medodo.gen.tr Open in urlscan Pro
2606:4700:3034::6815:4934 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://medodo.gen.tr/
Submission: On March 13 via api (March 13th 2023, 9:45:34 am UTC) from US — Scanned from DE

Summary HTTP 128 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 25 domains to perform 128 HTTP transactions. The main IP is 2606:4700:3034::6815:4934, located in United States and belongs to CLOUDFLARENET, US. The main domain is medodo.gen.tr.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 30th 2022. Valid for: a year.

This is the only time medodo.gen.tr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3034::6815:4934	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	185.177.92.29 185.177.92.29	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	134.209.192.77 134.209.192.77	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 23	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	18.196.120.245 18.196.120.245	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	216.52.2.48 216.52.2.48	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	95.100.75.47 95.100.75.47	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
128	23

15 2606:4700:3034::6815:4934 (United States)

ASN13335 (CLOUDFLARENET, US)

medodo.gen.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.92.29 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-29.ah-server.com

portugals.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.192.77 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

parkaevant.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.120.245 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-120-245.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.23 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.100.75.47 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-75-47.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	407 KB
23	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 static.doubleclick.net — Cisco Umbrella Rank: 241 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 ad.doubleclick.net — Cisco Umbrella Rank: 168	127 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com	174 KB
15	medodo.gen.tr medodo.gen.tr	115 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 26862 ad4m.at — Cisco Umbrella Rank: 9918 assets.ad4m.at — Cisco Umbrella Rank: 35263	732 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	195 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15428	1 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 575	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 285	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 770 r.turn.com — Cisco Umbrella Rank: 3354	869 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 95743 static-de.ad4mat.net — Cisco Umbrella Rank: 124399	4 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8720	696 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 57294	1018 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 69301	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 62253	437 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 64174	262 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 706	339 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 317	465 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6097	554 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	606 B
1	pp.ua parkaevant.pp.ua	20 KB
1	portugals.icu portugals.icu	19 KB
128	25

	Domain	Requested by
23	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	pagead2.googlesyndication.com	medodo.gen.tr pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com www.googletagservices.com tpc.googlesyndication.com
15	medodo.gen.tr	medodo.gen.tr
11	www.gstatic.com	googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	assets.ad4m.at	as.ad4m.at
5	fonts.googleapis.com	medodo.gen.tr googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.googletagservices.com	googleads.g.doubleclick.net
3	static.doubleclick.net	googleads.g.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	www.awin1.com	1 redirects as.ad4m.at
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	x.bidswitch.net	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.conrad.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	onetag-sys.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	parkaevant.pp.ua	medodo.gen.tr
1	portugals.icu	medodo.gen.tr
128	35

This site contains links to these domains. Also see Links.

Domain
wordpress.org
envothemes.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-30` - `2023-04-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
portugals.icu R3	`2023-03-12` - `2023-06-10`	3 months	crt.sh
parkaevant.pp.ua R3	`2023-01-14` - `2023-04-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-02-11` - `2023-05-12`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://medodo.gen.tr/
Frame ID: D9FB97D090B16760A21E5EA8851F5357
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html
Frame ID: A2A629151B08FABE6902CB9E9BDD0E3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&adk=318159125&adf=2184669829&lmt=1678700728&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmedodo.gen.tr%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700728504&bpp=11&bdt=123&idt=105&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8538797762317&frm=20&pv=2&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=131
Frame ID: 4B644ED16AAA78BCC0CEE8E4AC3787BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=3690125967&adf=791162748&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1678700728&rafmt=1&to=qs&pwprc=9764909401&format=1200x280&url=https%3A%2F%2Fmedodo.gen.tr%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700728515&bpp=2&bdt=134&idt=125&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8538797762317&frm=20&pv=1&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=72&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OvwnJ2Fsjx&p=https%3A//medodo.gen.tr&dtd=127
Frame ID: 66B37D17D04BD7592B3E0E0A05D444CC
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=90&adk=3047021595&adf=2709691283&pi=t.aa~a.3346274810~rp.1&daaos=1678624934481&w=1200&fwrn=4&fwrnh=100&lmt=1678700729&rafmt=1&to=qs&pwprc=9764909401&format=1200x90&url=https%3A%2F%2Fmedodo.gen.tr%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700729134&bpp=1&bdt=753&idt=-M&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b3c78446cb7b9d9-229427434ddd00aa%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MbLQWQ40tAkln1ajApneZQ43-SBgQ&gpic=UID%3D00000bc5740238e4%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MYckaBFq_VptcxYdGu66rEdwwGVWQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=8538797762317&frm=20&pv=1&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&psts=AD37Y7sLePhkRLwdYMZOXo-IskmQy4tcu8AvIo9RGMrrMCaiTgz0OZpqGjtlv4zcmGi6k-ct5UkakbTqKX7y7Mlf&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8E3SgcEsFX&p=https%3A//medodo.gen.tr&dtd=11
Frame ID: CFC2C04A474D4C749E1BBDEC87F8F5A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=60&adk=2907041587&adf=3442111042&pi=t.aa~a.2656926816~rp.1&daaos=1678624934481&w=1200&fwrn=4&fwrnh=100&lmt=1678700729&rafmt=1&to=qs&pwprc=9764909401&format=1200x60&url=https%3A%2F%2Fmedodo.gen.tr%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700729134&bpp=1&bdt=753&idt=1&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b3c78446cb7b9d9-229427434ddd00aa%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MbLQWQ40tAkln1ajApneZQ43-SBgQ&gpic=UID%3D00000bc5740238e4%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MYckaBFq_VptcxYdGu66rEdwwGVWQ&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=8538797762317&frm=20&pv=1&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&psts=AD37Y7sLePhkRLwdYMZOXo-IskmQy4tcu8AvIo9RGMrrMCaiTgz0OZpqGjtlv4zcmGi6k-ct5UkakbTqKX7y7Mlf&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=axADvII1w9&p=https%3A//medodo.gen.tr&dtd=15
Frame ID: BA4A9EA28C299D618F6A1A76D8CD7DE6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js
Frame ID: D9A6DFA59669AA3072AEFFD9F0DFA5EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5C0F1CF2622225D50F764BBA12CA9CA2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1
Frame ID: 720AA348BEC05D4D8B47257567E26A76
Requests: 20 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/89d7ca8249da9b1fce758df22cf4efd3.js?tag=client_fast_engine_2019
Frame ID: F0371805C748D71C3979C74262A3768D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/impression/delayed_impression_vu_fy2021.js
Frame ID: 39424A3252CC37304054B8D2269B490F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js
Frame ID: 5DEEF653B70DB1989C68A4298EAB577C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kqhrfvtdvrvhxzx2xngftjd7whjm2za3a77fa2nkdsfgy73fhm68d9arf4d1m53smz32evwej9s43x2zj2923wqt5ps7zfz3xsvdrak65mez3pbvc2v2aqq3x63c9kdzktq1gk4g6rfs0fb34z1tpe2dw22ak93n90rkd804wad2wp2vth1qwdg8nwv7gvc8snjhe9v1pkxtxv14p91pcq6z8x4zr4evg5c7gtzggjhpm19b4qk0xg7xg244fkbzbjdp8zq1vyd47qy7536v1zxtmfpcjr7535ecbpgw0qzxw9tq50yb87v6p43gswgfv9wpwm0bsxe3pz99pq00k05xjd9x09jtetc90fhts3mw3w5pnp81d6d66ehnqad5yq13wx5p6zj9jy46vmsr4evjrpsg86ms0b3pvxz0gn5xdzqdpqd80qgczpgwhzpgyrpmzrb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%26client%3Dca-pub-3511830694161206%26adurl%3D
Frame ID: 3059C8B5BEBB283AFD9D315FA188B9B5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5106244F7FA07AE7B54A10E55C668A87
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 91A2B27EC158ADAF4B99ADDEA98CCDC1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CC69EA1AEE107328702649D5D0D15000
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 50E1D34502C164DAAFC719D16B28629C
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C157265%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CY4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=bbca2d264975aa4e482a541150c05ccc%2F11996794128003119282&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678700730653&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz00dg1heq3tx32x0befryqc7v0s995r1segmd380fk20zchwpxyf0xjk38gzdsn6c2wztvprzqqg7n8ts6vpcwg5fgpwxncf6mm70qcpgjdhmjtxzf5msey6gpz9c9prtsga004f011h5nc4hhpb31t5m1e33h553yvcpqspvgcg6seexqx4crbjdczmh8rmjyn0vbhc5xvrjrftp8c50a5t9xepqtx8bqw52tpj7y2r58d91yezavgqxcqfpqkgwkc63w3m7peqn0ek597cg3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Frame ID: D8F8D13389C3A76A1DD8420D49EBE75F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medodo.gen.tr

