1j4&google_cver=1&google_ula=913071,0

43 B
369 B

61ms
49ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Da4iGlvoGz8FIU9VL290B-HN2ZIIkPfs_pZrdg&google_gid=CAESEGaED0MtKRcbguapIXye1j4&google_cver=1&google_ula=913071,0

Requested by

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 583064
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Da4iGlvoGz8FIU9VL290B-HN2ZIIkPfs_pZrdg&google_gid=CAESEGaED0MtKRcbguapIXye1j4&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 7547 43 B
145 B 56ms
51ms Image
image/gif 3.65.104.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-vuhmcVvoGz8FIU9VL290B-HN2ZIhnmvD4Pt0Ww&expires=30
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.104.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-104-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 7547
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=883596597126898388

43 B
370 B

151ms
49ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=883596597126898388

Requested by

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 947509
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:22 GMT
an-x-request-uuid: 4494bb7b-7be5-4d49-8d1f-467224b434b2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=883596597126898388
x-proxy-origin: 80.255.7.105; 80.255.7.105; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 7547 53 B
784 B 366ms
229ms Image
image/gif 72.246.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-CpL8PlvoGz8FIU9VL290B-HN2ZLMJMq21-ZGzg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 16:32:22 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Sun, 03 Dec 2023 16:32:22 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 7547 0
239 B 444ms
262ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-r2fYFVvoGz8FIU9VL290B-HN2ZKT69BxJQ8txA&expires=30
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 7547 43 B
163 B 153ms
150ms Image
image/gif 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-qa9hAVvoGz8FIU9VL290B-HN2ZLczWDRYzg2vQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:21 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 7547 0
99 B 551ms
51ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-exH80VvoGz8FIU9VL290B-HN2ZITzzOkOyiApg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 50220

GET
H2 200 um
criteo-sync.teads.tv/ Frame 7547 23 B
163 B 150ms
140ms Image
image/gif 23.205.93.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-Unb3DFvoGz8FIU9VL290B-HN2ZKWaOtj9tBEEQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-93-33.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Sun, 03 Dec 2023 16:32:22 GMT
pragma: no-cache
date: Sun, 03 Dec 2023 16:32:22 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 7547 37 B
139 B 55ms
51ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-zQqijVvoGz8FIU9VL290B-HN2ZJCDnFrL8XRjQ&dongle=013b
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 7547 0
38 B 55ms
52ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nOPJ8VvoGz8FIU9VL290B-HN2ZIKNweAqhPyFg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 7547 43 B
163 B 149ms
48ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-p2BXQ1voGz8FIU9VL290B-HN2ZLXNvuTTuXSKA
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 7547 49 B
385 B 228ms
67ms Image
image/gif 52.17.57.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-pGVdwVvoGz8FIU9VL290B-HN2ZLj7EQ3jSRxXw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.57.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-57-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:22 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 5
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2 200 rum
r.casalemedia.com/ Frame 7547 43 B
534 B 82ms
73ms Image
image/gif 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-y0MQ21voGz8FIU9VL290B-HN2ZLembCvwTU_pw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GorROZjXBLnmc3tW1jN3TmwteOfgA5Qf7p1Ev5ED973VLZjx50DOuzAJgw54E2UXG%2BN0wMove%2BbmGb88H5lJIQggRtVLcGGOAZSZgKFWzsn1vSrZECmsYmPVe1HSpFhjKzPE"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82fd348b2ede4516-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H2

200

ibs:dpid=28645&dpuuid=AkIg3CGqD73bidd1ngPDvPOM4DQqv8k4
dpm.demdex.net/ Frame 7547
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=AkIg3CGqD73bidd1ngPDvPOM4DQqv8k4

42 B
718 B

66ms
65ms

Image
image/gif

54.76.220.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=AkIg3CGqD73bidd1ngPDvPOM4DQqv8k4

Requested by

Protocol

Server

54.76.220.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-220-42.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0b83a3e88.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: TFjA+Z7SSaI=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=AkIg3CGqD73bidd1ngPDvPOM4DQqv8k4
date: Sun, 03 Dec 2023 16:32:21 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1290637
content-length: 0

