glucotrust1.bigofferattention.site Open in urlscan Pro
89.117.77.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://glucotrust1.bigofferattention.site/
Submission: On September 21 via automatic, source certstream-suspicious (September 21st 2023, 4:40:55 pm UTC) — Scanned from DE

Summary HTTP 174 Redirects Links 61 Behaviour Indicators

Summary

This website contacted 42 IPs in 11 countries across 36 domains to perform 174 HTTP transactions. The main IP is 89.117.77.90, located in New York, United States and belongs to NL-811-40021, US. The main domain is glucotrust1.bigofferattention.site.
TLS certificate: Issued by R3 on September 21st 2023. Valid for: 3 months.

This is the only time glucotrust1.bigofferattention.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	89.117.77.90 89.117.77.90	40021 (NL-811-40021) (NL-811-40021)
12	185.102.219.173 185.102.219.173	60068 (CDN77 ^_^) (CDN77 ^_^)
1	89.187.169.43 89.187.169.43	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	212.68.47.11 212.68.47.11	15830 (EQUINIX) (EQUINIX)
4	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	188.65.124.92 188.65.124.92	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
2	185.102.219.172 185.102.219.172	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
8	188.65.124.59 188.65.124.59	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
18	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	163.171.132.42 163.171.132.42	54994 (ML-1432-5...) (ML-1432-54994)
1 30	37.59.195.1 37.59.195.1	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
6	212.57.20.60 212.57.20.60	34984 (TELLCOM-AS) (TELLCOM-AS)
1 8	188.165.145.88 188.165.145.88	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	188.65.124.91 188.65.124.91	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	176.235.30.103 176.235.30.103	34984 (TELLCOM-AS) (TELLCOM-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	212.57.20.61 212.57.20.61	34984 (TELLCOM-AS) (TELLCOM-AS)
3	2600:9000:223... 2600:9000:223f:6200:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2 3	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2 2	18.198.87.254 18.198.87.254	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
5	188.65.126.211 188.65.126.211	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1 12	18.158.134.1 18.158.134.1	16509 (AMAZON-02) (AMAZON-02)
1 1	194.213.62.34 194.213.62.34	13036 (TMOBILE-) (TMOBILE-)
2 2	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	37.252.173.214 37.252.173.214	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	3.76.109.233 3.76.109.233	16509 (AMAZON-02) (AMAZON-02)
174	42

5 89.117.77.90 (New York, United States)

ASN40021 (NL-811-40021, US)
PTR: vmi1463663.contaboserver.net

glucotrust1.bigofferattention.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.102.219.173 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-173.datapacket.com

s.hbrcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.43 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-43.cdn77.com

cdn.p.analitik.bik.gov.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.68.47.11 (Turkey)

ASN15830 (EQUINIX, NL)

c.keltis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.65.124.92 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.ix7.dailymotion.com

geo.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.102.219.172 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-172.datapacket.com

www.haberler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 188.65.124.59 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed2.dm.gg

pebed.dm-event.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

static1.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vendorlist.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d20305a98d81e287c749d79e48eb9e67.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.171.132.42 (Germany)

ASN54994 (ML-1432-54994, CA)

cdn.serve.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 37.59.195.1 (San Javier, Spain) 1 redirects

ASN16276 (OVH, FR)

trgde.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.57.20.60 (Turkey)

ASN34984 (TELLCOM-AS, TR)
PTR: host-212-57-20-60.reverse.superonline.net

ingest.serve.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
query.serve.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
layer.serve.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 188.165.145.88 (France) 1 redirects

ASN16276 (OVH, FR)

gdetr.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.91 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: st.dc3.dailymotion.com

speedtest.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.235.30.103 (Turkey)

ASN34984 (TELLCOM-AS, TR)

id.ad-plus.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

dmxleo.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.57.20.61 (Turkey)

ASN34984 (TELLCOM-AS, TR)
PTR: host-212-57-20-61.reverse.superonline.net

prebid.serve.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:6200:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.87.254 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-87-254.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.65.126.211 (Vaux-sur-Seine, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: proxy-044.dc3.dailymotion.com

proxy-044.dc3.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.158.134.1 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-134-1.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.213.62.34 (Spomysl, Czech Republic) 1 redirects

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid3.ibillboard.com

bbnaut.ibillboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.27.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.214 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 865.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

adscale-emea.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.76.109.233 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-109-233.eu-central-1.compute.amazonaws.com

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	adocean.pl 1 redirects trgde.adocean.pl — Cisco Umbrella Rank: 53245	223 KB
18	dmcdn.net static1.dmcdn.net — Cisco Umbrella Rank: 11607 vendorlist.dmcdn.net — Cisco Umbrella Rank: 14959	638 KB
15	adscale.de 1 redirects js.adscale.de — Cisco Umbrella Rank: 9023 ih.adscale.de — Cisco Umbrella Rank: 3400	16 KB
12	dailymotion.com geo.dailymotion.com — Cisco Umbrella Rank: 11509 www.dailymotion.com — Cisco Umbrella Rank: 13123 speedtest.dailymotion.com — Cisco Umbrella Rank: 13812 dmxleo.dailymotion.com — Cisco Umbrella Rank: 12362 proxy-044.dc3.dailymotion.com — Cisco Umbrella Rank: 295659	1 MB
12	hbrcdn.com s.hbrcdn.com — Cisco Umbrella Rank: 207921	192 KB
11	admatic.com.tr cdn.serve.admatic.com.tr — Cisco Umbrella Rank: 91646 ingest.serve.admatic.com.tr — Cisco Umbrella Rank: 112847 query.serve.admatic.com.tr — Cisco Umbrella Rank: 98239 layer.serve.admatic.com.tr — Cisco Umbrella Rank: 103280 prebid.serve.admatic.com.tr — Cisco Umbrella Rank: 89139	289 KB
9	gemius.pl 1 redirects gdetr.hit.gemius.pl — Cisco Umbrella Rank: 67532 ls.hit.gemius.pl — Cisco Umbrella Rank: 12435	72 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 d20305a98d81e287c749d79e48eb9e67.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169	55 KB
9	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	160 KB
8	dm-event.net pebed.dm-event.net — Cisco Umbrella Rank: 11635	3 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 6180	3 KB
7	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1673 region1.analytics.google.com — Cisco Umbrella Rank: 2225 www.google.com — Cisco Umbrella Rank: 11	11 KB
5	bigofferattention.site glucotrust1.bigofferattention.site	15 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
3	adform.net 2 redirects cm.adform.net — Cisco Umbrella Rank: 1654 track.adform.net — Cisco Umbrella Rank: 3716	1 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 657	478 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2472	70 KB
2	m6r.eu 2 redirects tracking.m6r.eu — Cisco Umbrella Rank: 14201	1 KB
2	adnxs.com 2 redirects adscale-emea.adnxs.com — Cisco Umbrella Rank: 17741	2 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 2094	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 614	972 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 821	771 B
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 408	64 KB
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 640 dis.criteo.com — Cisco Umbrella Rank: 910	940 B
2	gstatic.com www.gstatic.com	18 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3974	515 B
2	haberler.com www.haberler.com — Cisco Umbrella Rank: 149098 d.haberler.com Failed	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	182 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 637	265 B
1	ibillboard.com 1 redirects bbnaut.ibillboard.com — Cisco Umbrella Rank: 17701	349 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 649	239 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 2785	160 B
1	ad-plus.com.tr id.ad-plus.com.tr — Cisco Umbrella Rank: 65612	690 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 687	695 B
1	keltis.com c.keltis.com — Cisco Umbrella Rank: 246558	144 B
1	bik.gov.tr cdn.p.analitik.bik.gov.tr — Cisco Umbrella Rank: 59727
174	36

	Domain	Requested by
30	trgde.adocean.pl	1 redirects s.hbrcdn.com trgde.adocean.pl
16	static1.dmcdn.net	s.hbrcdn.com geo.dailymotion.com static1.dmcdn.net
12	ih.adscale.de	1 redirects js.adscale.de ih.adscale.de
12	s.hbrcdn.com	glucotrust1.bigofferattention.site s.hbrcdn.com
8	gdetr.hit.gemius.pl	1 redirects s.hbrcdn.com gdetr.hit.gemius.pl
8	pebed.dm-event.net	geo.dailymotion.com static1.dmcdn.net
7	mc.yandex.com	3 redirects glucotrust1.bigofferattention.site
6	securepubads.g.doubleclick.net	glucotrust1.bigofferattention.site s.hbrcdn.com securepubads.g.doubleclick.net
5	proxy-044.dc3.dailymotion.com	static1.dmcdn.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
5	glucotrust1.bigofferattention.site	glucotrust1.bigofferattention.site s.hbrcdn.com
4	query.serve.admatic.com.tr	cdn.serve.admatic.com.tr
4	region1.analytics.google.com	www.googletagmanager.com
4	www.google-analytics.com	glucotrust1.bigofferattention.site www.google-analytics.com
3	js.adscale.de	cdn.serve.admatic.com.tr js.adscale.de ih.adscale.de
3	prebid.serve.admatic.com.tr	cdn.serve.admatic.com.tr js.adscale.de
3	tpc.googlesyndication.com	s.hbrcdn.com
3	imasdk.googleapis.com	geo.dailymotion.com static1.dmcdn.net imasdk.googleapis.com
3	mc.yandex.ru	2 redirects s.hbrcdn.com
3	geo.dailymotion.com	s.hbrcdn.com geo.dailymotion.com
2	tracking.m6r.eu	2 redirects
2	adscale-emea.adnxs.com	2 redirects
2	track.adform.net	2 redirects
2	ssum.casalemedia.com	2 redirects
2	x.bidswitch.net	2 redirects
2	creativecdn.com	2 redirects
2	s0.2mdn.net	imasdk.googleapis.com trgde.adocean.pl
2	www.gstatic.com	static1.dmcdn.net www.gstatic.com
2	vendorlist.dmcdn.net	static1.dmcdn.net
2	www.dailymotion.com	geo.dailymotion.com static1.dmcdn.net
2	cdn.serve.admatic.com.tr	s.hbrcdn.com cdn.serve.admatic.com.tr
2	www.google.com	glucotrust1.bigofferattention.site s.hbrcdn.com
2	www.google.de	glucotrust1.bigofferattention.site
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.haberler.com	s.hbrcdn.com glucotrust1.bigofferattention.site
2	www.googletagmanager.com	glucotrust1.bigofferattention.site s.hbrcdn.com
1	cm.g.doubleclick.net	1 redirects
1	dis.criteo.com	1 redirects
1	match.adsrvr.org	ih.adscale.de
1	bbnaut.ibillboard.com	1 redirects
1	pixel.rubiconproject.com
1	cm.adform.net
1	sync.adkernel.com	cdn.serve.admatic.com.tr
1	layer.serve.admatic.com.tr	cdn.serve.admatic.com.tr
1	ls.hit.gemius.pl	gdetr.hit.gemius.pl
1	dmxleo.dailymotion.com	static1.dmcdn.net
1	id.ad-plus.com.tr	cdn.serve.admatic.com.tr
1	gum.criteo.com	cdn.serve.admatic.com.tr
1	id5-sync.com	cdn.serve.admatic.com.tr
1	speedtest.dailymotion.com	static1.dmcdn.net
1	ingest.serve.admatic.com.tr	s.hbrcdn.com
1	d20305a98d81e287c749d79e48eb9e67.safeframe.googlesyndication.com	s.hbrcdn.com
1	fundingchoicesmessages.google.com	s.hbrcdn.com
1	c.keltis.com	glucotrust1.bigofferattention.site
1	cdn.p.analitik.bik.gov.tr	glucotrust1.bigofferattention.site
0	d.haberler.com Failed	s.hbrcdn.com
174	56

This site contains links to these domains. Also see Links.

Domain
www.haberler.com
kuponkodu.haberler.com
gdetr.hit.gemius.pl
s.hbrcdn.com
news.google.com
www.facebook.com
twitter.com
instagram.com
www.linkedin.com
wa.me
assistant.google.com
open.spotify.com
rss.haberler.com
tr.wikipedia.org
www.youtube.com
www.tiktok.com
t.me
www.dailymotion.com
apps.apple.com
play.google.com
appgallery.cloud.huawei.com
www.yenimedya.com.tr

Subject Issuer	Validity	Valid
glucotrust1.bigofferattention.site R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
s.hbrcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-19` - `2024-04-21`	a year	crt.sh
*.p.analitik.bik.gov.tr RapidSSL TLS RSA CA G1	`2023-05-08` - `2024-05-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
c.keltis.com R3	`2023-09-14` - `2023-12-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.dailymotion.com ZeroSSL ECC Domain Secure Site CA	`2023-07-25` - `2023-10-23`	3 months	crt.sh
*.haberler.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-02` - `2024-05-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.dm-event.net ZeroSSL RSA Domain Secure Site CA	`2023-08-17` - `2023-11-15`	3 months	crt.sh
*.dmcdn.net ZeroSSL RSA Domain Secure Site CA	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.serve.admatic.com.tr Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2023-09-14` - `2024-09-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
speedtest.dailymotion.com ZeroSSL ECC Domain Secure Site CA	`2023-08-12` - `2023-11-10`	3 months	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2023-01-30` - `2024-02-06`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.ad-plus.com.tr GlobalSign RSA OV SSL CA 2018	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
dmxleo.dailymotion.com ZeroSSL RSA Domain Secure Site CA	`2023-08-27` - `2023-11-25`	3 months	crt.sh
*.adscale.de Amazon RSA 2048 M01	`2023-06-09` - `2024-07-07`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.dc3.dailymotion.com ZeroSSL ECC Domain Secure Site CA	`2023-08-13` - `2023-11-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://glucotrust1.bigofferattention.site/
Frame ID: 91272C00C2EBDF458BC463E110550844
Requests: 67 HTTP requests in this frame

Frame: https://d20305a98d81e287c749d79e48eb9e67.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E7F442050C617CA1DC510CA42AD0BC2F
Requests: 1 HTTP requests in this frame

Frame: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Frame ID: B443A7E3FEBE85C4DFD39B83B913E8A2
Requests: 37 HTTP requests in this frame

Frame: https://ingest.serve.admatic.com.tr/cst
Frame ID: 8F80C89933E1F38A975BBDEF0914790B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED6BA8D5DC636ED975C6F82EFAE75E29
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 19617AD3EA18C34D80CD6414BDD51027
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 4860D7EC08F07A71DCDE3C351785DB2B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.serve.admatic.com.tr/showad/sync.html
Frame ID: 76AD191CED86847CF5DE2B88CCEF73A0
Requests: 7 HTTP requests in this frame

Frame: https://gdetr.hit.gemius.pl/gdejs/xgde.html
Frame ID: 9AD90541E4DFB92F6A0A07FD25E7C554
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Frame ID: B88A40A680BB02CF18D0632595FCC46A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A036BD087C539CA8C9BF0C1E66EC4A18
Requests: 1 HTTP requests in this frame

Frame: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
Frame ID: 5C6C059EF0F078E118A0C4CE76D0DBC2
Requests: 29 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 70DE610B742FD6BB0FA5172814DD323E
Requests: 1 HTTP requests in this frame

Frame: https://layer.serve.admatic.com.tr/v1/criteo-us?d=https://glucotrust1.bigofferattention.site/&rd=https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3Dcriteo%26gdpr%3D0%26gdpr_consent%3D%26uid%3DUID
Frame ID: 72EA874C1553CEEB2CDD3FD336039DB3
Requests: 1 HTTP requests in this frame

Frame: https://prebid.serve.admatic.com.tr/setuid?bidder=rtbhouse&gdpr=0&gdpr_consent=&f=i&uid=yaHMOsCuILhB55lk1qEv&pi=admatic-pbs&redir=1&tc=1
Frame ID: F53146D71AC663268353BCB47B4F5539
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
Frame ID: 0F26B56706C3B68743F6E8CF999590E9
Requests: 5 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?t=image&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3Dadkernel%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%7BUID%7D
Frame ID: 2CC3F88A8533E59F656AEF0AD74F578D
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fcdn.serve.admatic.com.tr%2F&gdpr=0
Frame ID: B8D3B6006E43B7E10EB9D63317A6CCC2
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Havada uçarak geldi! İki oyuncuyu birden sakatlayıp hastanelik etti - Haberler

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AdOcean (Advertising) Expand

Overall confidence: 80%
Detected patterns

adocean\.pl

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Gemius (Analytics) Expand

Overall confidence: 80%
Detected patterns

hit\.gemius\.pl

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

174
Requests

91 %
HTTPS

35 %
IPv6

36
Domains

56
Subdomains

42
IPs

11
Countries

3552 kB
Transfer

8773 kB
Size

50
Cookies

61 Outgoing links

These are links going to different origins than the main page.