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

128
Requests

92 %
HTTPS

53 %
IPv6

25
Domains

35
Subdomains

23
IPs

5
Countries

1802 kB
Transfer

3847 kB
Size

23
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://envothemes.com/free-envo-shop/
Title: Envo Shop

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbt9T6vQEQsAkYrAIyCE7OJtFQvBYh HTTP 301
https://tpc.googlesyndication.com/simgad/6908947609828019434

Request Chain 97

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENbGht9DhsHML15rD1etpUM&google_cver=1&google_push=Aa02lx8s5JWPHnBZ-Gusj6Yz4OK1-K83LyER68W3TCmqc9hBkHIPcAmugSJ-k8T5YrVKKl-ajFNflHzrlSGtFeo_MD-UTTOpCHnWi0Jr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzEwMzc3Mzk0MDI2NTkzMjY4Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENbGht9DhsHML15rD1etpUM&google_cver=1

Request Chain 98

https://ads.travelaudience.com/google_pixel?google_gid=CAESENetFXK1ssCAU4HDkijJuEo&google_cver=1&google_push=Aa02lx951qpgaVhWdPmoMncSMU_ZUKUMwLG-ZpYrnHL-fEBxzUuwMp-2951FBcg8a867R-_-znDnNsE3KtcIVDvCqZ-uhzc97gfzI7g HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=flmLNiy8SKGU1ululdhmqQ2&google_push=Aa02lx951qpgaVhWdPmoMncSMU_ZUKUMwLG-ZpYrnHL-fEBxzUuwMp-2951FBcg8a867R-_-znDnNsE3KtcIVDvCqZ-uhzc97gfzI7g

Request Chain 99

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAR1dnNVay4gWKIaebwrMfw&google_cver=1&google_push=Aa02lx-VlH7ry2qwtm-Fq06ofCZDYmQDbIv7OKhruyWVU1NZDOgJjtFYDOalKYC98vTXBM5vnSDrZQJY6hzRbSjCORpJZyQ-A3kmDfv3 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAR1dnNVay4gWKIaebwrMfw&google_cver=1&google_push=Aa02lx-VlH7ry2qwtm-Fq06ofCZDYmQDbIv7OKhruyWVU1NZDOgJjtFYDOalKYC98vTXBM5vnSDrZQJY6hzRbSjCORpJZyQ-A3kmDfv3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-VlH7ry2qwtm-Fq06ofCZDYmQDbIv7OKhruyWVU1NZDOgJjtFYDOalKYC98vTXBM5vnSDrZQJY6hzRbSjCORpJZyQ-A3kmDfv3&google_hm=mKdMOu4DR2yeeBiiQg0YeQ==

Request Chain 100

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA43pdy8Q3E4iQiO-lMzgqI&google_cver=1&google_push=Aa02lx-SSip9WcO-waJQyoTeuiUk2krm1fXfPrHB-TZej-tE-eM8k0xH7B8YGbIRnoao-X5ZYDhHKIL45bneO5LfheP9AKzt_HQtcxdh HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA43pdy8Q3E4iQiO-lMzgqI&google_cver=1&google_push=Aa02lx-SSip9WcO-waJQyoTeuiUk2krm1fXfPrHB-TZej-tE-eM8k0xH7B8YGbIRnoao-X5ZYDhHKIL45bneO5LfheP9AKzt_HQtcxdh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU2NjA2NjMyNjIxMDU4MzMyMA&google_push=Aa02lx-SSip9WcO-waJQyoTeuiUk2krm1fXfPrHB-TZej-tE-eM8k0xH7B8YGbIRnoao-X5ZYDhHKIL45bneO5LfheP9AKzt_HQtcxdh