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 7547 43 B
920 B 61ms
58ms Image
image/gif 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-uhkfeVvoGz8FIU9VL290B-HN2ZIRO52Ly_gtQQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame 7547 43 B
198 B 68ms
65ms Image
image/gif 34.255.40.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-dwJmDFvoGz8FIU9VL290B-HN2ZJ5VXSSvI7iFA
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.255.40.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-40-44.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 03 Dec 2023 16:32:22 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 7547 42 B
274 B 257ms
61ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-ILU_RlvoGz8FIU9VL290B-HN2ZIZ933Ab-zmHQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 7547 0
884 B 186ms
71ms Image
text/html 18.195.142.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-coURW1voGz8FIU9VL290B-HN2ZLlHw6GWntDxw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.142.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-142-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 7547 43 B
422 B 1006ms
231ms Image
image/gif 52.40.123.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-jdkw-lvoGz8FIU9VL290B-HN2ZLfjkL_dBvTNg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.40.123.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-123-248.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:23 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 7547 0
145 B 600ms
140ms Image
text/plain 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-vlH8jFvoGz8FIU9VL290B-HN2ZKMIG9on5GSXA&initiator=partner
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 16:32:22 GMT
Cache-Control: no-cache
X-TraceId: be69f80de5e2bdfc629320fa21e2cae8
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 7547 0
74 B 53ms
51ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Pd5611voGz8FIU9VL290B-HN2ZJ9dvMzXElMRA
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 16:32:20 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 7547 0
35 B 268ms
49ms Image
text/plain 52.59.107.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Xu-LLFvoGz8FIU9VL290B-HN2ZKCEcA7VtrpJA
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.107.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-107-120.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 7547 43 B
398 B 420ms
127ms Image
image/gif 2600:1f18:612b:4216:b52b:a442:856c:78b2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-PFcwD1voGz8FIU9VL290B-HN2ZKE1uqHRx3CTA
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:b52b:a442:856c:78b2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 03 Dec 2023 16:32:22 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 7547 0
235 B 118ms
118ms Image
text/plain 23.36.225.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-pOrgJlvoGz8FIU9VL290B-HN2ZLLUlfTKsMabw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.36.225.193 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-225-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 16:32:22 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sat, 02 Dec 2023 16:32:22 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 7547 0
38 B 625ms
63ms Image
text/plain 108.128.110.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-Y9RXxlvoGz8FIU9VL290B-HN2ZIvLOQfiZxNDg&pn_id=criteo&ext=1
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.110.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-110-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:23 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 7547 0
43 B 52ms
50ms Image
text/plain 18.192.146.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-EuogJlvoGz8FIU9VL290B-HN2ZLIvdoc66bfMg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.146.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-146-238.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
server: awselb/2.0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 7547 0
15 B 51ms
51ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-nOPJ8VvoGz8FIU9VL290B-HN2ZIKNweAqhPyFg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H2 200 all
csm.eu.criteo.net/ Frame 3211 0
128 B 173ms
55ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=maR2z6PZG99iY4XzehmECegXvEozR0rD6vQK-2Z4PRqKPc1TTnZJFei2iWr9agj91I0qGdUmQYrB00wjqyweNYFi022gvB0UXNmQ_fKLxEWX0s96uuFGEJVC1Fu0bqAvJi5RT54N_JCH4UYMS52b9zngMmzjlRvJvyPoawuSjXQavr6HoPlAia8A-vHt8uqXDzLBU3RdFL5LWCcwpHND3_q6fu-giUsZ4OAKcuEgCgW6VvN-u-gXVOXI5pNKdd-UEiBqiQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3211 2 KB
1 KB 128ms
127ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Nov 2024 16:32:22 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3211 2 KB
1 KB 127ms
127ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:32:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Nov 2024 16:32:22 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7547
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=aWVsdH_tnx7mBU98BK1igsK3WHCZLk1A

0
336 B

62ms
62ms

Image
text/plain

3.248.3.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=aWVsdH_tnx7mBU98BK1igsK3WHCZLk1A
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7C7zanzeOTDSe5tYYp%2BqOPBQ4dNs38226jabCTpL5DQEQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxebIs91kbeU9-kEXzQ6p-vTwWAjgZyHBFFJpewSUcFrtyQoDSiQhIJJbdWlfI9DlS6MeyhzgnB0yu7CXFPWqMayvFAkBh87LeBsT96hS2hwql5CvDGemgDymcRJNVStFGdlysrcMnGVtCJiGXCubaT8UaeiOtwZyiqrCq4pV4aMdTD6wUiImV1xHbARlGpvpsqlfLddHIRB8Hhig1UrQvZIfXz175tBNMZcz74CmZS3qONGBPQ2yTrxIaIDGssnOWVutAANYTx6GB6SyBeQGiDZg0uDOBIuI1FMpjh5BOP-6SpVuBJwTMSkH9gdOUPe6FwoGggalVqTyh2tCOJfbeCKgx4KPqf7O4dkTxgz4L4bPRsim2WypScX88jInl31ZCPDroXoxkkj0-M0jEoN-fKoSbo-yugMsuOJbY7hGMj05gJ-6CZW-aOcXfFEPQsF5-ZC1oU7ktddcgRVp6Zrv7loRvEksBT2lY26__z_rqWE7OcYIBB9VnVPFhAuGm0it3j4QXofpr_1Ood9c96BqVtX2eezCcRHbIp-3A4M8cku1g
Protocol: H2
Server: 3.248.3.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-3-218.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: beacon-n007-dub-prod.krxd.net
date: Sun, 03 Dec 2023 16:32:22 GMT
cache-control: private, no-cache, no-store
x-request-time: D=22 t=1701621142
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=aWVsdH_tnx7mBU98BK1igsK3WHCZLk1A
date: Sun, 03 Dec 2023 16:32:22 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1351175
content-length: 0