URL: https://www.haberler.com/haberler/cerez-politikasi/
Title: çerez

Search URL Search Domain Scan URL

URL: https://www.haberler.com/haberler/web-sitesi-cerez-aydinlatma-metni/
Title: Aydınlatma Metnimizi

Search URL Search Domain Scan URL

URL: https://www.haberler.com/

Search URL Search Domain Scan URL

URL: https://www.haberler.com/son-dakika/
Title: SON DAKİKA

Search URL Search Domain Scan URL

URL: https://www.haberler.com/guncel/
Title: GÜNCEL

Search URL Search Domain Scan URL

URL: https://www.haberler.com/ekonomi/
Title: EKONOMİ

Search URL Search Domain Scan URL

URL: https://www.haberler.com/magazin/
Title: MAGAZİN

Search URL Search Domain Scan URL

URL: https://www.haberler.com/spor/
Title: SPOR

Search URL Search Domain Scan URL

URL: https://www.haberler.com/teknoloji/
Title: TEKNOLOJİ

Search URL Search Domain Scan URL

URL: https://www.haberler.com/dunya/
Title: DÜNYA

Search URL Search Domain Scan URL

URL: https://kuponkodu.haberler.com/
Title: KUPONLAR

Search URL Search Domain Scan URL

URL: https://gdetr.hit.gemius.pl/lshitredir/id=4PYMM27L7Qr6Cg5sU050cHCQQV2.8ocumTNtVQnc9dv.27/fastid=nukhibfhozzazxixfibeduozxmmr/stparam=ofjpclohsk/roc=0/url=https%3A%2F%2Fwww.bim.com.tr%2F%3FBim_AktuelTarihKey%3D986%26utm_source%3DHaberler.com%26utm_content%3D970x250%26utm_campaign%3DBIM_22_EYL%25C3%259CL_AKTUEL_CUMA

Search URL Search Domain Scan URL

URL: https://www.haberler.com/joe-biden/
Title: Joe Biden

Search URL Search Domain Scan URL

URL: https://www.haberler.com/ozgur-ozel/
Title: Özgür Özel

Search URL Search Domain Scan URL

URL: https://www.haberler.com/yilmaz-tunc/
Title: Yılmaz Tunç

Search URL Search Domain Scan URL

URL: https://www.haberler.com/ilham-aliyev/
Title: İlham Aliyev

Search URL Search Domain Scan URL

URL: https://www.haberler.com/ibrahim-reisi/
Title: İbrahim Reisi

Search URL Search Domain Scan URL

URL: https://www.haberler.com/fatih-erbakan/
Title: Fatih Erbakan

Search URL Search Domain Scan URL

URL: https://www.haberler.com/devlet-bahceli/
Title: Devlet Bahçeli

Search URL Search Domain Scan URL

URL: https://www.haberler.com/neva/
Title: Neva

Search URL Search Domain Scan URL

URL: https://www.haberler.com/tarkan/
Title: Tarkan

Search URL Search Domain Scan URL

URL: https://www.haberler.com/nilufer/
Title: Nilüfer

Search URL Search Domain Scan URL

URL: https://www.haberler.com/seda-sayan/
Title: Seda Sayan

Search URL Search Domain Scan URL

URL: https://www.haberler.com/nazan-oncel/
Title: Nazan Öncel

Search URL Search Domain Scan URL

URL: https://www.haberler.com/tolga-karel/
Title: Tolga Karel

Search URL Search Domain Scan URL

URL: https://www.haberler.com/burak-deniz/
Title: Burak Deniz

Search URL Search Domain Scan URL

URL: https://www.haberler.com/muslera/
Title: Muslera

Search URL Search Domain Scan URL

URL: https://www.haberler.com/emre-mor/
Title: Emre Mor

Search URL Search Domain Scan URL

URL: https://www.haberler.com/can-bartu/
Title: Can Bartu

Search URL Search Domain Scan URL

URL: https://www.haberler.com/sacha-boey/
Title: Sacha Boey

Search URL Search Domain Scan URL

URL: https://www.haberler.com/omar-colley/
Title: Omar Colley

Search URL Search Domain Scan URL

URL: https://www.haberler.com/metin-oktay/
Title: Metin Oktay

Search URL Search Domain Scan URL

URL: https://www.haberler.com/nenad-bjelica/
Title: Nenad Bjelica

Search URL Search Domain Scan URL

URL: https://www.haberler.com/hava-durumu/
Title: Hava Durumu

Search URL Search Domain Scan URL

URL: https://www.haberler.com/namaz-vakitleri/
Title: Namaz Vakitleri

Search URL Search Domain Scan URL

URL: https://www.haberler.com/gamegar/
Title: Gamegar

Search URL Search Domain Scan URL

URL: https://www.haberler.com/secim/
Title: Seçim Sonuçları

Search URL Search Domain Scan URL

URL: https://www.haberler.com/sans-oyunlari/
Title: Şans Oyunları

Search URL Search Domain Scan URL

URL: https://www.haberler.com/ruya-tabirleri/
Title: Rüya Tabirleri

Search URL Search Domain Scan URL

URL: https://www.haberler.com/yemek-tarifi/
Title: Yemek Tarifleri

Search URL Search Domain Scan URL

URL: https://s.hbrcdn.com/static/kisisel-veri-sahibi-basvuru-formu.pdf
Title: Veri Sahibi Başvuru Formu

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMNm4nwkwwIlv

Search URL Search Domain Scan URL

URL: https://www.facebook.com/haberler

Search URL Search Domain Scan URL

URL: https://twitter.com/haberler

Search URL Search Domain Scan URL

URL: https://instagram.com/haberlercom

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/haberler.com/

Search URL Search Domain Scan URL

URL: https://wa.me/905495474951

Search URL Search Domain Scan URL

URL: https://assistant.google.com/services/invoke/uid/000000e94a58e27a/alm/CgTzh-CxEgIQAQ==?hl=tr

Search URL Search Domain Scan URL

URL: https://www.haberler.com/podcast/

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/7lNZfax380NS6noCicIpTr?si=fcEbMp33TOKVPox9TxWwSg

Search URL Search Domain Scan URL

URL: https://rss.haberler.com/rss.asp

Search URL Search Domain Scan URL

URL: https://tr.wikipedia.org/wiki/Haberler.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/haberlercomresmi

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@haberlercom

Search URL Search Domain Scan URL

URL: https://t.me/s/haberlercomresmi

Search URL Search Domain Scan URL

URL: https://www.dailymotion.com/haberler

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tr/app/haberler-com/id339144085

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=tr.com.yenimedya.haberler

Search URL Search Domain Scan URL

URL: https://appgallery.cloud.huawei.com/marketshare/app/C101348841

Search URL Search Domain Scan URL

URL: https://www.yenimedya.com.tr/tickets/?site=haberler&referrer=https://www.haberler.com/spor/savunma-oyuncusu-kayarak-yaptigi-sert-mudahale-16346625-haberi/
Title: [Hata Bildir]

Search URL Search Domain Scan URL

URL: https://www.yenimedya.com.tr/basvuru/
Title: İnsan Kaynakları

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10133.-lS0qkP4nRJfKhVbgIr8GJT9_2lLaxY69T-5Q7yqS5JQwHB0r7JPBosrL_ezVp50.abv2BzuZF6Noxe0FXdVKpzMykmQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10133.63JMFn-Ea6tRPSsDJ-G8PPLZjEuQgg2_SL4MZpAfTzPS4kt-U0HUH2lyJayfsCeAXrODzUaQsRCSeCCEFm9185UPaZU6G1OvmEx2_TwLDgw%2C.gywlBxWGJMNcVwb2E3F-1xboVfo%2C

Request Chain 52

https://trgde.adocean.pl/_1695314448173/ad.js?id=UpMBh5cNbIbK8hE55vTGh9sqIlUDQl5OyrpzqsopMJf.E7/nc=0/gdpr=0/gdpr_consent=/redir= HTTP 301
https://trgde.adocean.pl/__/_1695314448173/ad.js?id=UpMBh5cNbIbK8hE55vTGh9sqIlUDQl5OyrpzqsopMJf.E7/nc=0/gdpr=0/gdpr_consent=/redir=

Request Chain 54

https://mc.yandex.com/watch/14231362?wmode=7&page-url=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A4641%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A769330424386%3Ahid%3A906578432%3Az%3A120%3Ai%3A20230921184047%3Aet%3A1695314448%3Ac%3A1%3Arn%3A1040107674%3Arqn%3A1%3Au%3A1695314448443099646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C3218%2C746%2C1%2C0%2C0%2C%2C168%2C6%2C%2C%2C%2C4636%3Aco%3A0%3Acpf%3A1%3Ans%3A1695314442984%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1695314448%3At%3AHavada%20u%C3%A7arak%20geldi!%20%C4%B0ki%20oyuncuyu%20birden%20sakatlay%C4%B1p%20hastanelik%20etti%20-%20Haberler&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/14231362/1?wmode=7&page-url=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A4641%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A769330424386%3Ahid%3A906578432%3Az%3A120%3Ai%3A20230921184047%3Aet%3A1695314448%3Ac%3A1%3Arn%3A1040107674%3Arqn%3A1%3Au%3A1695314448443099646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C3218%2C746%2C1%2C0%2C0%2C%2C168%2C6%2C%2C%2C%2C4636%3Aco%3A0%3Acpf%3A1%3Ans%3A1695314442984%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1695314448%3At%3AHavada%20u%C3%A7arak%20geldi%21%20%C4%B0ki%20oyuncuyu%20birden%20sakatlay%C4%B1p%20hastanelik%20etti%20-%20Haberler&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Request Chain 73

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10133.Ibas2ic-xczbM-P90SM9tRsDxa5IAJOaIhD-i4ndTzrneYuSwDWUhmusWqIR88TB.DuOiCgRhZ9i-p-EeD3e-sU8WDeE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10133.8kb8CJSLohYk77ZjAZVbTj7Ziee-PfrVw0JqXdsUlGEa7nEVktOVUDcXj_WWpzNjJu3FdXahGd0_G3zSeFb6WVNFXJ3I2nOaM7dKthBrCtY%2C.dnVRECmNZaWHyHNqbqq7PsPY73k%2C

Request Chain 114

https://creativecdn.com/cm-notify?pi=admatic-pbs&redir=1 HTTP 302
https://creativecdn.com/cm-notify?pi=admatic-pbs&redir=1&tc=1 HTTP 302
https://prebid.serve.admatic.com.tr/setuid?bidder=rtbhouse&gdpr=0&gdpr_consent=&f=i&uid=yaHMOsCuILhB55lk1qEv&pi=admatic-pbs&redir=1&tc=1

Request Chain 118

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://prebid.serve.admatic.com.tr/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=27bed5e3-0757-421e-ac9d-5c5fd8856bab

Request Chain 121

https://ih.adscale.de/uu?cbfn=receive&t=1695314448 HTTP 302
https://ih.adscale.de/uu?cbfn=receive&t=1695314448&nut&uu=62d2c60354474d1e9647e09f3ba8b2de

Request Chain 122

https://gdetr.hit.gemius.pl/_1695314448991/redot.js?id=4PYMM27L7Qr6Cg5sU050cHCQQV2.8ocumTNtVQnc9dv.27/fastid=lzxmprncomzdxnktegapzmvgzmnz/stparam=udlslqkosq&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=ls%3D1%7Ctpb%3D1%7Cifr%3D0%7Ctq%3D1&lsdata=npzK2pGRLM7O0s7X7N4ZV5F2MH.AZSRmpD0tDdRskGz.I7y37j17N3y6d.gWufq5ABTsP62QzDHmdKGcIBl4RiQrmkuz/MuOtvj1izoWMU/&href=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F HTTP 301
https://gdetr.hit.gemius.pl/__/_1695314448991/redot.js?id=4PYMM27L7Qr6Cg5sU050cHCQQV2.8ocumTNtVQnc9dv.27/fastid=lzxmprncomzdxnktegapzmvgzmnz/stparam=udlslqkosq&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=ls%3D1%7Ctpb%3D1%7Cifr%3D0%7Ctq%3D1&lsdata=npzK2pGRLM7O0s7X7N4ZV5F2MH.AZSRmpD0tDdRskGz.I7y37j17N3y6d.gWufq5ABTsP62QzDHmdKGcIBl4RiQrmkuz/MuOtvj1izoWMU/&href=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F

Request Chain 130

https://bbnaut.ibillboard.com/match/AdScale?partneruid=62d2c60354474d1e9647e09f3ba8b2de&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865ad112a46a7f%2F1695314449056%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?tpid=101&tpuid=BBID-01-03700284491435576-17030268

Request Chain 132

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=65af25e627c8d3904ebb85dc0379e0f5a2752e15deef06de04427429feede588&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865ad112a46a7f%2F1695314449056%2F0%2Fimg&gdpr=0 HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Fgdpr%3D0%26tpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865ad112a46a7f%2F1695314449056%2F0%2Fimg&gdpr=0&s=183592&tpid=63&uid=65af25e627c8d3904ebb85dc0379e0f5a2752e15deef06de04427429feede588&C=1 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=ZQxyEaQrBbKkH-3IqrE.bAAA%265179

Request Chain 138

https://track.adform.net/serving/cookie/match/?party=9&uid=eb4c2b5fe5cb931014605d83e6ec8100b2c67c7921de4ec6aa6955add250bd8f&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865ad112a46a7f%2F1695314449056%2F0%2Fimg&gdpr=0 HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=eb4c2b5fe5cb931014605d83e6ec8100b2c67c7921de4ec6aa6955add250bd8f&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865ad112a46a7f%2F1695314449056%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?tpid=42&gdpr=0&tpuid=2251294470020019651

Request Chain 140

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=ef174105aa8d113af180eeb86ed3611388754e55763d4f9b382f08943743f424&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865ad112a46a7f%2F1695314449056%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=5fde7ce3-2948-409e-8860-17a89f5c86d8&gdpr=0

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=2e43bbec25bf2235444a5e4c90639e8670c47e0c981cc524056fa16f81e95ae8&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865ad112a46a7f%2F1695314449056%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?uid=2e43bbec25bf2235444a5e4c90639e8670c47e0c981cc524056fa16f81e95ae8&tpid=38&gdpr=0&tpuid=CAESENY-DToNiWIk1qoj0-uYzA4&google_cver=1

Request Chain 142

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865ad112a46a7f%2F1695314449056%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 307
https://adscale-emea.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fih.adscale.de%252Fsium%252F3ea5dc64954d4116a8865ad112a46a7f%252F1695314449056%252F0%252Fimg%253Ftpid%253D75%2526tpuid%253D%2524UID%26gdpr%3D0 HTTP 302
https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?tpid=75&tpuid=5249015533214457049&gdpr=0

Request Chain 143

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=a8e7a03b4592842b232cc9201f651f427b3dcc073f566dc578af180f627c04a6&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865ad112a46a7f%2F1695314449056%2F0%2Fjs&gdpr=0 HTTP 302
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=a8e7a03b4592842b232cc9201f651f427b3dcc073f566dc578af180f627c04a6&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865ad112a46a7f%2F1695314449056%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/js?tpid=48&tpuid=fa184d94910a191b7d96af61a5425a25

174 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
glucotrust1.bigofferattention.site/ 59 KB
14 KB 4466ms
745ms Document
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx / PHP/8.0.30 PleskLin
Resource Hash: a740fade8b50cf6ddc0e2efa1fdab481760e33a32e3f3b0fa35e49123e82856e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Sep 2023 16:40:47 GMT
server: nginx
x-powered-by: PHP/8.0.30 PleskLin

GET
H2 200 cookieconsent.js Show response
s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/ 101 KB
24 KB 107ms
22ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: af9899a393c086ef1507641bc6ed14e6d86f6478d6d1fbd701598918a24b0df8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 8059728
x-powered-by: ASP.NET
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
server: MerlinCDN
etag: W/"4d95b6d5ae46d91:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: de-fra-dp-s01
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
s.hbrcdn.com/mstatic/assets/js/ 132 KB
47 KB 108ms
23ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/js/jquery-3.6.0.min.js?v=81
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: 7e839be27e80dcb227b58103c0ee39a018a0dab3fca6215abc2b39bce20a1704

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 8059728
x-powered-by: ASP.NET
x-midtier: de-fra-dp-s02
x-cache-status: HIT
server: MerlinCDN
etag: W/"44e242b3da0d91:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: de-fra-dp-s01
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 general.min.css
s.hbrcdn.com/mstatic/assets/css/ 290 KB
55 KB 95ms
11ms Stylesheet
text/css 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100275
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: af4a618eaeedfe6c457deff4bcb15580f9a36a267ca8b19ce2ef96c586dda4d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 11390
x-powered-by: ASP.NET
x-midtier: de-fra-lea-s01
x-cache-status: HIT
server: MerlinCDN
etag: W/"4f0692189ecd91:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-edge: de-fra-dp-s01
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 header.css
s.hbrcdn.com/mstatic/assets/css/ 15 KB
3 KB 102ms
18ms Stylesheet
text/css 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100275
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: 048473f79c4d9ffdb55e9a7a0bbf99131dcc4b451b02c9535ea80e11c1827dec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 11390
x-powered-by: ASP.NET
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
server: MerlinCDN
etag: W/"10cefad63e7d91:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-edge: de-fra-dp-s01
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 responsive.css
s.hbrcdn.com/mstatic/assets/css/ 133 KB
28 KB 103ms
19ms Stylesheet
text/css 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/css/responsive.css?v=100275
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: cadc7b8d78ac6334e96fefc21605b525357c68a1038936faa5555eac693d620a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 11390
x-powered-by: ASP.NET
x-midtier: de-fra-dp-s02
x-cache-status: HIT
server: MerlinCDN
etag: W/"e7212d2289ecd91:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-edge: de-fra-dp-s01
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haberler-logo.svg
s.hbrcdn.com/static/img/tasarim/ 3 KB
2 KB 7ms
6ms Image
image/svg+xml 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/static/img/tasarim/haberler-logo.svg
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: b6d5ce14b069d40cb5859aa9fdeeb16368192644526d6353cf773f040edc9ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
server: MerlinCDN
age: 8059728
etag: W/"d0e022c5def2d51:0"
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: de-fra-lea-s01
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s01
cache-control: max-age=315360000
allow: GET, HEAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haberler-logo.png
s.hbrcdn.com/mstatic/assets/img/ 5 KB
6 KB 8ms
6ms Image
image/png 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/haberler-logo.png
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: 8e2c49db07018a59ab49b67849718cd1cfe72bec77de478771f5e70a7327cb88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
age: 8059728
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: de-fra-dp-s02
content-length: 5417
server: MerlinCDN
etag: "c9b327ec6b9d71:0"
allow: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-edge: de-fra-dp-s01
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-header-search.png
s.hbrcdn.com/mstatic/assets/img/ 1 KB
1 KB 8ms
6ms Image
image/png 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/icon-header-search.png
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: 8ab35ac6bc54b61452906c1c99641547a8ea08869d7d25b6f7baa872009035f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
age: 8059728
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: de-fra-lea-s01
content-length: 1141
server: MerlinCDN
etag: "541f49ec6b9d71:0"
allow: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-edge: de-fra-dp-s01
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 1x1.gif
glucotrust1.bigofferattention.site/ 808 B
808 B 94ms
92ms Image
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glucotrust1.bigofferattention.site/1x1.gif
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
content-encoding: br
last-modified: Thu, 21 Sep 2023 11:38:57 GMT
server: nginx
etag: W/"328-605dcf002177d"
content-type: text/html

GET
H2 200 advertisement.gif
s.hbrcdn.com/static/reklam/ 95 B
399 B 8ms
6ms Image
image/gif 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/static/reklam/advertisement.gif?ads=1
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: 51b42074adc78d3a6e9e45b60e8f366ed5dc028a84e4bbcf7811e7d42e188510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
age: 8059728
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: de-fra-lea-s01
content-length: 95
server: MerlinCDN
etag: "379128da78d7d51:0"
allow: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
x-edge: de-fra-dp-s01
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haber-detay.js Show response
s.hbrcdn.com/mstatic/js/ 74 KB
19 KB 8ms
7ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/js/haber-detay.js?v=2.795
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: 9298f8b2c8ba030780fd667c0ed8ccf6a0cb516aa96263d6558aa16544ceb576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 1502122
x-powered-by: ASP.NET
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
server: MerlinCDN
etag: W/"7a49a69e0dfd91:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: de-fra-dp-s01
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 504 tracker1.js
cdn.p.analitik.bik.gov.tr/ 0
0 41ms
6ms Script
text/html 89.187.169.43
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-43.cdn77.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 357 KB
87 KB 44ms
17ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSKB5QB

Requested by

Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb90e572c7472349c515aaa1d2a70af26ab1f918073589300479c76f55522bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89039
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 16:04:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Sep 2023 16:40:47 GMT

POST
H2 200 c.aspx Show response
c.keltis.com/ 0
144 B 153ms
42ms XHR
application/x-javascript 212.68.47.11
EQUINIX

General

Check archive.org

Show headers Download Go to

Full URL: https://c.keltis.com/c.aspx?
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.68.47.11 , Turkey, ASN15830 (EQUINIX, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://glucotrust1.bigofferattention.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 21 Sep 2023 16:40:45 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: private, max-age=86400
content-length: 0

GET
H2 200 spdx.js Show response
s.hbrcdn.com/mstatic/assets/js/ 12 KB
5 KB 8ms
7ms Script
application/javascript 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/js/spdx.js?v=0
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: a79f658e21388c2f1c9237816ccb4d86b311b7a97420c764d5c8beddd53f3e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 8059728
x-powered-by: ASP.NET
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
server: MerlinCDN
etag: W/"bf3bbc9eccb7d81:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: de-fra-dp-s01
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 33ms
6ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 15:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3386
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Sep 2023 17:44:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 123ms
97ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b4cc8df451e0bb747504cf3f982ee2790ec0131751aad41d5f12f86d9006ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
server: cafe
etag: 669 / 19621 / 31078075 / config-hash: 6976340128925202864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 16:40:47 GMT