Request Chain 101

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDB-WvDPzG1O6G5567so2hQ&google_cver=1&google_push=Aa02lx9tR8HhpA33exwbGxDrqF1q6HIPcG_SF7saMiBWZ1D0fSsvtqm2NO8rZxktwhe4ajyDd5Q1G6BFO9TpH-Jukb2a4OEsNpzTpKVW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY2TjJMREEtMTEtSFJDVA==&google_push=Aa02lx9tR8HhpA33exwbGxDrqF1q6HIPcG_SF7saMiBWZ1D0fSsvtqm2NO8rZxktwhe4ajyDd5Q1G6BFO9TpH-Jukb2a4OEsNpzTpKVW

Request Chain 102

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEG2vmlYd64-vsBPoR1Ozj_M&google_cver=1&google_push=Aa02lx_ribkERQFzkyRmd6bHD-ztvDXyYcAqS2UhHvW7cHNQkxikfo4AZ5CAhSsL472XVMWEpDCPe6gBhv4o2CHjIi5WVfNj_1h8jrDm HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEG2vmlYd64-vsBPoR1Ozj_M&google_cver=1&google_push=Aa02lx_ribkERQFzkyRmd6bHD-ztvDXyYcAqS2UhHvW7cHNQkxikfo4AZ5CAhSsL472XVMWEpDCPe6gBhv4o2CHjIi5WVfNj_1h8jrDm&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_ribkERQFzkyRmd6bHD-ztvDXyYcAqS2UhHvW7cHNQkxikfo4AZ5CAhSsL472XVMWEpDCPe6gBhv4o2CHjIi5WVfNj_1h8jrDm&google_hm=GTYptGZHIcIrMexjQjiXxhJD

Request Chain 103

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIRZP6DofbhQejNck07QRv0&google_cver=1&google_push=Aa02lx87d3kC2ksgoTcB_yo_iiZ7_qBto7JgPzKtXfnG-qkdvBbMr8l_FhLH15yMSecsNeYOSKjtjbck_vRw7lKdMsunRf1qzU9HJE4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx87d3kC2ksgoTcB_yo_iiZ7_qBto7JgPzKtXfnG-qkdvBbMr8l_FhLH15yMSecsNeYOSKjtjbck_vRw7lKdMsunRf1qzU9HJE4

Request Chain 122

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMP698XP2P0CFVGE_QcdZu0G7g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023031310453182778777145X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023031310453182778777145X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218

Request Chain 125

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1678700730_caf3df50-c183-11ed-b09e-2262db7920ac&insert=AW&&gdpr=0&gdpr_consent=

128 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
medodo.gen.tr/ 39 KB
7 KB 261ms
146ms Document
text/html 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77effb07a1572d4ac2ed4612eb70845b0b36fe3e825db53cae1b96137fcc1953

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a73581f6a60925c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Mar 2023 09:45:28 GMT
link: <https://medodo.gen.tr/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StGx5f6TNIV%2BQIDiQT9WmW2cm9lksk2PrrOeAAl2G5y9L1p2TwNWRGMvo03rLOGLiEOEh14dQqFxJ295e7WExNHapeM0NVQkj0rM3N1yAOhB56AyBAttooUcNicfihx%2B9mxqJ8ABIHE6GVoH"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 62ms
29ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3511830694161206

Requested by

Host: medodo.gen.tr
URL: https://medodo.gen.tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

774c5f196c749476a5d9d7973043f7bc096c561b795fba6c43aaed935e9f5ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medodo.gen.tr/
Origin: https://medodo.gen.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48706
x-xss-protection: 0
server: cafe
etag: 8932033567820088689
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 09:45:28 GMT

GET
H2 200 mq3tsnzugy5ha3ddf4ytgnbw Show response
portugals.icu/code/ 19 KB
19 KB 74ms
21ms Script
application/javascript 185.177.92.29
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://portugals.icu/code/mq3tsnzugy5ha3ddf4ytgnbw

Requested by

Host: medodo.gen.tr
URL: https://medodo.gen.tr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.92.29 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-92-29.ah-server.com

Software

nginx /

Resource Hash

e045ee6bd4899826f059c42190191fdd9233c47032f0e8cd92c545205a54e259

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Mar 2023 09:45:28 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H2 200 / Show response
parkaevant.pp.ua/ 20 KB
20 KB 120ms
22ms Script
application/javascript 134.209.192.77
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://parkaevant.pp.ua/?te=hbtgkyzwmm5ha3ddf43tenzr

Requested by

Host: medodo.gen.tr
URL: https://medodo.gen.tr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

134.209.192.77 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f26af0f47b064938091be41a8bcfef2e33447a037886ba305187d655d1a3d9b1

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Mar 2023 09:45:28 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H2 200 style.min.css
medodo.gen.tr/wp-includes/css/dist/block-library/ 93 KB
13 KB 34ms
29ms Stylesheet
text/css 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636e62ad-172a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuI%2Bt2rVehAZaW9ZapNklFW6z%2FJGYMt1wVqZL2%2Bj0rzy75pZYhRPiINvBKnbvU5DgjoZPfjHO%2FEGg9Vd3%2F%2FE%2BnhkkS5XfBf9w6Ei4BHJSNEKHY7j05IBF7YTX0vwnO05PJpRzUGZrCMXeIc%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7a7358206bd6925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 classic-themes.min.css
medodo.gen.tr/wp-includes/css/ 217 B
492 B 30ms
26ms Stylesheet
text/css 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6357e86c-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEzh6Qlw5N4llZC5j7Nv0GJ5VGa2UYNf9L%2BZJU2MT3CHhEYBtYXSo6y6FWDgTUZbVmc2MMBvij4xgYbxDRuc%2BqFkT4f7ObEuFK9uPqo0aI%2Fg4yThQ72Octmz0iFsfxSazrvAtrwNIcbkAMbr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7a7358206bd8925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 screen.min.css
medodo.gen.tr/wp-content/plugins/table-of-contents-plus/ 1 KB
715 B 23ms
19ms Stylesheet
text/css 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Apr 2022 11:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 58172
etag: W/"626d1984-484"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xT%2FWIGSAihMkThlgpCYI2numCsRfmC0HYwYh7d%2FvdQErkEUgGmlqLSVNHE8OOUAL69G%2FpB5ZxFHHU12hvAkIMlXAz%2FfGJ%2Bp%2FmatrgsIDMaRtiVeJnvGfxsfctmIQ2bzL5GvkW0O%2BY68Gynot"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7a7358206bd9925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 52ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed%3A300%2C500%2C700&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese

Requested by

Host: medodo.gen.tr
URL: https://medodo.gen.tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4ebbbe9e2cb7f812044295bf4773dbd8e6170652eb80e91cba87643fe176ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 08:56:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Mar 2023 09:45:28 GMT

GET
H2 200 bootstrap.css
medodo.gen.tr/wp-content/themes/envo-shop/css/ 66 KB
11 KB 20ms
16ms Stylesheet
text/css 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-content/themes/envo-shop/css/bootstrap.css?ver=3.3.7
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38bf480735ea9ba16486c96e38f0048c5a067de8bacadf74b154c496a1ca2b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 14:52:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 58172
etag: W/"626ff039-10893"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aj68P%2BSuOvm%2FKgwQ6p4EAgPu11mbZxHoisP6QyAcHqA2253awzHJdl1uCgGQ7n%2B9qtpyIWHg9uiCp67Qxh92vdQ4YRgLx%2FoRCa9Dn69m6nKyCqoCAzBAVC8VbB%2FcgCEfY1sQS0YJej8Kuh0e"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7a7358206bde925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mmenu-light.min.css
medodo.gen.tr/wp-content/themes/envo-shop/css/ 4 KB
1 KB 19ms
15ms Stylesheet
text/css 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-content/themes/envo-shop/css/mmenu-light.min.css?ver=1.0.9
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46c4bac7fbec865c6e63cc0c6d3379c0605b6975a1afbf9911ae1cc9df4ad906

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 14:52:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 58172
etag: W/"626ff039-f15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZzGRBD1NUXzRaEFl2ZQdcRDjpqP%2FrxW1GHlSFccz3XVjMGv4ZPnf3murCduwhvTQN21LQ1S7z%2Fjs3whEPv4syLx1wKNmXEabLKoFAelBpHQFAATIct4jt8KXl0S%2BvisiB1YAo3iJx9psq%2Fn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7a7358206be0925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
medodo.gen.tr/wp-content/themes/envo-shop/ 44 KB
9 KB 21ms
18ms Stylesheet
text/css 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-content/themes/envo-shop/style.css?ver=1.0.9
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 898a8209cfe241b1537d94a25d129a6a986cc50e5ae6ed42df408717e6716815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 14:52:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 58172
etag: W/"626ff039-aee9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dm5EjJ33QoQovyS1Vjyo7h2DDi3W9TT56My4eDJo0uFoTKBVPT1iMmEKoPWHWFBYiC3oNsBB6KKDAOIvxilvjWribGTa4YRW%2FToMDlcAn84Qw4yoAwj3imzM48%2FMEnUZZ3Sttv45HVgW134Z"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7a7358206be2925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 line-awesome.min.css
medodo.gen.tr/wp-content/themes/envo-shop/css/ 88 KB
16 KB 23ms
20ms Stylesheet
text/css 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-content/themes/envo-shop/css/line-awesome.min.css?ver=1.3.0
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 14:52:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 58172
etag: W/"626ff039-15e81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DP2Z%2BHeqQwVPA3jRjcuRehS8LFKnMmOcYGBowXZWjUuECIKwPBK6iOZ9ovgb3iPSvL%2FxRWOABuK7AUxs4yPpund9MBAMQiKYurzK88x5QATc2M52V2KmEVxMGCZUj6lWRTkKA7XXnDwjC4H5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7a7358206be3925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
medodo.gen.tr/wp-includes/js/jquery/ 88 KB
32 KB 34ms
30ms Script
application/javascript 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"632879b8-15e54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMtsy0%2BjBfTRCpTXJEOdOXiv22ZCgC0h3Pi6vGWNeM8jC%2FRNh5ulbDhwYaLp5ASSub30FH%2Boeg2v%2B2C7uUnE9gig4nE3hyD0Ohfoh1eKL2nBSnFme7J98GHnvdM7KqV9NVz3rOaQJO2CAgnm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7a7358206be5925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
medodo.gen.tr/wp-includes/js/jquery/ 11 KB
4 KB 35ms
32ms Script
application/javascript 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TF8fXbKDs6sMWtg3kK55sA1bObJT94B1MbswFebrkqeoS2VSSavShr7RP7FSFu5Esoh7KovfcF9oWROpG047J4p49IogdKULH%2BUsONl9kyDVQIba%2BC8P2EIsHU5CzMWEd3SxliLPqSbGphrm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7a7358206be6925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 front.min.js Show response
medodo.gen.tr/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 17ms
14ms Script
application/javascript 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Apr 2022 11:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 58172
etag: W/"626d1984-17cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KXSB%2BgrWDTyHyoXFJ8AGLr6nIGpk%2B%2B0Vk2cusbO5NlRx0bPT0Xd82QJJ4DAmMiKVsZsRKNTnQ36AKIncHBdXDtB8OpZxKJy%2FSzoeFXHfqSW88mKey%2BypCUTAQN0vfzKv%2FbGUS%2BHVbdMFjpw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 7a7358206be8925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
medodo.gen.tr/wp-content/themes/envo-shop/js/ 7 KB
3 KB 24ms
22ms Script
application/javascript 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-content/themes/envo-shop/js/bootstrap.min.js?ver=3.3.7
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 14:52:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 58172
etag: W/"626ff039-1c20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOudtfEs%2FlIPHEG7DRrzKOqxZaf7U56GHarsISkgpyNi5GDlLI3nApPY49hCJgHW4ezegHYoqqQY0k7HraN8Dubgu4kRuWpQ8Ecx3XBMQ8AaqHI0AGgfyDQuosItjkEmh9Gm%2BQrp%2FdQF2MNE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 7a7358207bf7925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 customscript.js Show response
medodo.gen.tr/wp-content/themes/envo-shop/js/ 4 KB
1 KB 27ms
25ms Script
application/javascript 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-content/themes/envo-shop/js/customscript.js?ver=1.0.9
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8332f8603549e66cbff86f70a7ad5f64021212407ea57b3ca58447deb016129d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 14:52:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 58172
etag: W/"626ff039-1084"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WifnuHMsFFUS25Oaclm5Vdn15u5DHTvoiycGK5Zf8Z3%2BRnPxbGRYDJTU1ApLqeksw%2Brb2QtpoZ0%2BYXbSx7e2PNgB6UJ18KtxRsiZ45SCSnM2sCtcq343eIqbVuBtem0kWx%2BMu2GIHWkQEZrO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 7a7358207bfb925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mmenu-light.min.js Show response
medodo.gen.tr/wp-content/themes/envo-shop/js/ 3 KB
1 KB 29ms
26ms Script
application/javascript 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-content/themes/envo-shop/js/mmenu-light.min.js?ver=1.0.9
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e35d2243219d9e549a5c457cb898387fa3dc7eac43cabb41c70718c2528abca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 14:52:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 58172
etag: W/"626ff039-a20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4M8aVDa3yev0sXFEhQn2uiHavph0BM4WC2EZu%2FvMSm0j5sGZy3VLwCBMB5wvNsd5%2FVCuYrLwyirAXcOr2HVHmcm7TuM2To4FvybFOnxfSET0HNtLrg4bae4o1hQBbTsFWw4o13TTS74O165x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 7a7358207c00925c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 15 KB
15 KB 32ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed%3A300%2C500%2C700&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://medodo.gen.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:46:40 GMT
x-content-type-options: nosniff
age: 377928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14964
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 00:46:40 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 16 KB
16 KB 38ms
16ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed%3A300%2C500%2C700&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://medodo.gen.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:12:45 GMT
x-content-type-options: nosniff
age: 351163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 08:12:45 GMT