GET
H2 200 setuid
ib.adnxs.com/ Frame 7547 43 B
894 B 53ms
52ms Image
image/gif 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-z52hcVvoGz8FIU9VL290B-HN2ZITy4_H66t_7w

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:22 GMT
an-x-request-uuid: 1a207400-5daf-4aed-8f94-fa093dd708f3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.105; 80.255.7.105; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cs
s.thebrighttag.com/ Frame 7547
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Fs2_A58dzlxsuCU0WmviGIo8rgSCrsRC

35 B
268 B

585ms
135ms

Image
image/gif

18.191.8.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Fs2_A58dzlxsuCU0WmviGIo8rgSCrsRC
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Server: 18.191.8.9 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-8-9.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:23 GMT
x-bt-requestid: 8942ba81-91f9-11ee-8c2b-0000ac1702cf
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Fs2_A58dzlxsuCU0WmviGIo8rgSCrsRC
date: Sun, 03 Dec 2023 16:32:21 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 734825
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 3211 0
127 B 375ms
375ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 03 Dec 2023 16:32:22 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 67ms
67ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P3X8GHNT5P&gtm=45je3bt0v873431896z8859010942&_p=1701621138268&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=713872029.1701621139&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&sid=1701621138&sct=1&seg=1&dl=https%3A%2F%2Fwww.odatv4.com%2F&dt=ODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&_s=2&tfd=6714
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P3X8GHNT5P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 16:32:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 turk-muzik-pazarinda-direnis-kim-bu-cocuklar-dedim-olabilir-kypo.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/03/ 85 KB
85 KB 188ms
188ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2023/12/03/turk-muzik-pazarinda-direnis-kim-bu-cocuklar-dedim-olabilir-kypo.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: c98aa9a2ebf26119546fc819aaaac6f61473b9d7ec39864d2e81c3fef3b8c42d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 16:32:24 GMT
date: Sun, 03 Dec 2023 16:32:24 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="turk-muzik-pazarinda-direnis-kim-bu-cocuklar-dedim-olabilir-kypo.webp"
content-length: 86878
x-request-id: 4ZZ2st0EwuI_Thbc0VnRl
x-rocket-cachestatus: HIT

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
250 B 282ms
159ms XHR
application/json 35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 03 Dec 2023 16:32:24 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.odatv4.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58809/ 2 B
116 B 51ms
51ms XHR
application/json 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58809/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.odatv4.com/&pixelId=58809

Requested by

Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 03 Dec 2023 16:32:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://www.odatv4.com
content-type: application/json
access-control-allow-credentials: true

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
421 B 65ms
65ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=1324mj4&fmt=json
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 2f1b35911844081ccd626e035ca9b148ad06e2d9401acd92ca69c723b21b1b25

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 03 Dec 2023 16:32:24 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.odatv4.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Tue, 02 Jan 2024 16:32:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.adsafety.net
URL: https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=114453476629338213