GET
H/1.1 200
OK xz0y.js Show response
geo.dailymotion.com/libs/player/ 35 KB
14 KB 163ms
37ms Script
application/javascript 188.65.124.92
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/libs/player/xz0y.js?_=1695314447580

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.92 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.ix7.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

8d05ebc77f3611464ab36282099939f747ade64839144a6747f83cf77ad5edf6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Date: Thu, 21 Sep 2023 16:40:47 GMT
Server: DMS/1.0.42
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary: X-DM-SSL, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Server-Timing: total;dur=15, dc;desc="ix7"
Timing-Allow-Origin: *
Content-Length: 12978

GET
H2 200 searchbar-icon.png
s.hbrcdn.com/mstatic/assets/img/ 995 B
1 KB 6ms
6ms Image
image/png 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/searchbar-icon.png
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100275
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: 2a689ccabc2668e13126715b0b9ea6829af15218f5445e6f595c3a04c8f8276c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100275
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
age: 7978055
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: nl-naw-ws-s08
content-length: 995
server: MerlinCDN
etag: "fcb7aaec6b9d71:0"
allow: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-edge: de-fra-dp-s01
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search-icon.svg
www.haberler.com/mstatic/assets/img/ 608 B
750 B 67ms
6ms Image
image/svg+xml 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haberler.com/mstatic/assets/img/search-icon.svg

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100275

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN / ASP.NET

Resource Hash

73c379d75be2202585d1f33f3c8047654e4f0ad9911e0eae1de2df5d1ee168f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.hbrcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
content-encoding: gzip
age: 6077624
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: nl-naw-ws-s08
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 08:50:33 GMT
server: MerlinCDN
etag: W/"fcb7aaec6b9d71:0"
allow: GET, HEAD
content-type: image/svg+xml
x-edge: de-fra-dp-s03
cache-control: max-age=10454400
expires: Sat, 11 Nov 2023 08:26:35 GMT

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 AGSKWxXjiBnhdVIxfzhC0gUQPzo5qLJsy4eVGLVy4xdw4xNvKGRdKWS8LzrzJb569YdXDCxZm_Fwnum-KlbU3Z__hn8= Show response
fundingchoicesmessages.google.com/f/ 20 KB
9 KB 91ms
41ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXjiBnhdVIxfzhC0gUQPzo5qLJsy4eVGLVy4xdw4xNvKGRdKWS8LzrzJb569YdXDCxZm_Fwnum-KlbU3Z__hn8=

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d80bcad0d846a5e7073f2843b7ed813b4d36a90372eabb4c998ca62a714efea

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-S_xmgxehDccfsllzXGWVgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-S_xmgxehDccfsllzXGWVgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
159 B 14ms
13ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=59546130&t=event&_s=1&dl=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&ul=en-us&de=UTF-8&dt=Havada%20u%C3%A7arak%20geldi!%20%C4%B0ki%20oyuncuyu%20birden%20sakatlay%C4%B1p%20hastanelik%20etti%20-%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Mobil%20Haber%20Detay&ea=Impression&el=Videolu%20Haber&_u=aEBAAEABEAAAACAAI~&jid=859219054&gjid=89214828&cid=66054069.1695314448&tid=UA-242929-3&_gid=142767620.1695314448&_r=1&_slc=1&cd6=%7CDefault%7C&cd4=Spor%2CSpor&z=437349316

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://glucotrust1.bigofferattention.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://glucotrust1.bigofferattention.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 7ms
7ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=59546130&t=pageview&_s=2&dl=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&ul=en-us&de=UTF-8&dt=Havada%20u%C3%A7arak%20geldi!%20%C4%B0ki%20oyuncuyu%20birden%20sakatlay%C4%B1p%20hastanelik%20etti%20-%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=&gjid=&cid=66054069.1695314448&tid=UA-242929-3&_gid=142767620.1695314448&cd6=%7CDefault%7C&cd4=Spor%2CSpor&cd1=Spor&z=1564569223

Requested by

Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 15:08:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5554
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 196ms
90ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

92d967aa9f47d13c45fa328edf25255a86f1b4cabf5673a516166a274da4c235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 20 Sep 2023 14:40:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "650ada40-11420"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70688
expires: Thu, 21 Sep 2023 17:40:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
95 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1f51471dd91695d27988e7f9c4265752948ba13ef93e7b35b233774207017a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96982
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Sep 2023 16:40:47 GMT

GET adv.js
d.haberler.com/ 0
0

GET
H2 200 haberler.com.png
www.haberler.com/static/images/ 1 KB
1 KB 8ms
6ms Image
image/png 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haberler.com/static/images/haberler.com.png

Requested by

Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN / ASP.NET

Resource Hash

32868a1bf80d19678eb0651409c76b377427788cf2ba1dd6aefc3f0c9fdd796c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
age: 185054
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: de-fra-dp-s02
content-length: 1086
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Jun 2021 10:59:31 GMT
server: MerlinCDN
etag: "a32ea75d9e57d71:0"
allow: GET, HEAD, POST
content-type: image/png
x-edge: de-fra-dp-s03
cache-control: max-age=2592000
accept-ranges: bytes

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=59546130&t=event&_s=3&dl=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&ul=en-us&de=UTF-8&dt=Havada%20u%C3%A7arak%20geldi!%20%C4%B0ki%20oyuncuyu%20birden%20sakatlay%C4%B1p%20hastanelik%20etti%20-%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ana%20Sayfa&ea=Impression&el=BIM_22_EYL%C3%9CL_AKTUEL_CUMA%20Masthead&_u=aEBAAEABEAAAACAAI~&jid=&gjid=&cid=66054069.1695314448&tid=UA-242929-3&_gid=142767620.1695314448&cd6=%7CDefault%7C&cd4=Spor%2CSpor&cd1=Spor&z=2027183353

Requested by

Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 14:28:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7963
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
361 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-242929-3&cid=66054069.1695314448&jid=859219054&gjid=89214828&_gid=142767620.1695314448&_u=aEBAAEAAEAAAACAAI~&z=977659160

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glucotrust1.bigofferattention.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Sep 2023 16:40:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://glucotrust1.bigofferattention.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
266 B 36ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je39i0&_p=59546130&_gaz=1&cid=66054069.1695314448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695314447&sct=1&seg=0&dl=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&dt=Havada%20u%C3%A7arak%20geldi!%20%C4%B0ki%20oyuncuyu%20birden%20sakatlay%C4%B1p%20hastanelik%20etti%20-%20Haberler&en=page_view&_fv=2&_ss=2&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://glucotrust1.bigofferattention.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 19ms
19ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FFKENFZBJW&cid=66054069.1695314448&gtm=45je39i0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://glucotrust1.bigofferattention.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 70ms
49ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FFKENFZBJW&cid=66054069.1695314448&gtm=45je39i0&aip=1&z=1308393286

Requested by

Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 67ms
45ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-242929-3&cid=66054069.1695314448&jid=859219054&_u=aEBAAEAAEAAAACAAI~&z=1265199336

Requested by

Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 59ms
49ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-242929-3&cid=66054069.1695314448&jid=859219054&_u=aEBAAEAAEAAAACAAI~&z=1265199336

Requested by

Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je39i0&_p=59546130&cid=66054069.1695314448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1695314447&sct=1&seg=0&dl=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&dt=Havada%20u%C3%A7arak%20geldi!%20%C4%B0ki%20oyuncuyu%20birden%20sakatlay%C4%B1p%20hastanelik%20etti%20-%20Haberler&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://glucotrust1.bigofferattention.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://glucotrust1.bigofferattention.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/ 409 KB
129 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078075

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34ec03e16ba423f27b2db224a2d1ae09f27c349fb245c1407ac87808ccbe5679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 13:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9799
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131874
x-xss-protection: 0
server: cafe
etag: 11000565836845060056
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 20 Sep 2024 13:57:28 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 67 B
85 B 57ms
41ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=glucotrust1.bigofferattention.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84a0876afaccfbf06ddcbdc1406a778c294f9b1c515c9d52cd0f0f741638c3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61
x-xss-protection: 0
expires: Thu, 21 Sep 2023 16:40:47 GMT

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ 15 B
363 B 69ms
18ms Fetch
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xz0y.js?_=1695314447580
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://glucotrust1.bigofferattention.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

Date: Thu, 21 Sep 2023 16:40:47 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10133.-lS0qkP4nRJfKhVbgIr8GJT9_2lLaxY69T-5Q7yqS5JQwHB0r7JPBosrL_ezVp50.abv2BzuZF6Noxe0FXdVKpzMykmQ%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10133.63JMFn-Ea6tRPSsDJ-G8PPLZjEuQgg2_SL4MZpAfTzPS4kt-U0HUH2lyJayfsCeAXrODzUaQsRCSeCCEFm9185UPaZU6G1OvmEx2_TwLDgw%2C.gywlBxWGJMNcVwb2E3F-1xboVfo%2C

43 B
67 B

49ms
49ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10133.63JMFn-Ea6tRPSsDJ-G8PPLZjEuQgg2_SL4MZpAfTzPS4kt-U0HUH2lyJayfsCeAXrODzUaQsRCSeCCEFm9185UPaZU6G1OvmEx2_TwLDgw%2C.gywlBxWGJMNcVwb2E3F-1xboVfo%2C

Requested by

Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10133.63JMFn-Ea6tRPSsDJ-G8PPLZjEuQgg2_SL4MZpAfTzPS4kt-U0HUH2lyJayfsCeAXrODzUaQsRCSeCCEFm9185UPaZU6G1OvmEx2_TwLDgw%2C.gywlBxWGJMNcVwb2E3F-1xboVfo%2C
date: Thu, 21 Sep 2023 16:40:48 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
138 B 56ms
53ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20 Sep 2023 14:40:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "650ada40-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 21 Sep 2023 17:40:48 GMT

GET
H2 404 ah_2.js
glucotrust1.bigofferattention.site/static/js/ 0
0 97ms
96ms Script
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://glucotrust1.bigofferattention.site/static/js/ah_2.js?v=0.02.113
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: br
last-modified: Thu, 21 Sep 2023 11:38:57 GMT
server: nginx
etag: W/"328-605dcf002177d"
content-type: text/html

GET
H2 404 / Show response
glucotrust1.bigofferattention.site/ajax/kat1003/mansetteki_haberler/ 808 B
500 B 94ms
94ms Fetch
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://glucotrust1.bigofferattention.site/ajax/kat1003/mansetteki_haberler/
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/haber-detay.js?v=2.795
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: br
last-modified: Thu, 21 Sep 2023 11:38:57 GMT
server: nginx
etag: W/"328-605dcf002177d"
content-type: text/html

GET
H2 404 lazyload.js
glucotrust1.bigofferattention.site/mstatic/assets/js/ 0
0 94ms
94ms Script
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://glucotrust1.bigofferattention.site/mstatic/assets/js/lazyload.js
Requested by: Host: glucotrust1.bigofferattention.site
URL: https://glucotrust1.bigofferattention.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: br
last-modified: Thu, 21 Sep 2023 11:38:57 GMT
server: nginx
etag: W/"328-605dcf002177d"
content-type: text/html

GET
H2 200 pes.playerInterface.43a0d1e2.js Show response
static1.dmcdn.net/playerv5/ 5 KB
2 KB 53ms
9ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/pes.playerInterface.43a0d1e2.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 3dcd2f16c7c904c0e17382a7935a110d55734a6a46bb21c908a1576495de0d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 8671
server-timing: total;dur=1, dc;desc="dc3"
content-length: 1748
last-modified: Thu, 21 Sep 2023 14:13:58 GMT
server: DMS/1.0.42
etag: "650c4fa6-1383"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: a53170653c92960aa5deb4a36eb83295
expires: Sat, 21 Oct 2023 14:16:17 GMT

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ 15 B
363 B 18ms
18ms Fetch
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xz0y.js?_=1695314447580
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://glucotrust1.bigofferattention.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

Date: Thu, 21 Sep 2023 16:40:48 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

GET
H/1.1 200
OK cookie.js Show response
geo.dailymotion.com/ 38 B
977 B 29ms
29ms Script
application/javascript 188.65.124.92
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/cookie.js

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.92 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.ix7.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

407c0ea74212ba3a966ae1d7cf3c8ecf68e6071c8b6194fa830e4560ec13635b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Date: Thu, 21 Sep 2023 16:40:48 GMT
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Server: DMS/1.0.42
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary: X-DM-SSL
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Server-Timing: total;dur=10, dc;desc="ix7"
Timing-Allow-Origin: *
Content-Length: 38

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 763 B
419 B 272ms
271ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=10808002795017&correlator=3478597686376965&eid=31078075%2C31077899%2C31077190&output=ldjh&gdfp_req=1&vrg=202309200101&ptt=17&impl=fifs&iu_parts=1007216%2CHaberler_Desktop_NP_160x600_Left_YM&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C120x600%7C160x600&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1695314448156&lmt=1695307248&adxs=102&adys=52&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&vis=1&psz=160x-1&msz=160x-1&fws=4&ohw=1600&ga_vid=66054069.1695314448&ga_sid=1695314448&ga_hid=59546130&ga_fc=true&dlt=1695314447453&idt=371&cust_params=Haber_Kat%3DSpor&adks=293307002&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078075

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

523c8b7e862f101703a8c593306180b340da7318fb1d2a5e7f9dc8e888b4d813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 388
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://glucotrust1.bigofferattention.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 79ms
57ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078075

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25e8f52a30459e482025bc63f81b9dc467ff7e0ede1da6696ab0777b95bf8a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12030
x-xss-protection: 0

GET
H2 200 container.html Show response
d20305a98d81e287c749d79e48eb9e67.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E7F4 6 KB
3 KB 81ms
14ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d20305a98d81e287c749d79e48eb9e67.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glucotrust1.bigofferattention.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 16:40:48 GMT
expires: Fri, 20 Sep 2024 16:40:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 587 B
316 B 51ms
50ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=10808002795017&correlator=3478597686376965&eid=31078075%2C31077899%2C31077190&output=ldjh&gdfp_req=1&vrg=202309200101&ptt=17&impl=fifs&iu_parts=1007216%2CHaberler_Desktop_NP_160x600_Right_YM&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600&fluid=height&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1695314448168&lmt=1695307248&adxs=1338&adys=52&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&vis=1&psz=160x-1&msz=160x-1&fws=4&ohw=1600&ga_vid=66054069.1695314448&ga_sid=1695314448&ga_hid=59546130&ga_fc=true&dlt=1695314447453&idt=371&cust_params=Haber_Kat%3DSpor&adks=2322404063&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078075

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aea7b0367865901d235e5732b0a8843a78e2af96f45c704635f8ed78fb3ac185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://glucotrust1.bigofferattention.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
cdn.serve.admatic.com.tr/showad/ 278 KB
279 KB 82ms
8ms Script
application/javascript 163.171.132.42
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.serve.admatic.com.tr/showad/showad.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.42 , Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8cafc698e1a9b0e7c0000ef7638d0e145affa286217f36fd5feab8d26a28d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
via: 1.1 VM-FRA-0124V35:10 (W)
x-amz-request-id: TVDS50ZD155KK06B
age: 41194
x-amz-server-side-encryption: AES256
x-px: ht VM-FRA-0124V35FRA
content-length: 285091
x-amz-id-2: /cfxA4nTvr3upOXiZkcWu4dAsPb/zOfKgLi1SnGA5Hj5caskkEUtfaL/lCEE6M8jYkXvA57tWxI=
last-modified: Fri, 15 Sep 2023 09:34:58 GMT
server: PWS/8.3.1.0.8
etag: "32a1a8a73b4b125902e49ae3ca532253"
x-ws-request-id: 650c7210_VM-FRA-01T6Y27_13750-11837
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2

200

ad.js Show response
trgde.adocean.pl/__/_1695314448173/
Redirect Chain

https://trgde.adocean.pl/_1695314448173/ad.js?id=UpMBh5cNbIbK8hE55vTGh9sqIlUDQl5OyrpzqsopMJf.E7/nc=0/gdpr=0/gdpr_consent=/redir=
https://trgde.adocean.pl/__/_1695314448173/ad.js?id=UpMBh5cNbIbK8hE55vTGh9sqIlUDQl5OyrpzqsopMJf.E7/nc=0/gdpr=0/gdpr_consent=/redir=

5 KB
2 KB

19ms
19ms

XHR
application/x-javascript

37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://trgde.adocean.pl/__/_1695314448173/ad.js?id=UpMBh5cNbIbK8hE55vTGh9sqIlUDQl5OyrpzqsopMJf.E7/nc=0/gdpr=0/gdpr_consent=/redir=
Protocol: H2
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 6d7fb4bcb0742264fbf7faffe180c1fd8e6b12d019a7a08ada86fd27ee36230a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://glucotrust1.bigofferattention.site
content-type: application/x-javascript
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 1477
expires: Wed, 20 Sep 2023 16:40:48 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:48 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://glucotrust1.bigofferattention.site
location: /__/_1695314448173/ad.js?id=UpMBh5cNbIbK8hE55vTGh9sqIlUDQl5OyrpzqsopMJf.E7/nc=0/gdpr=0/gdpr_consent=/redir=
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
expires: Wed, 20 Sep 2023 16:40:48 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 581 B
313 B 263ms
263ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=10808002795017&correlator=3478597686376965&eid=31078075%2C31077899%2C31077190&output=ldjh&gdfp_req=1&vrg=202309200101&ptt=17&impl=fifs&iu_parts=1007216%2CHaberler_Desktop_NP_300x600_YM&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x600%7C120x600%7C160x600&fluid=height&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1695314448178&lmt=1695307248&adxs=992&adys=76&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&vis=1&psz=336x-1&msz=336x-1&fws=4&ohw=1600&ga_vid=66054069.1695314448&ga_sid=1695314448&ga_hid=59546130&ga_fc=true&dlt=1695314447453&idt=371&cust_params=Haber_Kat%3DSpor&adks=2972572884&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078075

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535bdbdfa4f1236ed1ca39b55150ac0ffb7fd3bbce8ec6af26f795077be22658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://glucotrust1.bigofferattention.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/14231362/
Redirect Chain

https://mc.yandex.com/watch/14231362?wmode=7&page-url=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A4641...
https://mc.yandex.com/watch/14231362/1?wmode=7&page-url=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A46...