GET
H3 200 la-regular-400.woff2
medodo.gen.tr/wp-content/themes/envo-shop/fonts/ 13 KB
13 KB 33ms
33ms Font
font/woff2 2606:4700:3034::6815:4934
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medodo.gen.tr/wp-content/themes/envo-shop/fonts/la-regular-400.woff2
Requested by: Host: medodo.gen.tr
URL: https://medodo.gen.tr/wp-content/themes/envo-shop/css/line-awesome.min.css?ver=1.3.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4934 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51ca2c00a3e30945e52227147fed9e296dde03af3c4d7589e8e95ca5740037db

Request headers

Referer: https://medodo.gen.tr/wp-content/themes/envo-shop/css/line-awesome.min.css?ver=1.3.0
Origin: https://medodo.gen.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 02 May 2022 14:52:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626ff039-3264"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGm3gZT27OrYwztXCqvcI3kD2NLiU6U6ewijrahuc%2FrdqjUUyTnK2QrTJ4Ql5vOuLJrVMOp5F0xAu2r5rEhfoJTmGu8ZVHAx45zqeYZPup2tjSWWUDoXzyD36Q5nQlQlXWsFic9H1ew2H9ig"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a735820da449974-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12900

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuvMR6WR.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 11 KB
11 KB 23ms
15ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuvMR6WR.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed%3A300%2C500%2C700&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

542d343d39243359b90273983d90e0d211a2e1f2a09518d6f1746c3a3d2ba3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://medodo.gen.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:41:04 GMT
x-content-type-options: nosniff
age: 313464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11512
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:07:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 18:41:04 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuvMR6WR.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 12 KB
13 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuvMR6WR.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed%3A300%2C500%2C700&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c000066f2b27add17d55cfec67196d43c6a529f550da7877663e34632c927bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://medodo.gen.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 13:46:06 GMT
x-content-type-options: nosniff
age: 503962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12388
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:00:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 13:46:06 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/ 361 KB
119 KB 62ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3511830694161206&plah=medodo.gen.tr&bust=31072649

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3511830694161206

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8835ca3867719a2fdc8640625779e802639cf39cb51045be1eed083fff4082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121825
x-xss-protection: 0
server: cafe
etag: 4988514170746358851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 09:45:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/ Frame A2A6 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3511830694161206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medodo.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46079
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 20:57:29 GMT
etag: 2378337311435320485
expires: Sun, 26 Mar 2023 20:57:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
606 B 51ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=medodo.gen.tr&callback=_gfp_s_&client=ca-pub-3511830694161206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3511830694161206&plah=medodo.gen.tr&bust=31072649

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dadd5066d84740ed0a2dee8c8a9b326d0847250bf2d1590e2a567cfa338b16c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 74ms
19ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=medodo.gen.tr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 42ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=medodo.gen.tr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B64 295 KB
64 KB 434ms
434ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&adk=318159125&adf=2184669829&lmt=1678700728&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmedodo.gen.tr%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700728504&bpp=11&bdt=123&idt=105&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8538797762317&frm=20&pv=2&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=131

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e1eaa75648b2728ccef89c502b2e4fb5ce82de5d44b10e6e4646b80f4e181de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medodo.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 65654
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 09:45:29 GMT
expires: Mon, 13 Mar 2023 09:45:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 66B3 91 KB
32 KB 370ms
369ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=3690125967&adf=791162748&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1678700728&rafmt=1&to=qs&pwprc=9764909401&format=1200x280&url=https%3A%2F%2Fmedodo.gen.tr%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700728515&bpp=2&bdt=134&idt=125&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8538797762317&frm=20&pv=1&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=72&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OvwnJ2Fsjx&p=https%3A//medodo.gen.tr&dtd=127