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

90 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yandex.ru/	1970-01-21 02:16:21	Name: i Value: 8r1y8+IkeiDhmtBxNqNbc6bkcYmprLoZUz0jsv+9hOTmd1GkATYO47t5mCuQYk2vFKlegGzSH8ox2mbdTjq0pv0bFKc=
.yandex.ru/	1970-01-21 02:16:21	Name: yandexuid Value: 6981425711701621138
.odatv4.com/	1970-01-21 02:16:21	Name: _ga_LCBC0RGKV6 Value: GS1.1.1701621138.1.0.1701621138.60.0.0
.odatv4.com/	1970-01-21 01:25:57	Name: _ym_uid Value: 1701621139424745268
.odatv4.com/	1970-01-21 01:25:57	Name: _ym_d Value: 1701621139
.odatv4.com/	1970-01-21 02:16:21	Name: _ga_P3X8GHNT5P Value: GS1.1.1701621138.1.1.1701621138.0.0.0
.criteo.com/	1970-01-21 02:01:57	Name: uid Value: d4f26de7-c227-4df1-8483-bd7b155967db
.criteo.com/	1970-01-21 02:01:57	Name: receive-cookie-deprecation Value: 1
.mc.yandex.com/	1970-01-20 16:40:21	Name: sync_cookie_csrf Value: 344229561fake
.udmserve.net/	1970-01-21 01:25:57	Name: dt Value: AA98F861-EA0F-34F9-B3BF-C692DCB14FE9
.mc.yandex.ru/	1970-01-20 16:40:21	Name: sync_cookie_csrf Value: 1946223530fake
.odatv4.com/	1970-01-21 02:16:21	Name: _ga Value: GA1.2.713872029.1701621139
.odatv4.com/	1970-01-20 16:41:47	Name: _gid Value: GA1.2.1878566373.1701621139
.odatv4.com/	1970-01-20 16:40:21	Name: _gat_UA-2957967-2 Value: 1
.odatv4.com/	1970-01-20 16:40:21	Name: _gat_gtag_UA_2957967_2 Value: 1
.odatv4.com/	1970-01-21 02:01:57	Name: cto_bundle Value: _LaQx195NDZDNUhqZmZHZGZTWHQ0WEFNQm1DZ2h1cXZyeTRyT0ZaVkVXbnhXNEQlMkJUSDZIcU0lMkYzaG53RnlXSlN5UzJaUzF3QVlUNE50eXRsYjFyaVY4R1l5ZiUyQlFnQTdxV0VvSyUyQnJ2cHRteFBldGsxYWNxJTJCUGlzUm9WYzJLREJpMnBRcDdhQ2YwVjhuMmJzM2UzUEE5eTU2ZHdBJTNEJTNE
.yandex.com/	1970-01-21 01:25:57	Name: yuidss Value: 6981425711701621138
.mc.yandex.com/	1970-01-20 16:41:47	Name: sync_cookie_ok Value: synced
.yandex.com/	1970-01-21 02:16:21	Name: i Value: iOOZ7YW+5VpqQao2txeXdfvRy0i9xY5BS1+pH+90LbUEAxw//qHyJgcCsZHcYLiEOLkrP9MGPU7XeZOS6POhUqhn51M=
.odatv4.com/	1970-01-20 16:41:33	Name: _ym_isad Value: 2
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 44103581701621139
.yandex.com/	1970-01-21 01:25:57	Name: yandexuid Value: 6981425711701621138
.yandex.com/	1970-01-21 01:25:57	Name: ymex Value: 1733157139.yrts.1701621139
.yandex.com/	1970-01-21 01:25:57	Name: bh Value: KgI/MA==
.odatv4.com/	1970-01-20 16:40:22	Name: _ym_visorc Value: b
.adnxs.com/	1970-01-20 18:49:57	Name: uuid2 Value: 883596597126898388
.casalemedia.com/	1970-01-21 01:25:57	Name: CMID Value: ZWytkwBIZvXBicVqLGK6lQAA
.casalemedia.com/	1970-01-20 18:49:57	Name: CMPS Value: 5177
.casalemedia.com/	1970-01-20 18:49:57	Name: CMPRO Value: 5177
www.odatv4.com/	1970-01-20 17:23:33	Name: udmsrc Value: %7B%7D
www.odatv4.com/	1970-01-20 17:23:33	Name: _pbjs_userid_consent_data Value: 3524755945110770
.odatv4.com/	1970-01-21 01:25:57	Name: _sharedid Value: 51a94399-3fff-43bb-87d7-d1589741efa5
.udmserve.net/	1970-01-20 18:49:57	Name: apnid Value: 883596597126898388
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86136\|ZWytl
.adform.net/	1970-01-20 17:24:59	Name: C Value: 1
www.odatv4.com/	1970-01-20 17:23:33	Name: adformfrpid Value: 7289333222611354281
.adform.net/	1970-01-20 18:06:45	Name: uid Value: 114453476629338213
.adform.net/	1970-01-20 16:41:47	Name: CM Value: 1\|1
.udmserve.net/	1970-01-20 18:49:57	Name: indx Value: ZWytkwBIZvXBicVqLGK6lQAAFDkAAAIB
.seadform.net/	1970-01-20 18:06:45	Name: uid Value: 114453476629338213
.adform.net/	1970-01-20 17:00:30	Name: CM14 Value: 1701707540_1701621140_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.mgid.com/	1970-01-20 17:00:30	Name: lmg_usr Value: f3aff62c-e7db-4b58-8d15-9b29d3f0ccd4
.mgid.com/	1970-01-20 17:00:30	Name: lmg_r Value: 24
.udmserve.net/	1970-01-20 18:49:57	Name: mgid Value: f3aff62c-e7db-4b58-8d15-9b29d3f0ccd4
.semasio.net/	1970-01-21 01:25:57	Name: SEUNCY Value: 773011E35DFDC3DD