428 B
731 B

49ms
48ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/14231362/1?wmode=7&page-url=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A4641%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A769330424386%3Ahid%3A906578432%3Az%3A120%3Ai%3A20230921184047%3Aet%3A1695314448%3Ac%3A1%3Arn%3A1040107674%3Arqn%3A1%3Au%3A1695314448443099646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C3218%2C746%2C1%2C0%2C0%2C%2C168%2C6%2C%2C%2C%2C4636%3Aco%3A0%3Acpf%3A1%3Ans%3A1695314442984%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1695314448%3At%3AHavada%20u%C3%A7arak%20geldi%21%20%C4%B0ki%20oyuncuyu%20birden%20sakatlay%C4%B1p%20hastanelik%20etti%20-%20Haberler&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

029fd41b4375c7a13498f650f5b513c57246fb2593f2a122831da96dccf45a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 21-Sep-2023 16:40:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://glucotrust1.bigofferattention.site
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Thu, 21-Sep-2023 16:40:48 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 21-Sep-2023 16:40:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/14231362/1?wmode=7&page-url=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A4641%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A769330424386%3Ahid%3A906578432%3Az%3A120%3Ai%3A20230921184047%3Aet%3A1695314448%3Ac%3A1%3Arn%3A1040107674%3Arqn%3A1%3Au%3A1695314448443099646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C3218%2C746%2C1%2C0%2C0%2C%2C168%2C6%2C%2C%2C%2C4636%3Aco%3A0%3Acpf%3A1%3Ans%3A1695314442984%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1695314448%3At%3AHavada%20u%C3%A7arak%20geldi%21%20%C4%B0ki%20oyuncuyu%20birden%20sakatlay%C4%B1p%20hastanelik%20etti%20-%20Haberler&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin: https://glucotrust1.bigofferattention.site
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 21-Sep-2023 16:40:48 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je39i0&_p=59546130&cid=66054069.1695314448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=gA&sid=1695314447&sct=1&seg=0&dl=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&dt=Havada%20u%C3%A7arak%20geldi!%20%C4%B0ki%20oyuncuyu%20birden%20sakatlay%C4%B1p%20hastanelik%20etti%20-%20Haberler&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://glucotrust1.bigofferattention.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://glucotrust1.bigofferattention.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK xz0y.html Show response
geo.dailymotion.com/player/ Frame B443 56 KB
18 KB 40ms
40ms Document
text/html 188.65.124.92
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xz0y.js?_=1695314447580

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.92 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.ix7.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

01680ee97f0088831f39804342f932ffaff937e0c93f4cd3d88ee06bcb6c928c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

Referer: https://glucotrust1.bigofferattention.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 17884
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Sep 2023 16:40:48 GMT
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Referrer-Policy: strict-origin-when-cross-origin
Server: DMS/1.0.42
Server-Timing: total;dur=19, dc;desc="ix7"
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin: *
Vary: X-DM-SSL,Accept-Encoding

GET
H2 200 dmp.infopack.77a905c1538c3d13529b.js Show response
static1.dmcdn.net/playerv5/ Frame B443 55 KB
14 KB 9ms
6ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.infopack.77a905c1538c3d13529b.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 83b3a212bf8edcdbe4d55b58b7a49cfb0e8f3b483af4695d4e858b52ea8431ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 2571818
server-timing: total;dur=0, dc;desc="dc3"
content-length: 14398
last-modified: Thu, 17 Aug 2023 11:31:13 GMT
server: DMS/1.0.42
etag: "64de0501-dab6"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 3400cae25c3fb991b353dbfc3766627c
expires: Thu, 21 Sep 2023 22:17:10 GMT

GET
H2 200 dmp.jq_flight.1d9782312a093aadb89f.js Show response
static1.dmcdn.net/playerv5/ Frame B443 41 KB
15 KB 10ms
7ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.jq_flight.1d9782312a093aadb89f.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 5e24b61f7ae7a4e552208ab7eb54601da5fd5af5a24a5cf542839398a33a9630

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 1474544
server-timing: total;dur=1, dc;desc="dc3"
content-length: 14946
last-modified: Mon, 04 Sep 2023 14:58:26 GMT
server: DMS/1.0.42
etag: "64f5f092-a5e2"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 789d045397792b878529c7310f6d98b1
expires: Wed, 04 Oct 2023 15:05:04 GMT

GET
H2 200 dmp.photon_manifest.c98345bd4bc1ab58beca.js Show response
static1.dmcdn.net/playerv5/ Frame B443 4 KB
3 KB 10ms
7ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.c98345bd4bc1ab58beca.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: ca795d785c92219f7bf9b6ae3c19c6511721c423be4c2219d72995f9091bd26b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 8671
server-timing: total;dur=0, dc;desc="dc3"
content-length: 2490
last-modified: Thu, 21 Sep 2023 14:13:50 GMT
server: DMS/1.0.42
etag: "650c4f9e-11fc"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: fe60ac2b8461fc3a78d1d571f82cabf2
expires: Sat, 21 Oct 2023 14:16:17 GMT

GET
H2 200 dmp.photon_vendor.4d691f5427958445345e.js Show response
static1.dmcdn.net/playerv5/ Frame B443 321 KB
96 KB 15ms
13ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.4d691f5427958445345e.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 4b9ccae59d778f61af4962b6eba73404430dfce2065f29b3ae606e2c93d14f54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 98027
server-timing: total;dur=1, dc;desc="dc3"
content-length: 97732
last-modified: Wed, 20 Sep 2023 13:26:13 GMT
server: DMS/1.0.42
etag: "650af2f5-503ed"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 3cedd93066e4599ba667279c85b65be2
expires: Fri, 20 Oct 2023 13:27:01 GMT

GET
H2 200 dmp.photon_boot.702ea352f56cbe360c98.js Show response
static1.dmcdn.net/playerv5/ Frame B443 116 KB
35 KB 14ms
11ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.photon_boot.702ea352f56cbe360c98.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 7abd016008a16d4e493f50590091cb2799bf5760b764eb67e28915ddb7e55a86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 199225
server-timing: total;dur=2, dc;desc="dc3"
content-length: 35707
last-modified: Tue, 19 Sep 2023 07:50:52 GMT
server: DMS/1.0.42
etag: "650952dc-1cee0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: c38a254d02164f8d415491c48cdef6cc
expires: Thu, 19 Oct 2023 09:20:23 GMT

GET
H2 200 dmp.photon_app.b719d6d6d4eb67b27348.js Show response
static1.dmcdn.net/playerv5/ Frame B443 356 KB
107 KB 16ms
14ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.b719d6d6d4eb67b27348.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 7fa2bf4a415b5752f0233d85f83245d78ec1e7cc51cd3fbdbb58d01171043478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 8671
server-timing: total;dur=1, dc;desc="dc3"
content-length: 109654
last-modified: Thu, 21 Sep 2023 14:13:50 GMT
server: DMS/1.0.42
etag: "650c4f9e-5911a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: aa155bad0474f9f2ff6ab931782647de
expires: Sat, 21 Oct 2023 14:16:17 GMT

GET
H2 200 dmp.photon_player.f947b8b6b5a346e89706.js Show response
static1.dmcdn.net/playerv5/ Frame B443 75 KB
23 KB 22ms
20ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.photon_player.f947b8b6b5a346e89706.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 6d7b5b8b53921d5e045886642d6d156291001c15aeaba1629647008daac8f6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 208602
server-timing: total;dur=1, dc;desc="dc3"
content-length: 23168
last-modified: Mon, 18 Sep 2023 15:13:19 GMT
server: DMS/1.0.42
etag: "6508690f-12dde"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 8a443b762e909238e34e274d4a3f1099
expires: Thu, 19 Oct 2023 06:44:06 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B443 359 KB
124 KB 61ms
22ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46b70779d5e04e84c467110c5f028beb73a1a9d5f67675fdbadc000773f58214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125907
x-xss-protection: 0
expires: Thu, 21 Sep 2023 16:40:48 GMT

GET
H2 200 dmp.advertising.8359e18e6deb53746ee7.js Show response
static1.dmcdn.net/playerv5/ Frame B443 8 KB
4 KB 22ms
22ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.advertising.8359e18e6deb53746ee7.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 89a061a23ef01c5c9050035722015462cd3dbc0b6273290f92f8267eb94aab5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 292126
server-timing: total;dur=0, dc;desc="dc3"
content-length: 3363
last-modified: Fri, 15 Sep 2023 14:25:39 GMT
server: DMS/1.0.42
etag: "65046963-1e4e"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 8d13dba8f7feab92d8897277390d7327
expires: Wed, 18 Oct 2023 07:32:02 GMT

GET
H2 200 dmp.locale-en-US.392361d874e0355190a5.json Show response
static1.dmcdn.net/playerv5/ Frame B443 2 KB
942 B 26ms
9ms XHR
application/json 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.locale-en-US.392361d874e0355190a5.json
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: c8d7ace64894d227e9a65ae13f7fffa8feac2de602f7271e2b6b5c0c0f1e4823

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 1977636
server-timing: total;dur=1, dc;desc="dc3"
content-length: 613
last-modified: Tue, 29 Aug 2023 11:38:30 GMT
server: DMS/1.0.42
etag: "64edd8b6-822"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 978482613d39f4ecc81f93502a084756
expires: Thu, 28 Sep 2023 19:20:12 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 61ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:40:48 GMT

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame B443 15 B
363 B 18ms
18ms XHR
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Thu, 21 Sep 2023 16:40:48 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame B443 15 B
363 B 37ms
18ms Fetch
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

Date: Thu, 21 Sep 2023 16:40:48 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame B443 15 B
363 B 54ms
18ms Fetch
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

Date: Thu, 21 Sep 2023 16:40:48 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

GET
H/1.1 200
OK x8o6feh Show response
www.dailymotion.com/player/metadata/video/ Frame B443 9 KB
7 KB 163ms
122ms XHR
application/json 188.65.124.92
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymotion.com/player/metadata/video/x8o6feh?embedder=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&geo=1&player-id=xz0y&locale=en-US&dmV1st=59fa16bf-cf71-4e6a-a090-4d754cb8067a&dmTs=136141&is_native_app=0

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.92 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.ix7.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

c5c79636376188550dc0edfe65d969f9c44ad3bb5abb71368350b9bb5fa02f0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
Date: Thu, 21 Sep 2023 16:40:48 GMT
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing: total;dur=103, dc;desc="ix7"
Content-Length: 5699
Referrer-Policy: strict-origin-when-cross-origin
Server: DMS/1.0.42
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary: X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://geo.dailymotion.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Authorization

GET
H2 200 vendor-list-v204.json Show response
vendorlist.dmcdn.net/v2/archives/ Frame B443 418 KB
55 KB 28ms
7ms XHR
application/json 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.dmcdn.net/v2/archives/vendor-list-v204.json
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.infopack.77a905c1538c3d13529b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AmazonS3 /
Resource Hash: b0978fb0412437ad74f3482f09b3c0084254e06ca8a3956467c7a388746ab840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: GSRcJmcaUJWitICBWr9S2xwSG6ODE9pk
content-encoding: gzip
via: 1.1 12106f573f4d659c0533de0d7a9042c0.cloudfront.net (CloudFront)
date: Thu, 21 Sep 2023 16:40:48 GMT
x-amz-cf-pop: CDG52-P1
age: 450170
x-amz-server-side-encryption: AES256
content-length: 56075
last-modified: Thu, 29 Jun 2023 16:05:24 GMT
server: AmazonS3
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
x-ip-address: 178.79.244.120
x-amz-cf-id: AS-92Brrg2LZFvwLBWnJe3w_riHrbfs6PNqXWLCXiVIDbu6f_bcpYQ==
x-llid: e018b281b6291866eee3bedcdd2dd85a
expires: Sat, 23 Sep 2023 11:37:58 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10133.Ibas2ic-xczbM-P90SM9tRsDxa5IAJOaIhD-i4ndTzrneYuSwDWUhmusWqIR88TB.DuOiCgRhZ9i-p-EeD3e-sU8WDeE%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10133.8kb8CJSLohYk77ZjAZVbTj7Ziee-PfrVw0JqXdsUlGEa7nEVktOVUDcXj_WWpzNjJu3FdXahGd0_G3zSeFb6WVNFXJ3I2nOaM7dKthBrCtY%2C.dnVRECmNZaWHyHNqb...

43 B
79 B

47ms
46ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10133.8kb8CJSLohYk77ZjAZVbTj7Ziee-PfrVw0JqXdsUlGEa7nEVktOVUDcXj_WWpzNjJu3FdXahGd0_G3zSeFb6WVNFXJ3I2nOaM7dKthBrCtY%2C.dnVRECmNZaWHyHNqbqq7PsPY73k%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10133.8kb8CJSLohYk77ZjAZVbTj7Ziee-PfrVw0JqXdsUlGEa7nEVktOVUDcXj_WWpzNjJu3FdXahGd0_G3zSeFb6WVNFXJ3I2nOaM7dKthBrCtY%2C.dnVRECmNZaWHyHNqbqq7PsPY73k%2C
date: Thu, 21 Sep 2023 16:40:48 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK cst Show response
ingest.serve.admatic.com.tr/ Frame 8F80 649 B
847 B 147ms
46ms Document
text/html 212.57.20.60
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.serve.admatic.com.tr/cst
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.57.20.60 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-212-57-20-60.reverse.superonline.net
Software: /
Resource Hash: 2b4efb5148e85a1694fa80a845950f1e557da596f3f5c315721ac1206a8b2b30

Request headers

Referer: https://glucotrust1.bigofferattention.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-length: 649
content-type: text/html
cst-cookie: e1d23654-a90f-4e18-ab61-98e8d01ed85c
date: Thu, 21 Sep 2023 16:40:47 GMT
vary: Origin

GET
H2 200 vendor-list-v7.json Show response
vendorlist.dmcdn.net/v3/archives/ Frame B443 291 KB
37 KB 7ms
7ms XHR
application/json 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.dmcdn.net/v3/archives/vendor-list-v7.json
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.infopack.77a905c1538c3d13529b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 1925bd4ecd39314b244cb752044bd5808b2e6ffa12d5d93bbd9dece0c96f44e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: rwQg2h8cpFQjCI3_GbzoSA5.ksNgtKb1
content-encoding: gzip
via: 1.1 280bb21cc570c951a4ab6ce0d284fba4.cloudfront.net (CloudFront)
date: Thu, 21 Sep 2023 16:40:48 GMT
x-amz-cf-pop: CDG52-P1
age: 539350
x-amz-server-side-encryption: AES256
content-length: 37684
last-modified: Thu, 29 Jun 2023 16:07:27 GMT
server: AmazonS3
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
x-ip-address: 178.79.244.120
x-amz-cf-id: A0zmBG-o3CsWAeIhqdVeRnP2xpRSiMvWFtBWsEhSOV27MZ5dP8ysow==
x-llid: 525d25ffe47779c8e332a65e76edbfbe
expires: Fri, 22 Sep 2023 10:51:38 GMT

GET
H2 200 xgde.js Show response
gdetr.hit.gemius.pl/gdejs/ 57 KB
20 KB 82ms
19ms Script
application/x-javascript 188.165.145.88
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/haber-detay.js?v=2.795
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.165.145.88 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: GHC /
Resource Hash: 6c7a05fea6afc18509261d863d0e3e4926580c5086b1d33026de3880e48f647c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
last-modified: Thu, 21 Sep 2023 10:41:55 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "650C1DF30000E31FE5A1E332"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 20335
expires: Thu, 21 Sep 2023 20:40:48 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED6B 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glucotrust1.bigofferattention.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 15:29:41 GMT
expires: Fri, 20 Sep 2024 15:29:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1961 829 B
999 B 18ms
18ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4cee64755e028a90e68bdeb67305dda80af81963df2e6ab1d7e0dac6bb9fa4d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L2ucRxXpTT7EHJC4F9jw-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://glucotrust1.bigofferattention.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-L2ucRxXpTT7EHJC4F9jw-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 16:40:48 GMT
expires: Thu, 21 Sep 2023 16:40:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame ED6B 37 KB
14 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 14:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Sep 2024 14:46:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1961 0
0 112ms
108ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309200101&jk=10808002795017&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame B443 15 B
363 B 18ms
18ms Fetch
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

Date: Thu, 21 Sep 2023 16:40:48 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

GET
H2 200 dmp.omweb.482b0d3c4a252a265442.js Show response
static1.dmcdn.net/playerv5/ Frame B443 40 KB
14 KB 8ms
7ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.omweb.482b0d3c4a252a265442.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.c98345bd4bc1ab58beca.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: f61f00323bf51f559e473999cd21dd87aaa46f1d8774b9e86720f3675db3faef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 1542202
server-timing: total;dur=1, dc;desc="dc3"
content-length: 13820
last-modified: Wed, 30 Aug 2023 13:16:57 GMT
server: DMS/1.0.42
etag: "64ef4149-a0ec"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 4915d78d384aa67a160bdacb913cccd5
expires: Tue, 03 Oct 2023 20:17:26 GMT

GET
H2 200 dmp.omid_session_client.a520cc69722b65ee2f6d.js Show response
static1.dmcdn.net/playerv5/ Frame B443 66 KB
13 KB 8ms
8ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.omid_session_client.a520cc69722b65ee2f6d.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.c98345bd4bc1ab58beca.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 0dd4a741cf498d43051577fe9de0460caa07c18c42b7ced849830883cff22da0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 688536
server-timing: total;dur=2, dc;desc="dc3"
content-length: 13157
last-modified: Wed, 13 Sep 2023 11:49:14 GMT
server: DMS/1.0.42
etag: "6501a1ba-10757"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 7f20f46f1093b1a1cb76d00eb07c9214
expires: Fri, 13 Oct 2023 17:25:12 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B443 4 KB
2 KB 86ms
62ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.b719d6d6d4eb67b27348.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:40:48 GMT

GET
H/1.1 200
OK latencies.js Show response
speedtest.dailymotion.com/ Frame B443 7 KB
2 KB 62ms
15ms Script
application/javascript 188.65.124.91
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://speedtest.dailymotion.com/latencies.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.b719d6d6d4eb67b27348.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.91 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: st.dc3.dailymotion.com
Software: /
Resource Hash: 72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 16:40:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Sep 2020 07:44:45 GMT
Content-Type: application/javascript
Cache-Control: max-age=21600, public
Accept-Ranges: bytes
Content-Length: 2041
Expires: Thu, 21 Sep 2023 22:40:48 GMT

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame B443 15 B
363 B 18ms
18ms XHR
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.4d691f5427958445345e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept: application/json, text/plain, */*
Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Thu, 21 Sep 2023 16:40:48 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

GET
H2 200 ABCFavorit-Regular.woff2
static1.dmcdn.net/ Frame B443 49 KB
49 KB 7ms
7ms Font
application/octet-stream 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/ABCFavorit-Regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: cae765e89c38588186de4b36811acb8e873a674a2ca9223dca8fb391a012082b

Request headers

Referer: https://geo.dailymotion.com/
Origin: https://geo.dailymotion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
last-modified: Thu, 20 Jul 2023 12:37:31 GMT
server: DMS/1.0.42
age: 1021211
etag: "64b92a8b-c320"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
server-timing: total;dur=1, dc;desc="dc3"
accept-ranges: bytes
timing-allow-origin: *
content-length: 49952
x-llid: 16719f39cc6c006348aa37b6cfa72cd0
expires: Mon, 09 Oct 2023 21:00:37 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4860 359 KB
123 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.b719d6d6d4eb67b27348.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46b70779d5e04e84c467110c5f028beb73a1a9d5f67675fdbadc000773f58214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125907
x-xss-protection: 0
expires: Thu, 21 Sep 2023 16:40:48 GMT

GET
H2 200 sync.html Show response
cdn.serve.admatic.com.tr/showad/ Frame 76AD 5 KB
5 KB 8ms
8ms Document
text/html 163.171.132.42
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.serve.admatic.com.tr/showad/sync.html
Requested by: Host: cdn.serve.admatic.com.tr
URL: https://cdn.serve.admatic.com.tr/showad/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.42 , Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e68c280c71a65018ddc11deca38325739f5d4fe05f5c5a282d354cd0bb80268f