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57be14a02baed5ba7f790d84d02ce8ce7b891db4fdfaf444e121e12c08366940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medodo.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32733
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 09:45:29 GMT
expires: Mon, 13 Mar 2023 09:45:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 66B3 6 KB
768 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=3690125967&adf=791162748&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1678700728&rafmt=1&to=qs&pwprc=9764909401&format=1200x280&url=https%3A%2F%2Fmedodo.gen.tr%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700728515&bpp=2&bdt=134&idt=125&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8538797762317&frm=20&pv=1&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=72&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OvwnJ2Fsjx&p=https%3A//medodo.gen.tr&dtd=127

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Mar 2023 09:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 07:59:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Mar 2023 09:45:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 66B3 2 KB
846 B 37ms
15ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:42:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame 66B3 22 KB
9 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 15:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 15:54:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 66B3 3 KB
1 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 13:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 13:25:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 66B3 20 KB
8 KB 31ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:32:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 66B3 158 KB
49 KB 72ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Mar 2023 09:45:29 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 66B3 34 KB
14 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 13:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 09 Jun 2023 13:26:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 66B3 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDmJauPAOZL6lKY266wSA9peQAvySpr5viaDhsLYQ-6CA4IsOEAEgtInBkwFgleKQgqAHoAHvnf_bKMgBCakCb5Y28ps_eT6oAwHIA8sEqgTHAU_QSwON1CJMiCoJViSKC_JNOHJ5Qui-vnPj-6BslssusOQg5j0fkfuVRteNeBoq0_c62ZUzdWOSTSGo7h9kgm44Abg3zDNIFNT3RA076WxhK11lFkNElWNyFyqosPN-A_bTGoKozFmNWVA9gXGwN0a4SAr8ptBIMOViC9xuHCC_MZFpAQcbwnk62o9JmxG8ufIqkq2LRmvCuoxU_DrVRDPOOPjE9tj8xAP--PPiiKgu1vf6quXPSz6lyL2dgawOXWeszE15gMrABNb447f7A5IFBAgEGAGSBQQIBRgEoAYugAeEw8-7A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELi6BNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDIgUBdAVAYAXAbIXHAoaCAASFHB1Yi0zNTExODMwNjk0MTYxMjA2GAA&sigh=Nf8bmpZBfWc&uach_m=[UACH]&cid=CAQSGwDUE5ym4G7QiscbGw1bOaoUuKwEz7VBovQarRgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=3690125967&adf=791162748&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1678700728&rafmt=1&to=qs&pwprc=9764909401&format=1200x280&url=https%3A%2F%2Fmedodo.gen.tr%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700728515&bpp=2&bdt=134&idt=125&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8538797762317&frm=20&pv=1&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=72&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OvwnJ2Fsjx&p=https%3A//medodo.gen.tr&dtd=127
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 13 Mar 2023 09:45:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 13 Mar 2023 09:45:29 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13977932262251917699/ Frame 66B3 8 KB
8 KB 26ms
17ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13977932262251917699/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737423a72d6d04cb58342821009671c36d81498a32fc4d7eed5276013998cfbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:10:13 GMT
x-content-type-options: nosniff
age: 322516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7878
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 11:59:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Mar 2024 16:10:13 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/286073047288598412/ Frame 66B3 2 KB
2 KB 26ms
17ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/286073047288598412/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9960805ce672806e2f857ae08582a271184e40c45fe40d022e59e9eb5409955e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 22:03:52 GMT
x-content-type-options: nosniff
age: 214897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 11:59:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Mar 2024 22:03:52 GMT

GET
DATA 200
OK truncated
/ Frame 66B3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f67a4e0b1fed8fa7d9821feaab9333f0207824b68a442f23a65a0f994fdd81e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/ 150 KB
51 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/reactive_library_fy2021.js?bust=31072649

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39b4352d9f6fa3d56076ec74024a8de66383d011d157906db4dcddfd9d75648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52405
x-xss-protection: 0
server: cafe
etag: 3995956487771599569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 09:45:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 28ms
27ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=medodo.gen.tr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 27ms
26ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=medodo.gen.tr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CFC2 13 KB
6 KB 339ms
297ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=90&adk=3047021595&adf=2709691283&pi=t.aa~a.3346274810~rp.1&daaos=1678624934481&w=1200&fwrn=4&fwrnh=100&lmt=1678700729&rafmt=1&to=qs&pwprc=9764909401&format=1200x90&url=https%3A%2F%2Fmedodo.gen.tr%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700729134&bpp=1&bdt=753&idt=-M&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b3c78446cb7b9d9-229427434ddd00aa%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MbLQWQ40tAkln1ajApneZQ43-SBgQ&gpic=UID%3D00000bc5740238e4%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MYckaBFq_VptcxYdGu66rEdwwGVWQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=8538797762317&frm=20&pv=1&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&psts=AD37Y7sLePhkRLwdYMZOXo-IskmQy4tcu8AvIo9RGMrrMCaiTgz0OZpqGjtlv4zcmGi6k-ct5UkakbTqKX7y7Mlf&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8E3SgcEsFX&p=https%3A//medodo.gen.tr&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d689ff3a9c4e7de7695a0661982019ec1e5b08f3eaee3e3373a9a9d03c6c9eff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medodo.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 5652
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 09:45:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA4A 430 B
227 B 250ms
210ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=60&adk=2907041587&adf=3442111042&pi=t.aa~a.2656926816~rp.1&daaos=1678624934481&w=1200&fwrn=4&fwrnh=100&lmt=1678700729&rafmt=1&to=qs&pwprc=9764909401&format=1200x60&url=https%3A%2F%2Fmedodo.gen.tr%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700729134&bpp=1&bdt=753&idt=1&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b3c78446cb7b9d9-229427434ddd00aa%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MbLQWQ40tAkln1ajApneZQ43-SBgQ&gpic=UID%3D00000bc5740238e4%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MYckaBFq_VptcxYdGu66rEdwwGVWQ&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=8538797762317&frm=20&pv=1&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&psts=AD37Y7sLePhkRLwdYMZOXo-IskmQy4tcu8AvIo9RGMrrMCaiTgz0OZpqGjtlv4zcmGi6k-ct5UkakbTqKX7y7Mlf&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=axADvII1w9&p=https%3A//medodo.gen.tr&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e76ec1cf269db0fc6dcb0625ef62393941fc0fe2010c157dd9dee0dca2f45b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medodo.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 09:45:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 66B3 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:19:10 GMT
x-content-type-options: nosniff
age: 271579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 06:19:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 66B3 15 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 259658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 09:37:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 66B3 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 21:07:17 GMT
x-content-type-options: nosniff
age: 218292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:07:17 GMT