.eyeota.net/	1970-01-20 16:40:21	Name: SERVERID Value: 22864~DM
prebid.a-mo.net/	1970-01-20 16:40:21	Name: _Amc_b Value: 0
.prebid.a-mo.net/	1970-01-21 01:25:57	Name: __amc Value: 1_1701621141_1701621141
.onaudience.com/	1970-01-21 01:25:57	Name: cookie Value: 924f2c24abe6b12c
.onaudience.com/	1970-01-20 16:41:47	Name: done_redirects161 Value: 1
.adfarm1.adition.com/	1970-01-20 18:49:57	Name: UserID1 Value: 7308407150787754143
www.odatv4.com/	1970-01-20 17:23:33	Name: udm_edge_floater_fcap Value: %5B1701621141415%5D
www.odatv4.com/	1970-01-20 16:40:22	Name: udm_session Value: 1
.onaudience.com/	1970-01-20 16:41:47	Name: done_redirects147 Value: 1
.krxd.net/	1970-01-20 20:59:33	Name: _kuid_ Value: P8_j4-HY
.doubleclick.net/	1970-01-21 02:01:57	Name: IDE Value: AHWqTUmcfd2kn-GCPeRGAgLT6QxHejybYLi886xclF5h5raH5dPsfgrAgkJweeIEuSc
.udmserve.net/	1970-01-21 01:25:57	Name: udmts Value: 1701621141.0
.udmserve.net/	1970-01-21 01:25:57	Name: gdpr Value: 19147:undefined
.udmserve.net/	1970-01-21 01:25:57	Name: geode Value: 63826389141:80.255.7.105:276:C40553:D276004:S719:de:ohringen:ZZ:74613:wifi:hosting:?
.audrte.com/	1970-01-20 17:01:57	Name: arcki2 Value: dab1yXE1tm9TNWd-ASYvY-KPQ!20220908!1701621141584!ip#80.255.7.105
.audrte.com/	1970-01-20 17:01:57	Name: arcki2_adform Value: 114453476629338213!20220908!1701621141584
.agkn.com/	1970-01-21 01:25:57	Name: ab Value: 0001%3AzCl6mA9Kq5H3EyguE1HLJOx9CwZ0hUKC
.demdex.net/	1970-01-20 20:59:33	Name: demdex Value: 56544138387432592842528448480507451871
.audrte.com/	1970-01-20 17:01:57	Name: arcki2_ddp2 Value: dab1yXE1tm9TNWd-ASYvY-KPQ!20220908!1701621141716
.w55c.net/	1970-01-21 02:12:01	Name: wfivefivec Value: E2ZAMvtb1R9Poh5
.bluekai.com/	1970-01-20 21:03:52	Name: bku Value: aG/99JV+qsPNb9yW
.bluekai.com/	1970-01-20 21:03:52	Name: bkpa Value: KJy9/xeKd02pSUHknp1p1p90wtkAwEWhBexN1pxlBMR0mE1pme/h1y19kx9/99==
.dpm.demdex.net/	1970-01-20 20:59:33	Name: dpm Value: 56544138387432592842528448480507451871
.w55c.net/	1970-01-20 17:23:33	Name: matchadform Value: 5
www.odatv4.com/	1970-01-20 16:40:22	Name: udm_session_rad Value: 1
.weborama.fr/	1970-01-21 02:06:16	Name: AFFICHE_W Value: Pk6uJICU-zs@41
.ads.stickyadstv.com/	1970-01-20 18:06:45	Name: uid-bp-617 Value: 114453476629338213
.ads.stickyadstv.com/	1970-01-20 17:23:33	Name: UID Value: 64984edfff2619e5b96a71c5e8ac8f
.tapad.com/	1970-01-20 18:06:45	Name: TapAd_TS Value: 1701621142376
.tapad.com/	1970-01-20 18:06:45	Name: TapAd_DID Value: 9a5a109d-7e96-404f-b8d7-051b68b297b2
.omnitagjs.com/	1970-01-20 17:23:33	Name: ayl_visitor Value: c5efd519b5bbe229156ab0b6990f2da2
exchange.mediavine.com/	1970-01-20 17:00:30	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2288e81760-91f9-11ee-8925-6522f560f733%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:00:30	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2288e81760-91f9-11ee-8925-6522f560f733%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:00:30	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2288e81760-91f9-11ee-8925-6522f560f733%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:00:30	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2288e81760-91f9-11ee-8925-6522f560f733%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:00:30	Name: criteo Value: %7B%22id%22%3A%22k-coURW1voGz8FIU9VL290B-HN2ZLlHw6GWntDxw%22%2C%22version%22%3A%22criteo%22%7D
.tapad.com/	1970-01-20 18:06:45	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-20 18:49:57	Name: anj Value: dTM7k!M40<Erk#WF']wIg2GTtl]Fv$!]tb[8i_j$f$9G=+r#9TG/6Dm[tB4J$T(DlfQODyC+@5r%aYD)HILfL24>ieG#E4/`6J'T/dL^Ln0A'0R<3x[[Xij6+hQ]m4X4q>wa4Js?D3/Oz`i53W3d/2)Ld$SLNNl9w
.media.net/	1970-01-21 01:25:57	Name: visitor-id Value: 3446227429085797000V10
.media.net/	1970-01-20 17:23:33	Name: data-c-ts Value: 1701621142
.media.net/	1970-01-20 17:23:33	Name: data-c Value: k-CpL8PlvoGz8FIU9VL290B-HN2ZLMJMq21-ZGzg~~3