Request headers

Referer: https://glucotrust1.bigofferattention.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 40758
cache-control: public,max-age=300
content-length: 5011
content-type: text/html
date: Thu, 21 Sep 2023 16:40:48 GMT
etag: "8e2ccb7a0edd563fb6c8afce250d5913"
last-modified: Wed, 23 Aug 2023 06:57:01 GMT
server: PWS/8.3.1.0.8
via: 1.1 VM-FRA-01T6Y27:16 (W)
x-amz-id-2: z8ZRQEBppKd8fBpfZO1TfIeDVMwkJ44bE2xPb23gVOOpdh6cGS/jUw1gw1rnTIo0qZ0JEnyHefM=
x-amz-request-id: 330C3RC7BY23A38D
x-amz-server-side-encryption: AES256
x-px: ht VM-FRA-01T6Y27FRA
x-ws-request-id: 650c7210_VM-FRA-01T6Y27_13750-11845

OPTIONS
H/1.1 200
OK query
query.serve.admatic.com.tr/ Frame 0
0 154ms
46ms Preflight 212.57.20.60
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://query.serve.admatic.com.tr/query?cst=e1d23654-a90f-4e18-ab61-98e8d01ed85c&x-adtype=14&x-publisherID=170280064928&x-adSlotID=18q9f&x-admGroup=adm-pub-140550463727&x-clientBidder=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.57.20.60 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-212-57-20-60.reverse.superonline.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: debug-tag,x-referer
Access-Control-Request-Method: GET
Origin: https://glucotrust1.bigofferattention.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-referer,debug-tag
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://glucotrust1.bigofferattention.site
access-control-max-age: 3600
content-length: 0
date: Thu, 21 Sep 2023 16:40:47 GMT

GET
H/1.1 404
Not Found query Show response
query.serve.admatic.com.tr/ 44 B
595 B 136ms
47ms Fetch
application/json 212.57.20.60
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://query.serve.admatic.com.tr/query?cst=e1d23654-a90f-4e18-ab61-98e8d01ed85c&x-adtype=14&x-publisherID=170280064928&x-adSlotID=18q9f&x-admGroup=adm-pub-140550463727&x-clientBidder=true
Requested by: Host: cdn.serve.admatic.com.tr
URL: https://cdn.serve.admatic.com.tr/showad/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.57.20.60 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-212-57-20-60.reverse.superonline.net
Software: /
Resource Hash: 65300b637f4c3b1c2eb9b8c052bc2d02c215eb75a4196d7737a932723dd2a646

Request headers

Referer: https://glucotrust1.bigofferattention.site/
accept-language: de-DE,de;q=0.9
x-referer: https://glucotrust1.bigofferattention.site/
debug-tag: <ins data-publisher="adm-pub-140550463727" data-ad-network="170280064928" data-ad-type-id="995718032" data-ad-slot="4267312782" class="adm-ads-area" data-ad-slot-generated="18q9f" r="1"></ins>
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
cst-cookie: e1d23654-a90f-4e18-ab61-98e8d01ed85c
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://glucotrust1.bigofferattention.site
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-referer,debug-tag
content-length: 44

GET
H2 200 xgde.html Show response
gdetr.hit.gemius.pl/gdejs/ Frame 9AD9 303 B
315 B 19ms
18ms Document
text/html 188.165.145.88
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/gdejs/xgde.html
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.165.145.88 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: GHC /
Resource Hash: 7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0

Request headers

Referer: https://glucotrust1.bigofferattention.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: public, max-age=14400
content-encoding: gzip
content-length: 215
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 16:40:48 GMT
etag: "5996D7A50000012F9178E011"
expires: Thu, 21 Sep 2023 20:40:48 GMT
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin

GET
H2 200 billboard_gao_lib.async.js Show response
trgde.adocean.pl/files/js/ 21 KB
5 KB 57ms
18ms Script
application/x-javascript 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://trgde.adocean.pl/files/js/billboard_gao_lib.async.js?v=2
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 869a8671363a2e29ec0effa51a474f3bfaaed8ff1f8dc13bba8f9f2967893a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
last-modified: Wed, 19 Jul 2023 08:48:13 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64B7A34D000052D99D9C2A52"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, must-revalidate, max-age=432000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5036
expires: Tue, 26 Sep 2023 16:40:48 GMT

POST
H/1.1 200 381.json Show response
id5-sync.com/g/v2/ Frame 76AD 276 B
695 B 33ms
8ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/381.json?gdpr_consent=&gdpr=0

Requested by

Host: cdn.serve.admatic.com.tr
URL: https://cdn.serve.admatic.com.tr/showad/sync.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

f525824c3ed79dfaefcaff37383f3dac3118376e1e7845ca069a08a70eb77347

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cdn.serve.admatic.com.tr/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://cdn.serve.admatic.com.tr
date: Thu, 21 Sep 2023 16:40:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 76AD 2 B
383 B 51ms
16ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcdn.serve.admatic.com.tr&domain=cdn.serve.admatic.com.tr&bundle=&cw=1&lsw=1

Requested by

Host: cdn.serve.admatic.com.tr
URL: https://cdn.serve.admatic.com.tr/showad/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.serve.admatic.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.serve.admatic.com.tr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 211738
expires: 0

GET
H/1.1 200
OK /
id.ad-plus.com.tr/ Frame 76AD 0
690 B 261ms
55ms Image
text/plain 176.235.30.103
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.ad-plus.com.tr/?token=0.wkouy6frjzq
Requested by: Host: cdn.serve.admatic.com.tr
URL: https://cdn.serve.admatic.com.tr/showad/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 176.235.30.103 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.serve.admatic.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 16:40:48 GMT
Access-Control-Max-Age: 0
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Expose-Headers: Content-Length,Set-Cookie,Content-Range
cache-control: private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Slack-Request-Timestamp,X-Slack-Signature,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie
Content-Length: 0

GET
H2 200 xgde.js Show response
gdetr.hit.gemius.pl/gdejs/ Frame 9AD9 57 KB
20 KB 18ms
18ms Script
application/x-javascript 188.165.145.88
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: gdetr.hit.gemius.pl
URL: https://gdetr.hit.gemius.pl/gdejs/xgde.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.165.145.88 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: GHC /
Resource Hash: 6c7a05fea6afc18509261d863d0e3e4926580c5086b1d33026de3880e48f647c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gdetr.hit.gemius.pl/gdejs/xgde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
last-modified: Thu, 21 Sep 2023 10:41:55 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "650C1DF30000E31FE5A1E332"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 20335
expires: Thu, 21 Sep 2023 20:40:48 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/117/ Frame B443 51 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/117/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 13:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15373
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 15:05:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 22 Sep 2023 13:17:16 GMT

GET
H3 200 bridge3.590.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B88A 721 KB
231 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f35f83071a3c2e2026ed7f2b89b536c2c6a116bd99ae1cff343c0ecba7e9212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geo.dailymotion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 588313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236505
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 21:15:35 GMT
expires: Fri, 13 Sep 2024 21:15:35 GMT
last-modified: Thu, 14 Sep 2023 21:14:17 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 4860 44 KB
17 KB 86ms
47ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 16:40:48 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A036 40 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 21 Sep 2023 17:28:46 GMT

GET
H2 200 inscreen_lib.js Show response
gdetr.hit.gemius.pl/gdejs/ 26 KB
10 KB 19ms
18ms Script
application/x-javascript 188.165.145.88
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/gdejs/inscreen_lib.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.165.145.88 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: GHC /
Resource Hash: f4127127b3cf1142f69777cc7de7fb6ed68ff6957ada137f91c59989d64490ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
last-modified: Thu, 21 Sep 2023 10:41:55 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "650C1DF30000664A0B67D04E"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 9827
expires: Thu, 21 Sep 2023 20:40:48 GMT

GET
H2 200 dmp.dynamic_quality_switcher.802a6aece19865c74dde.js Show response
static1.dmcdn.net/playerv5/ Frame B443 23 KB
8 KB 7ms
7ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.dynamic_quality_switcher.802a6aece19865c74dde.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.c98345bd4bc1ab58beca.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 4386b833e182390c2f29daad009fafbedb99c2def0c35d82403592954966bc97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 8670
server-timing: total;dur=2, dc;desc="dc3"
content-length: 8075
last-modified: Thu, 21 Sep 2023 14:13:50 GMT
server: DMS/1.0.42
etag: "650c4f9e-5ba2"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 6a7987e601561a84191eb8843305dd54
expires: Sat, 21 Oct 2023 14:16:18 GMT

GET
H2 200 dmp.hlsjs.8d34f080f7b79dc57690.js Show response
static1.dmcdn.net/playerv5/ Frame B443 366 KB
109 KB 8ms
7ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.hlsjs.8d34f080f7b79dc57690.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_manifest.c98345bd4bc1ab58beca.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 088fb21a503fe283490cb2f24eef3c45df013458a00aba14eeedb9cc05d7f30c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
age: 288935
server-timing: total;dur=1, dc;desc="dc3"
content-length: 111206
last-modified: Fri, 08 Sep 2023 13:04:12 GMT
server: DMS/1.0.42
etag: "64fb1bcc-5b8b0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 476c9f513359b6a6d9484cf800f0b4af
expires: Wed, 18 Oct 2023 08:25:13 GMT

GET
H2 204 x8o6feh.m3u8 Show response
dmxleo.dailymotion.com/cdn/manifest/video/ Frame B443 0
276 B 84ms
20ms Script
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://dmxleo.dailymotion.com/cdn/manifest/video/x8o6feh.m3u8?auth=1695487248-2562-ywmrpwxk-58c88fb857e8b227ab34b84bc41fb2eb2CR8juMSKOK7QpwOoGb0rdi1qWluyHArk-TDNnG0FoqDc4P2LuGO1R3LKmAM4E3sFomrsl2pX85O2usArK78GK3veo8Z5DCLPRwNhwaL6a8fAj5ui_KpmgPSdaADNZZcwoPGYCWMjCwiHIYBo3rERcPTtsaIQJGPgEALEehagHH_1OhiMkiuHsDLgip9PQbVidaXobSzx7fLXuEgi4LPiKMyzOQu0EhAqOSS8YGvawZZYhTntY1KvBFJrqRNOfIEYRRUVk7NLD8zyBOkVt1yLPa7bxPU3jIiDiB_mhNPs88PV9Ymz77RKJWmKelYsGKiMcNF48oHAaWOfQGP8NpzvM8RXCHmi7Xei-wJ1cZ_mryhDVEHaVCWHnYHDPvcaLFBIt6057tcCxEDaT1P1Sd9XgVWZIygCmlTBn7PQ3hNCA8uggethT1H9dhdFQ6LN56_JXflovLaL3bi6ZIAGLfM3_ihWdMxL4xrUipjpWpniIijR2JKq2T90B7L3gYPMjrrr4Q3tbuFA7BT6abtlEKZ6aXysxk0KgTsYMelk63uGEqpH2Hfqx9earkWA9NPuz_rHM6oFT--hcNcG5qzSLaQVVMnLUZAsRII0YjuXst9pU4NsrrMjI7U6CdrIMv9pj8QRDtAllHd1FP1u01qvteo8Flryqw4NlrzAA_rLvTtLyts9Pll8AuqviBiT9hPfH6t9T03hXnxXY5LwUK5WHN5rKHXziV_YlkauOgRqOZm6OgXGMdT5vHf5mvwcUif6vttiR28bEKNosYwGOo_7gKldE9as0omsXqnZfPNv2LGFAMI8jbgsSCLYuzUIsDUhYKZFByrFlD6NwY-ExFQN-CDJaoun9SSFN5Uch_ZfQWv4pu5jwDlVWHL9-9cPEgxqKW4oQipJwZl_5Mb859TegK2m9EQHtJrakIbfJfdr28Q-XLPp6kht3HWOXm0jXvu17lyoiMdr_75PmhY6ame1B6NQEhxjji2G5fBYkrvl6l_cr51ENaSODNbhzLiwIoNlh8Msw97ymK84MD2iSufwMvkH7gNf0BVU-pqXWXsylbi0GF62OXk9yrXhV53VslmOHEniIMhbd0LTbSwJz3_lNUIiagliQJ0J_QvbxU3z0HDh9Y88PJLJjkHx-K9V10-wLAd-6nxmzdi9aFwSS292tUvVtCpH4N-4Kn_dwTBI2IhFIRSmTdR0Sxdtemzr4FFfJJV8NPdcrS2-m2AlOEKPpeVkPNSvGdkqY9dtkpl3tNTzT9zQI7Wl42YDkdIVSaD02HkZjEWToEcTZG2JFFS7PxcdbPoFjlpBG3VcFll37rXKEhqASWobGpw7nXLK1m147CGLEQUcXsL2Rc7LzNk4BRBoKx9kl9kzBUopuOLEnF50XahHnsF8Qa1sqYfc8kpuIWFbIkv5w9G7R8uP0JlGuZrZgd5UA_I9FntN7SYyg6voeq0BAyJ78xm01Xsh2_c0LTN85xdVXThU5svAY6sZAOTyIXP4JoN3tmtImXBWAZ-Qjz3mVOKRB_YDNEWgfturrnuBSL7_XhDzIJYopmhWIoPQd17NlmvYtbkY9LT4E0IB5eraz4npUi3yxli-BHwtQVGY&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=0&reader_us_privacy=1---

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.advertising.8359e18e6deb53746ee7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-mh5xj
date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: https://geo.dailymotion.com/
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ED6B 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kAzavg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 gemius.js Show response
gdetr.hit.gemius.pl/ Frame 9AD9 63 KB
18 KB 19ms
19ms Script
application/x-javascript 188.165.145.88
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/gemius.js
Requested by: Host: gdetr.hit.gemius.pl
URL: https://gdetr.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.165.145.88 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: GHC /
Resource Hash: ab49b06f01ba01695f3b425793784b260bc2dea123e763d6201f234f2315c9ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gdetr.hit.gemius.pl/gdejs/xgde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
content-encoding: gzip
last-modified: Sun, 17 Sep 2023 04:33:58 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17898
expires: Fri, 22 Sep 2023 04:40:48 GMT

GET
H2 200 index.html Show response
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 214 KB
26 KB 19ms
19ms Document
text/html 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
Requested by: Host: trgde.adocean.pl
URL: https://trgde.adocean.pl/files/js/billboard_gao_lib.async.js?v=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: ef84a03534fc07ae189be34d2e6cf87ff1390b097ed73d4693ac05d7244670a1

Request headers

Referer: https://glucotrust1.bigofferattention.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=4320000
content-encoding: gzip
content-length: 26639
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 16:40:48 GMT
etag: "65099A0D0003598950EFA0AA"
expires: Fri, 10 Nov 2023 16:40:48 GMT
last-modified: Tue, 19 Sep 2023 12:54:37 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GAD
vary: Accept-Encoding,Origin

GET
H2 200 ABCFavorit-Medium.woff2
static1.dmcdn.net/ Frame B443 52 KB
52 KB 7ms
6ms Font
application/octet-stream 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/ABCFavorit-Medium.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 2d7e04f93797dca868560733bfe7342aabd013ae8bba52073a35bc5fd99e830b

Request headers

Referer: https://geo.dailymotion.com/
Origin: https://geo.dailymotion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
last-modified: Thu, 20 Jul 2023 12:32:37 GMT
server: DMS/1.0.42
age: 1341551
etag: "64b92965-ce44"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
server-timing: total;dur=0, dc;desc="dc3"
accept-ranges: bytes
timing-allow-origin: *
content-length: 52804
x-llid: 525392e7f2c0a19e019ab4023a257941
expires: Fri, 06 Oct 2023 04:01:37 GMT

GET
H/1.1 200
OK x8o6feh.m3u8 Show response
www.dailymotion.com/cdn/manifest/video/ Frame B443 3 KB
2 KB 43ms
42ms XHR
application/vnd.apple.mpegurl 188.65.124.92
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymotion.com/cdn/manifest/video/x8o6feh.m3u8?sec=fi2O2hY9XDpMJoYKOB8Q_JehSE6xWmkSXdKsbBycxlESQEcX2gc_BYrjR3jAlhDX&dmTs=136141&dmV1st=59fa16bf-cf71-4e6a-a090-4d754cb8067a

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.hlsjs.8d34f080f7b79dc57690.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.92 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.ix7.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

5dadc86cbee7b84de7a1779d064dc699be87794ada33d0e4903222233f4ca4eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
Date: Thu, 21 Sep 2023 16:40:48 GMT
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing: total;dur=21, dc;desc="ix7"
Content-Length: 942
Referrer-Policy: no-referrer-when-downgrade
Server: DMS/1.0.42
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary: X-DM-SSL,Accept-Encoding
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: https://geo.dailymotion.com
Cache-Control: private, max-age=600
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Thu, 21 Sep 2023 16:50:48 +0000

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 70DE 5 KB
3 KB 88ms
25ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gdetr.hit.gemius.pl
URL: https://gdetr.hit.gemius.pl/gemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: f2aa514c240ea839fd59e888a140f6e6f8fa77f56a8c1874d25536d5ab915937

Request headers

Referer: https://gdetr.hit.gemius.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2723
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 16:40:48 GMT
etag: PRIVATE7520710249
expires: Sat, 21 Oct 2023 16:40:48 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 5C6C 139 KB
48 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: trgde.adocean.pl
URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48652
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 16:46:37 GMT

GET
H/1.1 200
OK criteo-us Show response
layer.serve.admatic.com.tr/v1/ Frame 72EA 15 B
447 B 155ms
46ms Document
application/json 212.57.20.60
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://layer.serve.admatic.com.tr/v1/criteo-us?d=https://glucotrust1.bigofferattention.site/&rd=https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3Dcriteo%26gdpr%3D0%26gdpr_consent%3D%26uid%3DUID
Requested by: Host: cdn.serve.admatic.com.tr
URL: https://cdn.serve.admatic.com.tr/showad/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.57.20.60 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-212-57-20-60.reverse.superonline.net
Software: / Express
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer: https://cdn.serve.admatic.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: https://cdn.serve.admatic.com.tr
content-length: 15
content-type: application/json; charset=utf-8
date: Thu, 21 Sep 2023 16:40:49 GMT
etag: W/"f-NQVRlQfKHCoInEbhALgECMonhCE"
keep-alive: timeout=5
x-powered-by: Express

GET
H/1.1

200
OK

setuid Show response
prebid.serve.admatic.com.tr/ Frame F531
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic-pbs&redir=1
https://creativecdn.com/cm-notify?pi=admatic-pbs&redir=1&tc=1
https://prebid.serve.admatic.com.tr/setuid?bidder=rtbhouse&gdpr=0&gdpr_consent=&f=i&uid=yaHMOsCuILhB55lk1qEv&pi=admatic-pbs&redir=1&tc=1

86 B
583 B

124ms
46ms

Document
image/png

212.57.20.61
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.serve.admatic.com.tr/setuid?bidder=rtbhouse&gdpr=0&gdpr_consent=&f=i&uid=yaHMOsCuILhB55lk1qEv&pi=admatic-pbs&redir=1&tc=1
Requested by: Host: cdn.serve.admatic.com.tr
URL: https://cdn.serve.admatic.com.tr/showad/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.57.20.61 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-212-57-20-61.reverse.superonline.net
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer: https://cdn.serve.admatic.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 86
content-type: image/png
date: Thu, 21 Sep 2023 16:40:49 GMT
expires: 0
pragma: no-cache
vary: Origin

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Thu, 21 Sep 2023 16:40:48 GMT Thu, 21 Sep 2023 16:40:48 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://prebid.serve.admatic.com.tr/setuid?bidder=rtbhouse&gdpr=0&gdpr_consent=&f=i&uid=yaHMOsCuILhB55lk1qEv&pi=admatic-pbs&redir=1&tc=1
pragma: no-cache