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame D9A6 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 17:26:18 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/ Frame 5C0F 10 KB
4 KB 32ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medodo.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 01:31:40 GMT
etag: 2378337311435320485
expires: Mon, 27 Mar 2023 01:31:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/ Frame 720A 10 KB
4 KB 29ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medodo.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 01:31:40 GMT
etag: 2378337311435320485
expires: Mon, 27 Mar 2023 01:31:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 5C0F 4 KB
636 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Mar 2023 09:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 07:57:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Mar 2023 09:45:29 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5C0F 205 B
518 B 13ms
11ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:08:43 GMT
x-content-type-options: nosniff
age: 2206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Mar 2024 09:08:43 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5C0F 604 B
694 B 14ms
13ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 08:30:03 GMT
x-content-type-options: nosniff
age: 4526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Mar 2024 08:30:03 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/ Frame 5C0F 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 15:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8547
x-xss-protection: 0
server: cafe
etag: 17360858034827311943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 15:42:40 GMT

GET
H2 200 89d7ca8249da9b1fce758df22cf4efd3.js Show response
www.gstatic.com/mysidia/ Frame 720A 10 KB
4 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/89d7ca8249da9b1fce758df22cf4efd3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4405
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 04:52:36 GMT

GET
H2 200 a1bcd720d76fe498b484a6335c7fbb84.js Show response
www.gstatic.com/mysidia/ Frame 720A 19 KB
8 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a1bcd720d76fe498b484a6335c7fbb84.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e231934edc88c872fabebe3e04b67b0cbc189239ce1089124414c406860d2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 18:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7924
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 18:42:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 720A 3 KB
601 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Mar 2023 09:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 09:27:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Mar 2023 09:45:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 720A 2 KB
799 B 21ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:42:14 GMT

GET
H2 200 e9aff91b4641aa9f021dfc8c8beac945.js Show response
www.gstatic.com/mysidia/ Frame 720A 6 KB
2 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9aff91b4641aa9f021dfc8c8beac945.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2362
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 06:44:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame 720A 22 KB
9 KB 26ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 15:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 15:54:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 720A 3 KB
1 KB 25ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 13:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 13:25:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 720A 20 KB
8 KB 23ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:32:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 720A 158 KB
49 KB 32ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Mar 2023 09:45:29 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 720A 34 KB
14 KB 16ms
10ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 13:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 09 Jun 2023 13:26:36 GMT

GET
H3 200 89d7ca8249da9b1fce758df22cf4efd3.js Show response
www.gstatic.com/mysidia/ Frame F037 10 KB
4 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/89d7ca8249da9b1fce758df22cf4efd3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4405
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 04:52:36 GMT

GET
H3 200 a1bcd720d76fe498b484a6335c7fbb84.js Show response
www.gstatic.com/mysidia/ Frame F037 19 KB
8 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a1bcd720d76fe498b484a6335c7fbb84.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e231934edc88c872fabebe3e04b67b0cbc189239ce1089124414c406860d2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 18:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7924
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 18:42:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F037 3 KB
601 B 19ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Mar 2023 09:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 08:42:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Mar 2023 09:45:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame F037 2 KB
765 B 13ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:42:14 GMT

GET
H3 200 e9aff91b4641aa9f021dfc8c8beac945.js Show response
www.gstatic.com/mysidia/ Frame F037 6 KB
2 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9aff91b4641aa9f021dfc8c8beac945.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2362
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 06:44:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame F037 22 KB
9 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 15:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 15:54:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame F037 3 KB
1 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 13:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 13:25:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame F037 20 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:32:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F037 158 KB
49 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Mar 2023 09:45:29 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame F037 34 KB
14 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 13:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 09 Jun 2023 13:26:36 GMT

GET
H2 200 3308893167986220328_11194945142015216176.jpeg
static.doubleclick.net/dynamic/5/406273449/ Frame 720A 4 KB
5 KB 566ms
9ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/406273449/3308893167986220328_11194945142015216176.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

621a5d844b317e77af4bfd1fda3a4ca35090b6b5b555ecc86c25479d035d5d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 19:26:16 GMT
x-content-type-options: nosniff
age: 137954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4121
x-xss-protection: 0
last-modified: Sun, 08 Jan 2023 12:29:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 19:26:16 GMT

GET
H2 200 1441394180732411324_3121470924558577353.png
static.doubleclick.net/dynamic/5/406273449/ Frame 720A 1 KB
1 KB 567ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/406273449/1441394180732411324_3121470924558577353.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cfee36191e74131f82df5a0cf8a0570d8bd1d6d9b2c0e1a1d1f2b6f186e4e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 22:53:55 GMT
x-content-type-options: nosniff
age: 298295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1213
x-xss-protection: 0
last-modified: Sat, 25 Feb 2023 07:56:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 22:53:55 GMT

GET
H2 200 3545994986914621306_2969904142569922509.jpeg
static.doubleclick.net/dynamic/5/406273449/ Frame 720A 2 KB
2 KB 568ms
12ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/406273449/3545994986914621306_2969904142569922509.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38a267bdbcf66b8a91fe7208aa5129b11b1febd21537e9ee655885bbef69b724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 16:55:34 GMT
x-content-type-options: nosniff
age: 146996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2346
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 02:34:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 16:55:34 GMT

GET
H3

200

6908947609828019434
tpc.googlesyndication.com/simgad/ Frame 720A
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbt9T6vQEQsAkYrAIyCE7OJtFQvBYh
https://tpc.googlesyndication.com/simgad/6908947609828019434

29 KB
29 KB

8ms
8ms

Image
image/png

2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6908947609828019434

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96ab8cc4f3a7cd925e86b72b10530fc8c427bd053c1a1c858f08d53bc346f592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:26:54 GMT
x-content-type-options: nosniff
age: 332315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29464
x-xss-protection: 0
last-modified: Mon, 17 Dec 2018 09:53:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Mar 2024 13:26:54 GMT