.tremorhub.com/	1970-01-21 01:26:18	Name: tvid Value: 35f3a8227608409eaed1cd0fa67fd97d
.tremorhub.com/	1970-01-20 17:23:33	Name: tv_UICR Value: k-PFcwD1voGz8FIU9VL290B-HN2ZKE1uqHRx3CTA
.postrelease.com/	1970-01-21 01:25:57	Name: opt_out Value: 1
www.odatv4.com/	1970-01-20 17:23:33	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-03T16%3A32%3A24%22%7D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js Message: Failed to load resource: the server responded with a status of 504 ()
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=114453476629338213 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=114453476629338213/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js(Line 4) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://bid.underdog.media/udm-r3_Thu_11_30_14_29_47_2023.js(Line 10) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
ad-cdn.bilgin.pro
ad.360yield.com
ad.bilgin.pro
ad.yieldlab.net
ads.eu.criteo.com
ads.stickyadstv.com
api.adrtx.net
beacon.krxd.net
bid.underdog.media
bidder.criteo.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.p.analitik.bik.gov.tr
cdn2.bildirt.com
cm-x.mgid.com
cm.adform.net
cm.adsafety.net
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
csm.eu.criteo.net
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
edge.udmserve.net
eu-u.openx.net
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
global.ib-ibi.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image8.pubmatic.com
img.odatv4.com
jadserve.postrelease.com
lexicon.33across.com
lh3.googleusercontent.com
load77.exelator.com
loada.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
match.sharethrough.com
matching.ivitrack.com
mc.yandex.com
mc.yandex.ru
mug.criteo.com
pagead2.googlesyndication.com
pdw-adf.userreport.com
pixel-us-west.rubiconproject.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
prebid.a-mo.net
ps.eyeota.net
r.casalemedia.com
redirect.frontend.weborama.fr
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s.odatv4.com
s.thebrighttag.com
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
server.seadform.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.e-volution.ai
sync.go.sonobi.com
sync.outbrain.com
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
track.adform.net
udmserve.net
uipglob.semasio.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.nl3.eu.criteo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.odatv4.com
x.bidswitch.net
cm.adsafety.net
104.18.36.155
108.128.110.227
108.138.233.103
109.206.161.21
141.226.228.48
141.94.170.64
141.95.33.120
142.132.241.141
145.40.97.67
178.250.1.6
178.250.1.9
18.191.8.9
18.192.146.238
18.195.142.193
185.102.219.172
185.102.219.173
185.64.189.112
185.86.138.155
195.142.105.13
195.142.105.24
198.47.127.18
198.47.127.205
2001:4860:4802:34::36
216.58.212.130
23.205.93.33
23.36.225.193
2600:1f18:612b:4216:b52b:a442:856c:78b2
2600:9000:2038:a400:5:c4ab:c3c0:93a1
2600:9000:211e:d200:1b:5138:8a40:93a1
2600:9000:223c:d800:6:44e3:f8c0:93a1
2606:4700:20::ac43:4aca
2607:ae80:4::25
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:802::2002
2a00:1450:4001:802::2008
2a00:1450:4001:803::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c0a::9b
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:6b8::1:119
2a02:6ea0:c700::18
2a04:4e42:400::649
3.124.210.90
3.127.166.56
3.248.3.218
3.33.220.150
3.65.104.224
3.71.149.231
34.111.113.62
34.117.157.22
34.248.140.235
34.255.40.44
35.156.81.16
35.190.24.218
35.244.159.8
35.244.174.68
35.244.193.51
37.157.2.228
37.157.2.247
37.157.3.20
37.252.172.123
46.137.164.248
46.19.11.36
52.17.57.59
52.40.123.248
52.57.12.239
52.59.107.120
52.92.36.24
54.194.196.88
54.76.220.42
54.78.254.47
68.71.249.118
68.71.249.120
69.166.1.66
69.169.85.6
69.173.144.138
69.173.144.165
70.42.32.63
72.246.168.208