GET
H2 200 pbsync.html Show response
js.adscale.de/ Frame 0F26 3 KB
2 KB 59ms
7ms Document
text/html 2600:9000:223f:6200:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
Requested by: Host: cdn.serve.admatic.com.tr
URL: https://cdn.serve.admatic.com.tr/showad/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2e9bc088c597c87498eaf303ba5be8ce8b84e0a187576c89c7cb33579e35963

Request headers

Referer: https://cdn.serve.admatic.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5171
cache-control: max-age=7200, stale-while-revalidate=86400
content-encoding: br
content-type: text/html
date: Thu, 21 Sep 2023 15:14:38 GMT
etag: W/"093414ce71e32cba0aa5d32e70ce697c"
last-modified: Sat, 16 Sep 2023 21:39:41 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-id: _HAcv1RMF8D7_DOM72j2I8G5ujrImx3wVxoLRz6vDNxaq38qHsM3gQ==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: mW7_cXy.fwRJniWrELOXPO2auSiwnhz7
x-cache: Hit from cloudfront

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 2CC3 0
160 B 69ms
20ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?t=image&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3Dadkernel%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%7BUID%7D
Requested by: Host: cdn.serve.admatic.com.tr
URL: https://cdn.serve.admatic.com.tr/showad/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.serve.admatic.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Thu, 21 Sep 2023 16:40:48 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 cookie
cm.adform.net/ Frame 76AD 43 B
106 B 76ms
23ms Image
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.serve.admatic.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:48 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

setuid
prebid.serve.admatic.com.tr/ Frame 76AD
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_pr...
https://prebid.serve.admatic.com.tr/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=27bed5e3-0757-421e-ac9d-5c5fd8856bab

86 B
595 B

189ms
70ms

Image
image/png

212.57.20.61
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.serve.admatic.com.tr/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=27bed5e3-0757-421e-ac9d-5c5fd8856bab
Protocol: HTTP/1.1
Server: 212.57.20.61 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-212-57-20-61.reverse.superonline.net
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.serve.admatic.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Thu, 21 Sep 2023 16:40:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 86
vary: Origin
content-type: image/png

Redirect headers

location: https://prebid.serve.admatic.com.tr/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=27bed5e3-0757-421e-ac9d-5c5fd8856bab
date: Thu, 21 Sep 2023 16:40:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 76AD 0
239 B 41ms
8ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-admatic&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.serve.admatic.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 7d6e3b6fefbbeb4d018118d74243a2fc
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK 524340089_mp4_h264_aac_1.m3u8 Show response
proxy-044.dc3.dailymotion.com/sec(uI0lmEyiuZevWtjRWMybVViMNf5uyJ7S3TZZ8q5BiAXC8Z8oL8EoTd06iKHFCUP9sLn_gj_WxkYJME_UkOWd-pnQFWO2nfCo3uOZQg9pRPw)/video/980/043/ Frame B443 2 KB
679 B 197ms
142ms XHR
application/vnd.apple.mpegurl 188.65.126.211
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-044.dc3.dailymotion.com/sec(uI0lmEyiuZevWtjRWMybVViMNf5uyJ7S3TZZ8q5BiAXC8Z8oL8EoTd06iKHFCUP9sLn_gj_WxkYJME_UkOWd-pnQFWO2nfCo3uOZQg9pRPw)/video/980/043/524340089_mp4_h264_aac_1.m3u8
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.hlsjs.8d34f080f7b79dc57690.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.126.211 Vaux-sur-Seine, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: proxy-044.dc3.dailymotion.com
Software: lumberjack/2.5.2 /
Resource Hash: 30de75ad0c61e6f959ea866bef0696758f5c39555d439787a0e1197fe92ab711

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 16:40:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Sep 2023 13:36:32 GMT
Server: lumberjack/2.5.2
Access-Control-Max-Age: 600
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Content-Length: 300
Expires: Fri, 22 Sep 2023 16:40:49 GMT

GET
H2

200

uu Show response
ih.adscale.de/ Frame 0F26
Redirect Chain

https://ih.adscale.de/uu?cbfn=receive&t=1695314448
https://ih.adscale.de/uu?cbfn=receive&t=1695314448&nut&uu=62d2c60354474d1e9647e09f3ba8b2de

44 B
213 B

14ms
13ms

Script
text/javascript

18.158.134.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/uu?cbfn=receive&t=1695314448&nut&uu=62d2c60354474d1e9647e09f3ba8b2de
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 18.158.134.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-134-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6f9f1f0d79720ab0f40ebd4883921d6d3e99e02478d6ef07c6aa91d50b9d5341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:49 GMT
content-length: 44
content-type: text/javascript;charset=ISO-8859-1

Redirect headers

location: https://ih.adscale.de/uu?cbfn=receive&t=1695314448&nut&uu=62d2c60354474d1e9647e09f3ba8b2de
date: Thu, 21 Sep 2023 16:40:49 GMT
content-length: 0

GET
H2

200

redot.js Show response
gdetr.hit.gemius.pl/__/_1695314448991/
Redirect Chain

https://gdetr.hit.gemius.pl/_1695314448991/redot.js?id=4PYMM27L7Qr6Cg5sU050cHCQQV2.8ocumTNtVQnc9dv.27/fastid=lzxmprncomzdxnktegapzmvgzmnz/stparam=udlslqkosq&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_...
https://gdetr.hit.gemius.pl/__/_1695314448991/redot.js?id=4PYMM27L7Qr6Cg5sU050cHCQQV2.8ocumTNtVQnc9dv.27/fastid=lzxmprncomzdxnktegapzmvgzmnz/stparam=udlslqkosq&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%...

2 B
181 B

35ms
35ms

XHR
application/x-javascript

188.165.145.88
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/__/_1695314448991/redot.js?id=4PYMM27L7Qr6Cg5sU050cHCQQV2.8ocumTNtVQnc9dv.27/fastid=lzxmprncomzdxnktegapzmvgzmnz/stparam=udlslqkosq&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=ls%3D1%7Ctpb%3D1%7Cifr%3D0%7Ctq%3D1&lsdata=npzK2pGRLM7O0s7X7N4ZV5F2MH.AZSRmpD0tDdRskGz.I7y37j17N3y6d.gWufq5ABTsP62QzDHmdKGcIBl4RiQrmkuz/MuOtvj1izoWMU/&href=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F
Protocol: H2
Server: 188.165.145.88 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:49 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://glucotrust1.bigofferattention.site
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Wed, 20 Sep 2023 16:40:49 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:49 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://glucotrust1.bigofferattention.site
location: /__/_1695314448991/redot.js?id=4PYMM27L7Qr6Cg5sU050cHCQQV2.8ocumTNtVQnc9dv.27/fastid=lzxmprncomzdxnktegapzmvgzmnz/stparam=udlslqkosq&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=ls%3D1%7Ctpb%3D1%7Cifr%3D0%7Ctq%3D1&lsdata=npzK2pGRLM7O0s7X7N4ZV5F2MH.AZSRmpD0tDdRskGz.I7y37j17N3y6d.gWufq5ABTsP62QzDHmdKGcIBl4RiQrmkuz/MuOtvj1izoWMU/&href=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 20 Sep 2023 16:40:49 GMT

POST
H/1.1 404
Not Found query Show response
query.serve.admatic.com.tr/ 44 B
595 B 48ms
48ms Fetch
application/json 212.57.20.60
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://query.serve.admatic.com.tr/query?cst=e1d23654-a90f-4e18-ab61-98e8d01ed85c&x-adtype=14&x-publisherID=170280064928&x-adSlotID=18q9f&x-admGroup=adm-pub-140550463727
Requested by: Host: cdn.serve.admatic.com.tr
URL: https://cdn.serve.admatic.com.tr/showad/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.57.20.60 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-212-57-20-60.reverse.superonline.net
Software: /
Resource Hash: 65300b637f4c3b1c2eb9b8c052bc2d02c215eb75a4196d7737a932723dd2a646

Request headers

Referer: https://glucotrust1.bigofferattention.site/
accept-language: de-DE,de;q=0.9
x-referer: https://glucotrust1.bigofferattention.site/
debug-tag: <ins data-publisher="adm-pub-140550463727" data-ad-network="170280064928" data-ad-type-id="995718032" data-ad-slot="4267312782" class="adm-ads-area" data-ad-slot-generated="18q9f" r="1"></ins>
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Sep 2023 16:40:49 GMT
cst-cookie: e1d23654-a90f-4e18-ab61-98e8d01ed85c
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://glucotrust1.bigofferattention.site
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-referer,debug-tag
content-length: 44

OPTIONS
H/1.1 200
OK query
query.serve.admatic.com.tr/ Frame 0
0 47ms
47ms Preflight 212.57.20.60
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://query.serve.admatic.com.tr/query?cst=e1d23654-a90f-4e18-ab61-98e8d01ed85c&x-adtype=14&x-publisherID=170280064928&x-adSlotID=18q9f&x-admGroup=adm-pub-140550463727
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.57.20.60 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-212-57-20-60.reverse.superonline.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,debug-tag,x-referer
Access-Control-Request-Method: POST
Origin: https://glucotrust1.bigofferattention.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-referer,debug-tag
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://glucotrust1.bigofferattention.site
access-control-max-age: 3600
content-length: 0
date: Thu, 21 Sep 2023 16:40:49 GMT

GET
H2 200 userconnect.js Show response
js.adscale.de/ Frame 0F26 11 KB
4 KB 8ms
7ms Script
application/javascript 2600:9000:223f:6200:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d47e38fb3d5ed1d1cebe3963f5a2693790803161983a1986bc0e0ef816b2d5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: HZrmsgMEyiYvc9tk8KvXJHL6P4FXdq7l
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
date: Thu, 21 Sep 2023 15:39:44 GMT
last-modified: Sat, 16 Sep 2023 21:39:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 3666
x-amz-server-side-encryption: AES256
etag: W/"541486c56f99f058401ce55dff0f57f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, stale-while-revalidate=86400
x-amz-cf-id: UTWvYKnwrGRvhWfnSECfqjE04UEMjmmYkk0TnlzUYJUGGAUDsizGIw==

GET
H/1.1 200
OK setuid
prebid.serve.admatic.com.tr/ Frame 0F26 0
516 B 112ms
46ms Image
text/html 212.57.20.61
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.serve.admatic.com.tr/setuid?bidder=stroeerCore&gdpr=0&gdpr_consent=&f=b&uid=62d2c60354474d1e9647e09f3ba8b2de
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.serve.admatic.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.57.20.61 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-212-57-20-61.reverse.superonline.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Thu, 21 Sep 2023 16:40:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
content-type: text/html

GET
H2 200 userconnect Show response
ih.adscale.de/ Frame 0F26 148 B
223 B 8ms
7ms Script
application/javascript 18.158.134.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1695314449038&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fcdn.serve.admatic.com.tr%2F
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.134.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-134-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7f4f162c1035cd8d787c94200a0b99ccf609040219c885286abab4b13fcb3836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:49 GMT
content-length: 148
content-type: application/javascript

GET
H2 200 map Show response
ih.adscale.de/ Frame B8D3 2 KB
3 KB 9ms
9ms Document
text/html 18.158.134.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fcdn.serve.admatic.com.tr%2F&gdpr=0
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.134.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-134-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a8b4f22452dd8cf6ce928001bc6fbb4dc7ec5262d1fcd8989c9bb350ca2a630e

Request headers

Referer: https://js.adscale.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 2504
content-type: text/html;charset=ISO-8859-1
date: Thu, 21 Sep 2023 16:40:49 GMT

GET
H2 200 match.js Show response
js.adscale.de/ Frame B8D3 4 KB
2 KB 7ms
7ms Script
application/javascript 2600:9000:223f:6200:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/match.js
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fcdn.serve.admatic.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: Z3fdOIWMShOKKxGKlhZLgr564m6ApjW.
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
date: Thu, 21 Sep 2023 15:00:01 GMT
last-modified: Sat, 16 Sep 2023 21:39:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 6049
x-amz-server-side-encryption: AES256
etag: W/"ff7cce9128150bd82f1a709c03692e3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, stale-while-revalidate=86400
x-amz-cf-id: hHPPemXthILovP71Nfc_ncSkI0ni11IUeBgfKUQz-znVIccwo3dBSw==

GET
H2

200

img
ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/ Frame B8D3
Redirect Chain

https://bbnaut.ibillboard.com/match/AdScale?partneruid=62d2c60354474d1e9647e09f3ba8b2de&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865ad112a46a7f%2F1695314449056%2F0%2Fimg%3Ftpid%...
https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?tpid=101&tpuid=BBID-01-03700284491435576-17030268

49 B
461 B

9ms
8ms

Image
image/gif

18.158.134.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?tpid=101&tpuid=BBID-01-03700284491435576-17030268
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fcdn.serve.admatic.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.134.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-134-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 21 Sep 2023 16:40:49 GMT
content-length: 49
content-type: image/gif

Redirect headers

location: https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?tpid=101&tpuid=BBID-01-03700284491435576-17030268
date: Thu, 21 Sep 2023 16:40:49 GMT
cache-control: private, max-age=3600
access-control-allow-credentials: true
server: nginx
p3p: CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"

GET
H/1.1 200
OK 524340089_mp4_h264_aac_1.ts Show response
proxy-044.dc3.dailymotion.com/sec(uI0lmEyiuZevWtjRWMybVViMNf5uyJ7S3TZZ8q5BiAXC8Z8oL8EoTd06iKHFCUP9sLn_gj_WxkYJME_UkOWd-pnQFWO2nfCo3uOZQg9pRPw)/frag(1)/video/980/043/ Frame B443 253 KB
254 KB 16ms
16ms XHR
video/mp2t 188.65.126.211
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-044.dc3.dailymotion.com/sec(uI0lmEyiuZevWtjRWMybVViMNf5uyJ7S3TZZ8q5BiAXC8Z8oL8EoTd06iKHFCUP9sLn_gj_WxkYJME_UkOWd-pnQFWO2nfCo3uOZQg9pRPw)/frag(1)/video/980/043/524340089_mp4_h264_aac_1.ts
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.hlsjs.8d34f080f7b79dc57690.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.126.211 Vaux-sur-Seine, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: proxy-044.dc3.dailymotion.com
Software: lumberjack/2.5.2 /
Resource Hash: 5fc05c45d4a2350c36ef1557727d514ec48d27aec791c65fb7705d768775b33d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 16:40:49 GMT
Last-Modified: Tue, 19 Sep 2023 13:36:32 GMT
Server: lumberjack/2.5.2
Access-Control-Max-Age: 600
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Content-Length: 259252
Expires: Fri, 22 Sep 2023 16:40:49 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame B8D3
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=65af25e627c8d3904ebb85dc0...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Fgdpr%3D0%26tpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adsc...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=ZQxyEaQrBbKkH-3IqrE.bAAA%265179

49 B
553 B

16ms
15ms

Image
image/gif

18.158.134.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=ZQxyEaQrBbKkH-3IqrE.bAAA%265179
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fcdn.serve.admatic.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.134.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-134-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 21 Sep 2023 16:40:49 GMT
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZI0LrfAdUP474LwzUrbOnLx4SSLwtiE8JDNcE%2Fcgra6tmjYY8B6zX0WVuDOscaUkxzMpWh1HmTzhym562BSYlCMRW2OScuImUinVmY81822xcLGWoCKLMxtx6uwNzgppAWfpQw2e"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=ZQxyEaQrBbKkH-3IqrE.bAAA%265179
cache-control: no-cache
cf-ray: 80a3c08bd9369153-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK 524340089_mp4_h264_aac_hq_1.m3u8 Show response
proxy-044.dc3.dailymotion.com/sec(uI0lmEyiuZevWtjRWMybVViMNf5uyJ7S3TZZ8q5BiAVnrL6y2SJT2hJ09JYUYfZ4JT8dL18bz72c1PXXxheJKuSQYux8ncXNBhQGpc9J1QU)/video/980/043/ Frame B443 2 KB
679 B 92ms
92ms XHR
application/vnd.apple.mpegurl 188.65.126.211
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-044.dc3.dailymotion.com/sec(uI0lmEyiuZevWtjRWMybVViMNf5uyJ7S3TZZ8q5BiAVnrL6y2SJT2hJ09JYUYfZ4JT8dL18bz72c1PXXxheJKuSQYux8ncXNBhQGpc9J1QU)/video/980/043/524340089_mp4_h264_aac_hq_1.m3u8
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.hlsjs.8d34f080f7b79dc57690.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.126.211 Vaux-sur-Seine, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: proxy-044.dc3.dailymotion.com
Software: lumberjack/2.5.2 /
Resource Hash: 0833bb72487c95b7a536395f02a098fa8d80d0507fce45b6b508b143402cd592

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 16:40:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Sep 2023 13:36:32 GMT
Server: lumberjack/2.5.2
Access-Control-Max-Age: 600
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Content-Length: 300
Expires: Fri, 22 Sep 2023 16:40:49 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B8D3 70 B
265 B 107ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adscale&ttd_tpi=1&uid=6bab4ef52600ab12c6419dcdb7e92a8925d312e9819c514f840e7c1e521960c6&tpid=60&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865ad112a46a7f%2F1695314449056%2F0%2Fimg&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fcdn.serve.admatic.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 21 Sep 2023 16:40:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK 524340089_mp4_h264_aac_hq_1.ts Show response
proxy-044.dc3.dailymotion.com/sec(uI0lmEyiuZevWtjRWMybVViMNf5uyJ7S3TZZ8q5BiAVnrL6y2SJT2hJ09JYUYfZ4JT8dL18bz72c1PXXxheJKuSQYux8ncXNBhQGpc9J1QU)/frag(1)/video/980/043/ Frame B443 371 KB
372 KB 17ms
16ms XHR
video/mp2t 188.65.126.211
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-044.dc3.dailymotion.com/sec(uI0lmEyiuZevWtjRWMybVViMNf5uyJ7S3TZZ8q5BiAVnrL6y2SJT2hJ09JYUYfZ4JT8dL18bz72c1PXXxheJKuSQYux8ncXNBhQGpc9J1QU)/frag(1)/video/980/043/524340089_mp4_h264_aac_hq_1.ts
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.hlsjs.8d34f080f7b79dc57690.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.126.211 Vaux-sur-Seine, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: proxy-044.dc3.dailymotion.com
Software: lumberjack/2.5.2 /
Resource Hash: f29979dd9647e3a63083e62500d36dd647a80ef6e764dfefcf6dd4c79b8e8194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 16:40:49 GMT
Last-Modified: Tue, 19 Sep 2023 13:36:32 GMT
Server: lumberjack/2.5.2
Access-Control-Max-Age: 600
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Content-Length: 380136
Expires: Fri, 22 Sep 2023 16:40:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 113ms
113ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309200101&jk=10808002795017&bg=!f3ylfDPNAAYrDsWMCw47ADQBe5WfOEbpEhsjV_GZPIsTbzWrXQdy7IML93OUj6ye0ukZBu9t4RFwzEmWhORk7yDhz5KgAgAAASpSAAAAB2gBBwoAM1e0v2TUGoihpo5pCtpY_ofFkXoLwZtLjBMDgiAn-50_oyJ0vN4utnNYMN3FtL2UFZiT-5kCx6bYaQu8EHWMYo80jpCVhFClS-IZCUQw5MzznLOuwCyWc78mALTyV66oWRIC9b1H4BX_d0-D-f6uAjJCE2KOxrhUcdiILcbtwVbZ5_NNtIFsWyuqusSm6V396FICWZY4oX6HFut10A7RUp_yk39nghtRqoXWGRxVGM1sidsFXw2Frau2cfjlf1URopD-Lu2wGikdMDhM-OjJsS_lqZRv4aTrrGs24J5Egdkt1GIlBYd4IumuSeR5kecKhLK-V54Ug05n8kMPZbPcje0HQlepR9fbnw3rq-i7GgoAm5PZU65sIlj5T7aPPRO0o4EXLPKtqBgHN_atkPHRqvIrhte5fHYHKGzDI-V6-cpZWCiJbzE7pxv4d9svOt2uI10WqLhJcWVJm81s1AosWvpLeyOrz_Ypt1zI77qsVNJx2Cr1qN4M-nHT6twK07a3WpvJSB_e2W8-2ivKeQz6Xs6lIp7vjXyspP3-7Lx87XsOZ9GKSrXj6QBgpbuYHspaLTLe9SfSXJaT7iwF2qcD-lLeWq8a4L7DYkhXCLfNehgQcVsrzIgK9c4Kekz84W2JGQhb10zj269CmXJJk8rkleyf3c7FDPfCFtmhjCDb6EJHEgLWnfJKWjeU-CCVtDYxED0M9OtKPmbhEVSIsakGF5aBtG_GC7EWsPkUAZrs0kKHD1No8vngTsXn6t9c4o_4qgmEL5YAKWbZ-k6vazHwUmCPa1DjoLNGubVC9BiZngAhrY5qfZu3W69BSO91KvmpRNOzRoMWx8UhB-_61KW7Lnb_nrES127To5FBB0ZEBuzCbooKEd9ilZgJwvmrX54Ho39p3UYU93AbtmZ9h4OVKs3tY5CzVtPknemRv0mN2DI3dOrWeu9uUEd7MUh3xH-geNWsfW-595MRlnVDkBYXwIgNpYnQkouqo_T2WX4kMqQ5XYv6hpctS0iba_Q1xw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
BLOB 200
OK 8e017ceb-b65b-4a36-bd5d-d0e8f52b688b
https://geo.dailymotion.com/ Frame B443 366 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://geo.dailymotion.com/8e017ceb-b65b-4a36-bd5d-d0e8f52b688b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 879adb2f4c84480e0f90e4cb6e06837d51ccc92602b439011448d178bdde603e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 374987
Content-Type: text/javascript

GET
H2

200

img
ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/ Frame B8D3
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=9&uid=eb4c2b5fe5cb931014605d83e6ec8100b2c67c7921de4ec6aa6955add250bd8f&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865a...
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=eb4c2b5fe5cb931014605d83e6ec8100b2c67c7921de4ec6aa6955add250bd8f&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a...
https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?tpid=42&gdpr=0&tpuid=2251294470020019651

49 B
564 B

13ms
13ms

Image
image/gif

18.158.134.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?tpid=42&gdpr=0&tpuid=2251294470020019651
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fcdn.serve.admatic.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.134.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-134-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 21 Sep 2023 16:40:49 GMT
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?tpid=42&gdpr=0&tpuid=2251294470020019651
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK 524340089_mp4_h264_aac_hq_1.ts Show response
proxy-044.dc3.dailymotion.com/sec(uI0lmEyiuZevWtjRWMybVViMNf5uyJ7S3TZZ8q5BiAVnrL6y2SJT2hJ09JYUYfZ4JT8dL18bz72c1PXXxheJKuSQYux8ncXNBhQGpc9J1QU)/frag(1)/video/980/043/ Frame B443 371 KB
372 KB 16ms
16ms XHR
video/mp2t 188.65.126.211
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-044.dc3.dailymotion.com/sec(uI0lmEyiuZevWtjRWMybVViMNf5uyJ7S3TZZ8q5BiAVnrL6y2SJT2hJ09JYUYfZ4JT8dL18bz72c1PXXxheJKuSQYux8ncXNBhQGpc9J1QU)/frag(1)/video/980/043/524340089_mp4_h264_aac_hq_1.ts
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.hlsjs.8d34f080f7b79dc57690.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.126.211 Vaux-sur-Seine, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: proxy-044.dc3.dailymotion.com
Software: lumberjack/2.5.2 /
Resource Hash: f29979dd9647e3a63083e62500d36dd647a80ef6e764dfefcf6dd4c79b8e8194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 16:40:49 GMT
Last-Modified: Tue, 19 Sep 2023 13:36:32 GMT
Server: lumberjack/2.5.2
Access-Control-Max-Age: 600
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Content-Length: 380136
Expires: Fri, 22 Sep 2023 16:40:49 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame B8D3
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=5fde7ce3-2948-409e-8860-17a89f5c86d8&gdpr=0

49 B
586 B

10ms
10ms

Image
image/gif

18.158.134.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=5fde7ce3-2948-409e-8860-17a89f5c86d8&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fcdn.serve.admatic.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.134.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-134-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 21 Sep 2023 16:40:49 GMT
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:49 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=5fde7ce3-2948-409e-8860-17a89f5c86d8&gdpr=0
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1085432
content-length: 0
expires: Thu, 21 Sep 2023 00:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/ Frame B8D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=2e43bbec25bf2235444a5e4c90639e8670c47e0c981cc524056fa16f81e95ae8&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea...
https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?uid=2e43bbec25bf2235444a5e4c90639e8670c47e0c981cc524056fa16f81e95ae8&tpid=38&gdpr=0&tpuid=CAESENY-DToNiWIk1qoj0-uYzA4...

49 B
604 B

17ms
17ms

Image
image/gif

18.158.134.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?uid=2e43bbec25bf2235444a5e4c90639e8670c47e0c981cc524056fa16f81e95ae8&tpid=38&gdpr=0&tpuid=CAESENY-DToNiWIk1qoj0-uYzA4&google_cver=1
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fcdn.serve.admatic.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.134.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-134-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 21 Sep 2023 16:40:49 GMT
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?uid=2e43bbec25bf2235444a5e4c90639e8670c47e0c981cc524056fa16f81e95ae8&tpid=38&gdpr=0&tpuid=CAESENY-DToNiWIk1qoj0-uYzA4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 424
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/ Frame B8D3
Redirect Chain

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d4116a8865ad112a46a7f%2F1695314449056%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
https://adscale-emea.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fih.adscale.de%252Fsium%252F3ea5dc64954d4116a8865ad112a46a7f%252F1695314449056%252F0%252Fimg%253Ftpid%253D75%2526tpuid%253D%2524...
https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?tpid=75&tpuid=5249015533214457049&gdpr=0

49 B
613 B

9ms
9ms

Image
image/gif

18.158.134.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?tpid=75&tpuid=5249015533214457049&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fcdn.serve.admatic.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.134.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-134-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 21 Sep 2023 16:40:49 GMT
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:49 GMT
an-x-request-uuid: 0efa9b5c-faad-428e-8d29-d607c81348c2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/img?tpid=75&tpuid=5249015533214457049&gdpr=0
x-proxy-origin: 81.95.5.40; 81.95.5.40; 865.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

js Show response
ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/ Frame B8D3
Redirect Chain

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=a8e7a03b4592842b232cc9201f651f427b3dcc073f566dc578af180f627c04a6&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d41...
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=a8e7a03b4592842b232cc9201f651f427b3dcc073f566dc578af180f627c04a6&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3ea5dc64954d41...
https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/js?tpid=48&tpuid=fa184d94910a191b7d96af61a5425a25

44 B
560 B

21ms
21ms

Script
text/javascript

18.158.134.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/js?tpid=48&tpuid=fa184d94910a191b7d96af61a5425a25
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fcdn.serve.admatic.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.134.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-134-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fe3a700dd4d4e0e5615aede66c4091d440e33540e28dd7ea1108ab856e5a65a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 21 Sep 2023 16:40:49 GMT
content-length: 44
content-type: text/javascript

Redirect headers

location: https://ih.adscale.de/sium/3ea5dc64954d4116a8865ad112a46a7f/1695314449056/0/js?tpid=48&tpuid=fa184d94910a191b7d96af61a5425a25
date: Thu, 21 Sep 2023 16:40:49 GMT
content-type: text/plain; charset=utf-8
content-length: 147
vary: Accept
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 redot.js Show response
gdetr.hit.gemius.pl/_1695314449853/ 2 B
256 B 19ms
19ms XHR
application/x-javascript 188.165.145.88
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/_1695314449853/redot.js?id=4PYMM27L7Qr6Cg5sU050cHCQQV2.8ocumTNtVQnc9dv.27/stparam=recjpnetyl&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=isn%3D0%7Cisn_d%3D6868%7Cisn_s_v%3D3v4d_4%7Cls%3D1%7Ctpb%3D1%7Cifr%3D0%7Ctq%3D2&lsdata=npzK2pGRLM7O0s7X7N4ZV5F2MH.AZSRmpD0tDdRskGz.I7y37j17N3y6d.gWufq5ABTsP62QzDHmdKGcIBl4RiQrmkuz/MuOtvj1izoWMU/&href=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F
Requested by: Host: gdetr.hit.gemius.pl
URL: https://gdetr.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.165.145.88 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glucotrust1.bigofferattention.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:49 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://glucotrust1.bigofferattention.site
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Wed, 20 Sep 2023 16:40:49 GMT

POST
H2 200 sium
ih.adscale.de/ Frame B8D3 0
0 9ms
8ms Fetch
application/json 18.158.134.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.134.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-134-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fcdn.serve.admatic.com.tr%2F&gdpr=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ih.adscale.de
date: Thu, 21 Sep 2023 16:40:49 GMT
access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 Click.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 2 KB
2 KB 21ms
18ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/Click.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 6df7f77c22d2b3fb04919fa8fe7eb49ced4a1e352872a290c454ae379c4e876c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:55:28 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A40000007D0B2E3DB27"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2000
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 Tarih_23.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 2 KB
2 KB 21ms
18ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/Tarih_23.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 31e941d1d8f61728d26f09eef840cc2901fc7b8241980ce25655a2f0d40bb040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:34 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A0A00000672D3623A35"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 1650
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 Buton.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 2 KB
2 KB 22ms
19ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/Buton.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: ed86e7ffb537422ccff21965b607630bb97297ec70533fb1b8b1758561db92c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:34 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A0A0000067393D67D6B"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 1651
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 970x250-BG.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 12 KB
12 KB 22ms
19ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/970x250-BG.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 2f344cb62a12b6432d4d9a77712ba152e0ed2c757a325bc64f6cefbaf26d1686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:38 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A0E00002F9C32171005"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 12188
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 1-Tabakset.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 14 KB
14 KB 22ms
20ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/1-Tabakset.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 29b5cf02389a14f358d3abf094c2aa4a16e2b87fefe73f74e4659d0d551b31ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:40 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A10000036AF8D910720"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 13999
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 1-Tabakset-Yatay.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 4 KB
5 KB 22ms
20ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/1-Tabakset-Yatay.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: e3d21d629ef5e165eab8b760a25108eaaf0dd01e29fa6614a78e9861989cdb2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:42 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A12000011BAC9BB60A0"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 4538
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 2-Perde.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 21 KB
21 KB 23ms
20ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/2-Perde.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 9c958b4fcdc5729a78abcaecc98bf4423d1ce0fc117163b5ac3e0cab98e58757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:43 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A13000054F628E4CD80"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 21750
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 2-Perde-Yatay.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 3 KB
3 KB 23ms
21ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/2-Perde-Yatay.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 93f59f84131ceb91884a84d38f6fbc6dbcd94857388cd52972c6eba3deaf08e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:45 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A1500000D260A30402B"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3366
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 3-Hurc.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 14 KB
14 KB 23ms
21ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/3-Hurc.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 579123ccb65bff6f7e755e5a2d784116f718b127cbb73623b9013e2f93a1f82f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:47 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A170000372313E715E4"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 14115
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 3-Hurc-Yatay.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 4 KB
4 KB 23ms
21ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/3-Hurc-Yatay.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: c18b1bbe042941e331c23e3dd80fb5690eb98692068c2658d4e7014e0ac6d305

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:48 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A1800000F427A1F9990"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3906
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 4-Supurge.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 4 KB
4 KB 54ms
52ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/4-Supurge.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 30b6d4b6c3dce102c3b12c8778084d30d28138ad970bd5634b8aedda8a397e75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:49 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A19000011A447FF0E87"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 4516
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 4-Supurge-Yatay.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 5 KB
5 KB 54ms
53ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/4-Supurge-Yatay.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 814eaf07b84eecb6558d3348639384e5e244a0a995a8ef916d1917ec98fe846b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:35 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A0B000013F215583039"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5106
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 5-Ocak.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 9 KB
9 KB 54ms
53ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/5-Ocak.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: bd5cf25f27f56b2cad0ce44ea43dfe72948b01c8ab289f1eb6a53a31b28b98e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:36 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A0C000023BAE183EFF8"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 9146
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 5-Ocak-Yatay.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 5 KB
5 KB 55ms
53ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/5-Ocak-Yatay.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 8c53067f233ea604e4329397d7cedbe99ca958980365d428445d8029135f6564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:36 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A0C0000138A1BEE1010"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5002
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
DATA 200
OK truncated
/ Frame 5C6C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Tarih_23.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 2 KB
2 KB 25ms
24ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/Tarih_23.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 31e941d1d8f61728d26f09eef840cc2901fc7b8241980ce25655a2f0d40bb040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:34 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A0A00000672D3623A35"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 1650
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 Click.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 2 KB
2 KB 25ms
25ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/Click.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 6df7f77c22d2b3fb04919fa8fe7eb49ced4a1e352872a290c454ae379c4e876c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:55:28 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A40000007D0B2E3DB27"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2000
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 1-Tabakset.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 14 KB
14 KB 25ms
25ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/1-Tabakset.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 29b5cf02389a14f358d3abf094c2aa4a16e2b87fefe73f74e4659d0d551b31ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:40 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A10000036AF8D910720"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 13999
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 5-Ocak.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 9 KB
9 KB 20ms
18ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/5-Ocak.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: bd5cf25f27f56b2cad0ce44ea43dfe72948b01c8ab289f1eb6a53a31b28b98e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:36 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A0C000023BAE183EFF8"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 9146
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 4-Supurge-Yatay.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 5 KB
5 KB 20ms
19ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/4-Supurge-Yatay.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 814eaf07b84eecb6558d3348639384e5e244a0a995a8ef916d1917ec98fe846b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:35 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A0B000013F215583039"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5106
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 3-Hurc-Yatay.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 4 KB
4 KB 21ms
19ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/3-Hurc-Yatay.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: c18b1bbe042941e331c23e3dd80fb5690eb98692068c2658d4e7014e0ac6d305

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:48 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A1800000F427A1F9990"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3906
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 3-Hurc.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 14 KB
14 KB 21ms
20ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/3-Hurc.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 579123ccb65bff6f7e755e5a2d784116f718b127cbb73623b9013e2f93a1f82f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:47 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A170000372313E715E4"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 14115
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 2-Perde-Yatay.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 3 KB
3 KB 21ms
20ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/2-Perde-Yatay.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 93f59f84131ceb91884a84d38f6fbc6dbcd94857388cd52972c6eba3deaf08e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:45 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A1500000D260A30402B"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3366
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 1-Tabakset-Yatay.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 4 KB
4 KB 21ms
20ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/1-Tabakset-Yatay.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: e3d21d629ef5e165eab8b760a25108eaaf0dd01e29fa6614a78e9861989cdb2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:42 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A12000011BAC9BB60A0"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 4538
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 5-Ocak-Yatay.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 5 KB
5 KB 19ms
18ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/5-Ocak-Yatay.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 8c53067f233ea604e4329397d7cedbe99ca958980365d428445d8029135f6564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:36 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A0C0000138A1BEE1010"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5002
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 4-Supurge.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 4 KB
4 KB 20ms
19ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/4-Supurge.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 30b6d4b6c3dce102c3b12c8778084d30d28138ad970bd5634b8aedda8a397e75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:49 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A19000011A447FF0E87"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 4516
expires: Fri, 10 Nov 2023 16:40:51 GMT