72.246.168.23
72.246.169.24
76.223.111.18
77.243.51.121
77.243.51.122
8.2.110.161
8.39.36.141
85.114.159.118
89.187.169.43
06ef311a80988a87a61f907e648fe086982a4f61cf9b7bf67dfe6afb68ecb557
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ce50ab1ea378453523735afc5d069f9da4240eaf6f9c4318bcb55475e4d7d49
0da7824e7b6d99e58ed6ff0d7600f23f0de4245cc80235e429e85b4feb17283e
0e55325851f3be0bdf56a78c5256b6529932bd764d0d9a8bd43c5bbf8462c5d7
10c4dcd378ebb57a244523578f5c3b370c0186ac98ad9cc36b62b79842bb23db
10c5a58e664c7a0c8c5299f6f37ae5edae7c891ad09251402016afdaa9db3d92
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74
1695bb295ba2a947f017855bfd9ac29b52fa9646e8b7005aebab71b04c1d2ca4
16f7852759cefc18a231744ac78814ed091713d9f1b738171a6aef91cb5d3e28
1826a350c731f9556d3b5709c082e53caf1581ebd94ee860a32c919dd392923c
1a4e283faf221f8e188c3c81418a1ed38824014d0983fba4a7ab4c60be973ccb
1d8a184f4b549f226e8b2e99b5e326db26b47b4a84ac743a944df4adc3536ecc
1f046e88291aa0ea014ad1b0927673de397a1fb97103bf447664a6c49711f4ea
2067d983568d8564595457afddf28a4518c5617ca7d18349ca51103daa471706
23721749aebf40c7701493e3b7ee6e93f355a90a895fb7180e5774ad2487c76b
23d968342a52b86e5f3bba69ab439e051c1447c1ea8655135c2e014bb8c6c887
245bc2579d4758311be9954686b431fce0cf2017f1a2d0061ee564b4fa44c858
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c18d94b5ef06d462d4b0546219ab82ed06e767a6e5f73f4dfdee8ad2ab46d3b
2d7fbeab76dc5dc5428a15c37d70030ba18e0ef829001cf0d8c8504717becbcd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1b35911844081ccd626e035ca9b148ad06e2d9401acd92ca69c723b21b1b25
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
327a50ba3fa1f794c9f1b1bd889636f86acea9b7d03d47b73e2d3d9ea4352231
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36119e5448a5b47db3e3d9e88bbe7d7ed65c6dfb0d9380e912f088921d562459
373e3462319a67f69cfd56c8d78c851c09b7cc18a5a553f4b6e547b3d20dc8b0
38a62c169f9611d3b192ac9a483cd11d5aa0348b4cef6faaaad1e66d53e3bc41
38e7e049d8b7fc48e9fd7aa49becfb9b5782beb7a75956e7c5dbf1c51c22bfd6
3b139863ffc6a9eeabe3e4971bd4ed1d3afae34c3e634bc1639479a43dc49f40
3b2011f4b5bc9c8ae2d7714429e66b688f9047d5d5675265907eb0fcea972066
3fc01193dba3746d46bcd6098785c8e111eacee7182525c666744393281a8b0a
40381d253b86d7ab8c32fd7713e3149a470f9245153f51f7234f24658f8fdc78
4054260f1ff97bfb7ed3f4de360b5e4f59155c15921c1438321b1afa747a1f65
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46d49584af9defb5738f3f1668afec311f85f86258ecb94575a06949fa16cf92
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf6fa79a3403177a8ff24827737edc68a630068ba7733515ae150a46d6e0efd
4ca095eaf5371e8277fd32c74da2e56ddd048a84d44587d8d13338c2357c90da
4dd89b3a1d31d9f70239a6eb2f781315fca4f301ec219c60f1db063d645a9d53
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5540558575f0987b4285b570b0f68b1c45fdb994fd5ec64c6c6d65b9f464d1
4f2e508c60054786c932b26f02804adda62a22567272fbe5669886d10a9c6fea
4fb005ccd19283514b64aabd9fe28e4b8ec6138608645b5a19ff90643ee1719f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
586f6c4c97639db1d6bb53ce90431c37b18145eadbe830bc827bcd995433f785
5a7c6b51aeedd1ae773d2f49ef441555f02e2ad1c583614e54add46dab73332b
5cedc716cadfbdb922c1874e93b02b01dda19bd9d09cfcd4e54c3c9d8b9ff1d0
6a53c1f9ced6ace6cc0e28b2806a3e428d357651b6476ff7a12c2bdcbbbf523b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ed88767e4cde46a642ded37afb8bebbbe0011b6e7062a59660e54e083abd7e4
6f66ae5d5e1223d30be18284ff71f052a2a3ab9e99597698d9aaa0741bfa3774
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7630bec6eb19ecd0f813a50a64e22940c0cbe167636f1a30b6d2f266bc7bf98b
7641f878b43499fe0704b8000d27907fc76647c093dbb267fee9d7db1e27ad3d
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
7cd9dddf08291d82f46bf3507c6fcc408213b2c984a3660bf13c1355ba0eb441
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
7feafe3222c16e891566da12031bf29ddee0148a0f09603064d26ef007012e58