GET
H2 200 2-Perde.png
trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/ Frame 5C6C 21 KB
21 KB 20ms
20ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/2-Perde.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 9c958b4fcdc5729a78abcaecc98bf4423d1ce0fc117163b5ac3e0cab98e58757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akimfewnncy/kdgqqkihro/mnnhbonsgm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:40:51 GMT
last-modified: Tue, 19 Sep 2023 12:54:43 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "65099A13000054F628E4CD80"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 21750
expires: Fri, 10 Nov 2023 16:40:51 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je39i0&_p=59546130&cid=66054069.1695314448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1695314447&sct=1&seg=0&dl=https%3A%2F%2Fglucotrust1.bigofferattention.site%2F&dt=Havada%20u%C3%A7arak%20geldi!%20%C4%B0ki%20oyuncuyu%20birden%20sakatlay%C4%B1p%20hastanelik%20etti%20-%20Haberler&_s=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://glucotrust1.bigofferattention.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 16:40:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://glucotrust1.bigofferattention.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame B443 15 B
363 B 36ms
36ms XHR
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.4d691f5427958445345e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept: application/json, text/plain, */*
Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Thu, 21 Sep 2023 16:40:53 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d.haberler.com
URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522BIM_22_EYL%25C3%259CL_AKTUEL_CUMA%2520Masthead%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
glucotrust1.bigofferattention.site/	1970-01-20 14:56:40	Name: readNewsIdList Value: ,16346625
.bigofferattention.site/	1970-01-20 14:56:40	Name: _gid Value: GA1.2.142767620.1695314448
.bigofferattention.site/	1970-01-20 14:55:14	Name: _gat Value: 1
glucotrust1.bigofferattention.site/	1970-01-20 14:56:40	Name: enable_page_level_ads Value: 1
.bigofferattention.site/	1970-01-21 00:31:14	Name: _ga Value: GA1.1.66054069.1695314448
.dailymotion.com/	1969-12-31 23:59:59	Name: dmvk Value: 650c720fb334f
.dailymotion.com/	1970-01-21 00:25:28	Name: ts Value: 136141
.dailymotion.com/	1970-01-21 00:25:28	Name: v1st Value: 59fa16bf-cf71-4e6a-a090-4d754cb8067a
glucotrust1.bigofferattention.site/	1970-01-20 14:56:40	Name: ClientCountryCode Value:
.bigofferattention.site/	1970-01-20 23:40:50	Name: _ym_uid Value: 1695314448443099646
.bigofferattention.site/	1970-01-20 23:40:50	Name: _ym_d Value: 1695314448
.mc.yandex.com/	1970-01-20 14:55:15	Name: sync_cookie_csrf Value: 4206489085fake
.bigofferattention.site/	1970-01-20 14:56:26	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 14:55:15	Name: sync_cookie_csrf Value: 2268834919fake
glucotrust1.bigofferattention.site/	1970-01-20 15:05:19	Name: smartbanner2 Value: p2
.bigofferattention.site/	1970-01-21 00:31:14	Name: _ga_FFKENFZBJW Value: GS1.1.1695314447.1.0.1695314448.59.0.0
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2032297921695314448
.yandex.com/	1970-01-21 00:31:14	Name: i Value: RwjNkZ2NyyTYYOZzBFfhKL6szZbOI0Qx3i6EmL9T1n4TEOsbg5B403lTelVICFspPsR/is7Ix9KRa+cogI64Lbxz15w=
.yandex.com/	1970-01-21 00:31:14	Name: yandexuid Value: 250564421695314448
.yandex.com/	1970-01-20 23:40:50	Name: yuidss Value: 250564421695314448
.yandex.com/	1970-01-20 23:40:50	Name: ymex Value: 1726850448.yrts.1695314448#1726850448.yrtsi.1695314448
.yandex.com/	1970-01-20 23:40:50	Name: bh Value: KgI/MA==
.dailymotion.com/	1970-01-21 00:24:02	Name: usprivacy Value: 1---
.bigofferattention.site/	1970-01-21 00:16:50	Name: __gads Value: ID=485665e4b70d8a9c:T=1695314448:RT=1695314448:S=ALNI_MaoMUBy9lVC164BWd4sExmD2dSqvw
.bigofferattention.site/	1970-01-21 00:16:50	Name: __gpi Value: UID=00000c7b234c007f:T=1695314448:RT=1695314448:S=ALNI_MabWFUOTPsnTJby4z19lYa0_c_Wqw
.bigofferattention.site/	1970-01-20 14:55:16	Name: _ym_visorc Value: b
.admatic.com.tr/	1970-01-20 15:38:26	Name: adplus_digital_id Value: 0.wkouy6frjzq
.admatic.com.tr/	1970-01-20 15:38:26	Name: adm-id5id Value: { "created_at": "2023-09-21T16:40:48.653769739Z", "id5_consent": false, "original_uid": "0", "universal_uid": "0", "link_type": 0, "cascade_needed": false, "privacy": { "jurisdiction": "gdpr", "id5_consent": false}, "ext": { "linkType": 0, "pba": "rG5Ckwpam4pSgOCHAWwUeA=="}}
.admatic.com.tr/	1970-01-20 15:38:26	Name: adm-cto Value: {}
.bidswitch.net/	1970-01-20 23:40:50	Name: tuuid Value: 27bed5e3-0757-421e-ac9d-5c5fd8856bab
.bidswitch.net/	1970-01-20 23:40:50	Name: c Value: 1695314448
.bidswitch.net/	1970-01-20 23:40:50	Name: tuuid_lu Value: 1695314448
.creativecdn.com/	1970-01-20 23:40:50	Name: u Value: yaHMOsCuILhB55lk1qEv
.creativecdn.com/	1970-01-20 23:40:50	Name: ts Value: 1695314448
.adscale.de/	1970-01-20 23:37:30	Name: uu Value: 62d2c60354474d1e9647e09f3ba8b2de
.admatic.com.tr/	1970-01-20 17:04:50	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJzdHJvZWVyQ29yZSI6eyJ1aWQiOiI2MmQyYzYwMzU0NDc0ZDFlOTY0N2UwOWYzYmE4YjJkZSIsImV4cGlyZXMiOiIyMDIzLTEwLTA1VDE2OjQwOjQ5LjExODYyOTcxMVoifX0sImJkYXkiOiIyMDIzLTA5LTIxVDE2OjQwOjQ5LjExODYyMDQxMVoifQ==
.casalemedia.com/	1970-01-20 23:40:50	Name: CMID Value: ZQxyEaQrBbKkH-3IqrE.bAAA
.casalemedia.com/	1970-01-20 17:04:50	Name: CMPS Value: 5179
.casalemedia.com/	1970-01-20 17:04:50	Name: CMPRO Value: 5179
.adform.net/	1970-01-20 15:38:26	Name: C Value: 1
.adform.net/	1970-01-20 16:21:38	Name: uid Value: 2251294470020019651
.criteo.com/	1970-01-21 00:16:50	Name: uid Value: 5fde7ce3-2948-409e-8860-17a89f5c86d8
.doubleclick.net/	1970-01-21 00:16:50	Name: IDE Value: AHWqTUmdB0oyK7K7u8ZaftexHQfb4BoXGi3wE86l5n2RumanVHf5mwcyVui9-j2FpwI
.adnxs.com/	1970-01-20 17:04:50	Name: uuid2 Value: 5249015533214457049
.adscale.de/	1970-01-20 23:37:30	Name: cct Value: 1695314449725
.m6r.eu/	1970-01-20 14:55:18	Name: test Value: true
.m6r.eu/	1970-01-20 17:04:50	Name: cct Value: 1695314449842
.m6r.eu/	1970-01-20 17:04:50	Name: id Value: fa184d94910a191b7d96af61a5425a25
.hit.gemius.pl/	1970-01-21 00:24:02	Name: Gdyn Value: KlSuKRGGQMQGnyOoAaosLfMUssGMXP8c25nSGhXirQoGo5MUGsRPIQlGvGQpRFb8SLL8RLcGsy8Pge9oaQG.
.ih.adscale.de/	1970-01-20 23:37:30	Name: tu Value: 4#2931076063#48~fa184d94910a191b7d96af61a5425a25~470920~0~0#101~BBID-01-03700284491435576-17030268~470920~0~0#38~CAESENY-DToNiWIk1qoj0-uYzA4~470920~0~0#40~5fde7ce3-2948-409e-8860-17a89f5c86d8~470920~0~0#42~2251294470020019651~470920~0~0#75~5249015533214457049~470920~0~0#60~~470920~470920~1#63~ZQxyEaQrBbKkH-3IqrE.bAAA&5179~470920~0~0

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js Message: Failed to load resource: the server responded with a status of 504 ()
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://glucotrust1.bigofferattention.site/1x1.gif Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://glucotrust1.bigofferattention.site/ Message: Access to XMLHttpRequest at 'https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522BIM_22_EYL%25C3%259CL_AKTUEL_CUMA%2520Masthead%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D' from origin 'https://glucotrust1.bigofferattention.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522BIM_22_EYL%25C3%259CL_AKTUEL_CUMA%2520Masthead%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://geo.dailymotion.com/libs/player/xz0y.js?_=1695314447580(Line 55) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://glucotrust1.bigofferattention.site/ajax/kat1003/mansetteki_haberler/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://glucotrust1.bigofferattention.site/mstatic/assets/js/lazyload.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://glucotrust1.bigofferattention.site/static/js/ah_2.js?v=0.02.113 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://static1.dmcdn.net/playerv5/dmp.photon_player.f947b8b6b5a346e89706.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
deprecation	warning	URL: https://cdn.serve.admatic.com.tr/showad/showad.js(Line 300) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network	error	URL: https://query.serve.admatic.com.tr/query?cst=e1d23654-a90f-4e18-ab61-98e8d01ed85c&x-adtype=14&x-publisherID=170280064928&x-adSlotID=18q9f&x-admGroup=adm-pub-140550463727&x-clientBidder=true Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://query.serve.admatic.com.tr/query?cst=e1d23654-a90f-4e18-ab61-98e8d01ed85c&x-adtype=14&x-publisherID=170280064928&x-adSlotID=18q9f&x-admGroup=adm-pub-140550463727 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://geo.dailymotion.com/player/xz0y.html?video=x8o6feh Message: The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adscale-emea.adnxs.com
bbnaut.ibillboard.com
c.keltis.com
cdn.p.analitik.bik.gov.tr
cdn.serve.admatic.com.tr
cm.adform.net
cm.g.doubleclick.net
creativecdn.com
d.haberler.com
d20305a98d81e287c749d79e48eb9e67.safeframe.googlesyndication.com
dis.criteo.com
dmxleo.dailymotion.com
fundingchoicesmessages.google.com
gdetr.hit.gemius.pl
geo.dailymotion.com
glucotrust1.bigofferattention.site
gum.criteo.com
id.ad-plus.com.tr
id5-sync.com
ih.adscale.de
imasdk.googleapis.com
ingest.serve.admatic.com.tr
js.adscale.de
layer.serve.admatic.com.tr
ls.hit.gemius.pl
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
pebed.dm-event.net
pixel.rubiconproject.com
prebid.serve.admatic.com.tr
proxy-044.dc3.dailymotion.com
query.serve.admatic.com.tr
region1.analytics.google.com
s.hbrcdn.com
s0.2mdn.net
securepubads.g.doubleclick.net
speedtest.dailymotion.com
ssum.casalemedia.com
static1.dmcdn.net
stats.g.doubleclick.net
sync.adkernel.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trgde.adocean.pl
vendorlist.dmcdn.net
www.dailymotion.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.haberler.com
x.bidswitch.net
d.haberler.com
104.18.27.193
142.250.185.226
146.59.30.96
162.19.138.116
163.171.132.42
176.235.30.103
178.250.1.9
178.79.242.16
18.158.134.1
18.198.87.254
185.102.219.172
185.102.219.173
185.184.8.90
188.165.145.88
188.65.124.59
188.65.124.66
188.65.124.91
188.65.124.92
188.65.126.211
194.213.62.34
2001:4860:4802:34::36
2001:4860:4802:36::178
212.57.20.60
212.57.20.61
212.68.47.11
2600:9000:223f:6200:f:4f64:8940:93a1
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::200e
2a00:1450:400c:c0b::9c
2a02:2638:d::d
2a02:6b8::1:119
3.33.220.150
3.76.109.233
37.157.6.233
37.252.173.214
37.59.195.1
69.173.144.139
77.245.57.72
89.117.77.90
89.187.169.43
01680ee97f0088831f39804342f932ffaff937e0c93f4cd3d88ee06bcb6c928c
029fd41b4375c7a13498f650f5b513c57246fb2593f2a122831da96dccf45a92
048473f79c4d9ffdb55e9a7a0bbf99131dcc4b451b02c9535ea80e11c1827dec
0833bb72487c95b7a536395f02a098fa8d80d0507fce45b6b508b143402cd592
088fb21a503fe283490cb2f24eef3c45df013458a00aba14eeedb9cc05d7f30c
0dd4a741cf498d43051577fe9de0460caa07c18c42b7ced849830883cff22da0
1925bd4ecd39314b244cb752044bd5808b2e6ffa12d5d93bbd9dece0c96f44e7
25e8f52a30459e482025bc63f81b9dc467ff7e0ede1da6696ab0777b95bf8a31
29b5cf02389a14f358d3abf094c2aa4a16e2b87fefe73f74e4659d0d551b31ec
2a689ccabc2668e13126715b0b9ea6829af15218f5445e6f595c3a04c8f8276c
2b4efb5148e85a1694fa80a845950f1e557da596f3f5c315721ac1206a8b2b30
2d7e04f93797dca868560733bfe7342aabd013ae8bba52073a35bc5fd99e830b
2f344cb62a12b6432d4d9a77712ba152e0ed2c757a325bc64f6cefbaf26d1686
30b6d4b6c3dce102c3b12c8778084d30d28138ad970bd5634b8aedda8a397e75
30de75ad0c61e6f959ea866bef0696758f5c39555d439787a0e1197fe92ab711
31e941d1d8f61728d26f09eef840cc2901fc7b8241980ce25655a2f0d40bb040
32868a1bf80d19678eb0651409c76b377427788cf2ba1dd6aefc3f0c9fdd796c
34ec03e16ba423f27b2db224a2d1ae09f27c349fb245c1407ac87808ccbe5679
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3dcd2f16c7c904c0e17382a7935a110d55734a6a46bb21c908a1576495de0d87
407c0ea74212ba3a966ae1d7cf3c8ecf68e6071c8b6194fa830e4560ec13635b
4386b833e182390c2f29daad009fafbedb99c2def0c35d82403592954966bc97
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b4cc8df451e0bb747504cf3f982ee2790ec0131751aad41d5f12f86d9006ac
46b70779d5e04e84c467110c5f028beb73a1a9d5f67675fdbadc000773f58214
4b9ccae59d778f61af4962b6eba73404430dfce2065f29b3ae606e2c93d14f54
4cee64755e028a90e68bdeb67305dda80af81963df2e6ab1d7e0dac6bb9fa4d0
51b42074adc78d3a6e9e45b60e8f366ed5dc028a84e4bbcf7811e7d42e188510
523c8b7e862f101703a8c593306180b340da7318fb1d2a5e7f9dc8e888b4d813
535bdbdfa4f1236ed1ca39b55150ac0ffb7fd3bbce8ec6af26f795077be22658
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
579123ccb65bff6f7e755e5a2d784116f718b127cbb73623b9013e2f93a1f82f
5dadc86cbee7b84de7a1779d064dc699be87794ada33d0e4903222233f4ca4eb
5e24b61f7ae7a4e552208ab7eb54601da5fd5af5a24a5cf542839398a33a9630
5fc05c45d4a2350c36ef1557727d514ec48d27aec791c65fb7705d768775b33d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
65300b637f4c3b1c2eb9b8c052bc2d02c215eb75a4196d7737a932723dd2a646
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6c7a05fea6afc18509261d863d0e3e4926580c5086b1d33026de3880e48f647c
6d7b5b8b53921d5e045886642d6d156291001c15aeaba1629647008daac8f6c1
6d7fb4bcb0742264fbf7faffe180c1fd8e6b12d019a7a08ada86fd27ee36230a
6df7f77c22d2b3fb04919fa8fe7eb49ced4a1e352872a290c454ae379c4e876c
6f9f1f0d79720ab0f40ebd4883921d6d3e99e02478d6ef07c6aa91d50b9d5341
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623
73c379d75be2202585d1f33f3c8047654e4f0ad9911e0eae1de2df5d1ee168f9
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
7abd016008a16d4e493f50590091cb2799bf5760b764eb67e28915ddb7e55a86
7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0
7d80bcad0d846a5e7073f2843b7ed813b4d36a90372eabb4c998ca62a714efea
7e839be27e80dcb227b58103c0ee39a018a0dab3fca6215abc2b39bce20a1704
7f35f83071a3c2e2026ed7f2b89b536c2c6a116bd99ae1cff343c0ecba7e9212
7f4f162c1035cd8d787c94200a0b99ccf609040219c885286abab4b13fcb3836
7fa2bf4a415b5752f0233d85f83245d78ec1e7cc51cd3fbdbb58d01171043478
814eaf07b84eecb6558d3348639384e5e244a0a995a8ef916d1917ec98fe846b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b3a212bf8edcdbe4d55b58b7a49cfb0e8f3b483af4695d4e858b52ea8431ed
84a0876afaccfbf06ddcbdc1406a778c294f9b1c515c9d52cd0f0f741638c3aa
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
869a8671363a2e29ec0effa51a474f3bfaaed8ff1f8dc13bba8f9f2967893a5f
879adb2f4c84480e0f90e4cb6e06837d51ccc92602b439011448d178bdde603e
89a061a23ef01c5c9050035722015462cd3dbc0b6273290f92f8267eb94aab5f
8ab35ac6bc54b61452906c1c99641547a8ea08869d7d25b6f7baa872009035f2
8c53067f233ea604e4329397d7cedbe99ca958980365d428445d8029135f6564
8cafc698e1a9b0e7c0000ef7638d0e145affa286217f36fd5feab8d26a28d3ab
8d05ebc77f3611464ab36282099939f747ade64839144a6747f83cf77ad5edf6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2c49db07018a59ab49b67849718cd1cfe72bec77de478771f5e70a7327cb88
9298f8b2c8ba030780fd667c0ed8ccf6a0cb516aa96263d6558aa16544ceb576
92d967aa9f47d13c45fa328edf25255a86f1b4cabf5673a516166a274da4c235
93f59f84131ceb91884a84d38f6fbc6dbcd94857388cd52972c6eba3deaf08e1
9c958b4fcdc5729a78abcaecc98bf4423d1ce0fc117163b5ac3e0cab98e58757
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a740fade8b50cf6ddc0e2efa1fdab481760e33a32e3f3b0fa35e49123e82856e
a79f658e21388c2f1c9237816ccb4d86b311b7a97420c764d5c8beddd53f3e9b
a8b4f22452dd8cf6ce928001bc6fbb4dc7ec5262d1fcd8989c9bb350ca2a630e
ab49b06f01ba01695f3b425793784b260bc2dea123e763d6201f234f2315c9ad
aea7b0367865901d235e5732b0a8843a78e2af96f45c704635f8ed78fb3ac185
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4a618eaeedfe6c457deff4bcb15580f9a36a267ca8b19ce2ef96c586dda4d0
af9899a393c086ef1507641bc6ed14e6d86f6478d6d1fbd701598918a24b0df8
b0978fb0412437ad74f3482f09b3c0084254e06ca8a3956467c7a388746ab840
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b6d5ce14b069d40cb5859aa9fdeeb16368192644526d6353cf773f040edc9ad3
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bd5cf25f27f56b2cad0ce44ea43dfe72948b01c8ab289f1eb6a53a31b28b98e0
c18b1bbe042941e331c23e3dd80fb5690eb98692068c2658d4e7014e0ac6d305
c1f51471dd91695d27988e7f9c4265752948ba13ef93e7b35b233774207017a2
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
c5c79636376188550dc0edfe65d969f9c44ad3bb5abb71368350b9bb5fa02f0d
c8d7ace64894d227e9a65ae13f7fffa8feac2de602f7271e2b6b5c0c0f1e4823
ca795d785c92219f7bf9b6ae3c19c6511721c423be4c2219d72995f9091bd26b
cadc7b8d78ac6334e96fefc21605b525357c68a1038936faa5555eac693d620a
cae765e89c38588186de4b36811acb8e873a674a2ca9223dca8fb391a012082b
cb90e572c7472349c515aaa1d2a70af26ab1f918073589300479c76f55522bec
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d47e38fb3d5ed1d1cebe3963f5a2693790803161983a1986bc0e0ef816b2d5a3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d21d629ef5e165eab8b760a25108eaaf0dd01e29fa6614a78e9861989cdb2b
e68c280c71a65018ddc11deca38325739f5d4fe05f5c5a282d354cd0bb80268f
ed86e7ffb537422ccff21965b607630bb97297ec70533fb1b8b1758561db92c9
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef84a03534fc07ae189be34d2e6cf87ff1390b097ed73d4693ac05d7244670a1
f29979dd9647e3a63083e62500d36dd647a80ef6e764dfefcf6dd4c79b8e8194
f2aa514c240ea839fd59e888a140f6e6f8fa77f56a8c1874d25536d5ab915937
f2e9bc088c597c87498eaf303ba5be8ce8b84e0a187576c89c7cb33579e35963
f4127127b3cf1142f69777cc7de7fb6ed68ff6957ada137f91c59989d64490ae
f525824c3ed79dfaefcaff37383f3dac3118376e1e7845ca069a08a70eb77347
f61f00323bf51f559e473999cd21dd87aaa46f1d8774b9e86720f3675db3faef
fe3a700dd4d4e0e5615aede66c4091d440e33540e28dd7ea1108ab856e5a65a4

glucotrust1.bigofferattention.site Open in urlscan Pro 89.117.77.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

174 Requests

91 %HTTPS

35 %IPv6

36 Domains

56 Subdomains

42 IPs

11 Countries

3552 kBTransfer

8773 kBSize

50 Cookies

61 Outgoing links

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

glucotrust1.bigofferattention.site Open in urlscan Pro
89.117.77.90 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

91 %
HTTPS

35 %
IPv6

36
Domains

56
Subdomains

42
IPs

11
Countries

3552 kB
Transfer

8773 kB
Size

50
Cookies

174 HTTP transactions
2 data transactions