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8722d3ed89b2e86a5cc229b0156492a2005fc542ff6791c6152e470866a1eb00
87c433bb7e62f40cfcdf4015678e9e6ed606a95fd4f9ab2d6fd79d9e4caf9610
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f3f93930632f90c099cedb0498dd6739b7483bc7028234075d9cfaf53a837a7
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
91ac8217bbd3caf5b9c162e42fb7b0e8a4ff390d56dc2ce1ac9cb2a1475862b5
957912264e5dd383c47506b75cd99ca56c9e330d34f1ea888f3b4739473336bb
959ecb16109104295939b4130c02cd233e4e709d13414dd81f89750aac094b7c
9676646b3e05326c577adcbf14c7fb000e8f217597fdd01eef1f6a2712f4c188
96faffef4dc141b36ab4682623aa8954222d0171fb986e0efdb0c1b983bde8d1
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99f2169684d594386f094278fd54e22fe9ef8ab67277ddc6ffa2b3bd6f09cad9
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1bbda6ffb7578ca6f8b2752fb0dfcf523b9ea22b4cba0a3d5eb1cae850d6602
a4af1c92f828b2436bd38e6ffa0b371b8962914318c1a2e650f34df1ca56a014
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9534467205e41db29ca6726fca0db6f71e01c082f1e67ab768f8223e4be0e53
ab0144bae8791df2f7b587d4d00660b877b37cf0300634d6ae3ae283c484e58b
b04a6c4eb3d2cc4a3ab426c10c44ee28fdf0fd545039a645f4c1798f5d1512c5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b164af3f87c993141bf6ebcd2af8dd669a53031065131af6435a9bc2155ec5e3
b2b82bd854012eba02d6e8c962548c97919b3196472dffe920ae0d8b88779361
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbdb6233272d7b44024a33dd82124282e9e6b0e99184e2051866b75a2a17bac0
c092575f7dda8bc7a62a05ee57021b52f8b32178a4f57cf2eb8cb07f1fb53d4b
c3415183b8639c46a6318b42e1121b404432f8ed59589bd2fc5596c6b2adcfaa
c378744e4ceaa806f204021ac89d055b29a3e1ff4d21242fd0e7745725f4a0f3
c3d606568f389989dd02561ca2b0d20d29eeb477ed633a690a518879748f487a
c4cb7ee295b14fe670ced1e8271273041990ca3d5af39accf8e960c227148eab
c7b2a425ddab8491e8a5c6f99b6b08ea14645d414cc246e3901610206e923b20
c98aa9a2ebf26119546fc819aaaac6f61473b9d7ec39864d2e81c3fef3b8c42d
ca5690bf2510520ade2692f7cc19baddc8bbe317dcf890afce2cd161276d034c
caaee48c36c85aeb82c99b4ef24be6bfec39bdbaae300e7788777f84f7451f06
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fb92cb985de5741ce8f20da6049ab6e208c240d16b6d144cb5f3ca99b168d
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d7909d1662dfa85f109f348ee94b273f01e58c529993cf3e00cb19feb28d8869
d8190bfa19f15fe8be6193f282e1560038fd666ea060dc3c57bce4e7958ddb2c
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
ddc0257e095a4d765dc8adb72d1c965a3fce2504e66473e5019570937fa9341c
de2efb122ce5c4a08a17aea68216b27157f8fff09197d0a633c379299a66c343
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d7ed5e68fd9ac744d96fe2abddf7b7df1be4f91413e0f86b67d370652f04f6
e64425040a74b4139a61e171c38abf4d6ed5e2cb6ce7154596d9414824c4e4cb
e6faeef0c16319390fead451bf580c37a691adda3f351b243a491979afd0b2de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e55a5c0d19bd77688aa8606b8b60fe1b7f9a8440bed63c8ce938375e36bd42
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fa53dcbb25112430ae12b3bebf6706fd0a8e47be930d16e558dd156d8ec4117b
fb456a09a9ec6d09e9b9014b77fff9b358121aacfbbe9534befa35245601b084
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff379ee7037879c0bb1d2105eb42a0f55ca105d838be6c977a1fe87d4d4380a0

www.odatv4.com Open in urlscan Pro 185.102.219.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

226 Requests

89 %HTTPS

28 %IPv6

80 Domains

112 Subdomains

88 IPs

14 Countries

3171 kBTransfer

6274 kBSize

90 Cookies

8 Outgoing links

Page URL History

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.odatv4.com Open in urlscan Pro
185.102.219.172 Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

89 %
HTTPS

28 %
IPv6

80
Domains

112
Subdomains

88
IPs

14
Countries

3171 kB
Transfer

6274 kB
Size

90
Cookies

226 HTTP transactions
0 data transactions