Redirect headers

date: Sun, 12 Mar 2023 13:48:36 GMT
x-content-type-options: nosniff
server: cafe
age: 71813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6908947609828019434
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 13:48:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 720A 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cy1DSuPAOZI3UKIr06gSwyZzIBZ7Wx7hvu-KotYgRtNuPupY4EAEgtInBkwFgleKQgqAHoAHVlP7HA8gBCakCDhS7LA_bsT6oAwHIA8sEqgTHAU_QTZMK0X6Kpr5mUsYIbYqdlouV8GPENkAl149zjK1FvaSgROANUUBOS1Mae9xJw-yrONNSnl9iuY9xhfEyZayk5Wu6B23j5Ft8gKKVdwn-iwj-JRVj4JSbtFfw-TdA8kemmUH6hV5mIBqBXdEdbDjlhRBykenuDqcICKbKIDxfCYrgcYJBTawptJyLVwte_XoTMCXYES8RLhrBf37js2_3CCpTjbZbpAd86s-RYe31QFwNFaAAH3ctqejRLfTb7ogST44xnFPABIDWzL-7BJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe8v6kuqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEENzeBNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTM1MTE4MzA2OTQxNjEyMDYYAA&sigh=xlNTjW1GRUM&uach_m=[UACH]&cid=CAQSGwDUE5ymu47rUVh_zal7U6brpjmxA7N9sy5IQRgB&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 13 Mar 2023 09:45:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 720A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74228d0e45ac652abf134fb83bd5971c7a29682e177ebb97e0068325080b8854

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 720A 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAABGQDAECg0QAyEAAADMzAxuQDAECg0QCiEAAAAANDP7PzAECg0QDSEAAAAAAAAAADAECg4QHioIMTAwNXgxMjQwBAoOEBkqCDEwMDV4MTI0MAQKDRAOIQAAAAAAAAAAMAQKDRAEIQAAAMzMbG5AMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAAEtAMAQKDRAFIQAAADQzc25AMAQKDRAQIQAAAAAA8bJAMAQKDRARIQAAAACASPFAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAAMzM9HBAMAQSGkNJMlE5OFRQMlAwQ0ZRcTZtZ29kc0NRSFdRIglncGEvbW9udGUoDA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a1bcd720d76fe498b484a6335c7fbb84.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 09:45:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F037 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgorCAEqJ2xhcmdlLWJhbm5lci1jdGEtd2hpdGVzcGFjZS11bmNsaWNrYWJsZQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAAAUQDAECg0QAyEAAADQzIxVQDAECg0QDSEAAAAAAAAAADAECgkQHioDMHgwMAQKCRAZKgMweDAwBAoNECshAAAAAAAAGEAwBAoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAAIBI8UAwBAoNEBIhAAAAAAAAHEAwBAoNEBMhAAAAAAAAAEAwBAoNEBchAAAAmJk5XEAwBAoNEBQhAAAAABB_8UAwBAoNEBUhAAAAAAAAJEAwBAoNEBYhAAAAAAAAEEAwBAoNEBghAAAANDMTYEAwBBIaQ0l5UTk4VFAyUDBDRlFxNm1nb2RzQ1FIV1EiFmdwYS9tYXhpbWFsX3NpbmdsZV9jdGEoCA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a1bcd720d76fe498b484a6335c7fbb84.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 09:45:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 delayed_impression_vu_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/impression/ Frame 3942 19 KB
8 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/impression/delayed_impression_vu_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=90&adk=3047021595&adf=2709691283&pi=t.aa~a.3346274810~rp.1&daaos=1678624934481&w=1200&fwrn=4&fwrnh=100&lmt=1678700729&rafmt=1&to=qs&pwprc=9764909401&format=1200x90&url=https%3A%2F%2Fmedodo.gen.tr%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700729134&bpp=1&bdt=753&idt=-M&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b3c78446cb7b9d9-229427434ddd00aa%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MbLQWQ40tAkln1ajApneZQ43-SBgQ&gpic=UID%3D00000bc5740238e4%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MYckaBFq_VptcxYdGu66rEdwwGVWQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=8538797762317&frm=20&pv=1&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&psts=AD37Y7sLePhkRLwdYMZOXo-IskmQy4tcu8AvIo9RGMrrMCaiTgz0OZpqGjtlv4zcmGi6k-ct5UkakbTqKX7y7Mlf&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8E3SgcEsFX&p=https%3A//medodo.gen.tr&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d12d58ed34ec144c604e4023e788ac6012c6a618180800b3801a4b9b6e5f2473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 03:59:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8151
x-xss-protection: 0
server: cafe
etag: 18239414460274282579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 03:59:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 3942 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 13:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 13:25:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 3942 20 KB
8 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:32:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3942 0
0 46ms
18ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5729PE9KCOPwRUscZnOy_O_R4V27Vmvw0Tk6FZphPKBswUPsTfFVgv6x4448mUjF64ZnS1BXEy3EmSknYeFUBn56_dg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=90&adk=3047021595&adf=2709691283&pi=t.aa~a.3346274810~rp.1&daaos=1678624934481&w=1200&fwrn=4&fwrnh=100&lmt=1678700729&rafmt=1&to=qs&pwprc=9764909401&format=1200x90&url=https%3A%2F%2Fmedodo.gen.tr%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700729134&bpp=1&bdt=753&idt=-M&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b3c78446cb7b9d9-229427434ddd00aa%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MbLQWQ40tAkln1ajApneZQ43-SBgQ&gpic=UID%3D00000bc5740238e4%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MYckaBFq_VptcxYdGu66rEdwwGVWQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=8538797762317&frm=20&pv=1&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&psts=AD37Y7sLePhkRLwdYMZOXo-IskmQy4tcu8AvIo9RGMrrMCaiTgz0OZpqGjtlv4zcmGi6k-ct5UkakbTqKX7y7Mlf&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8E3SgcEsFX&p=https%3A//medodo.gen.tr&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3942 158 KB
49 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Mar 2023 09:45:30 GMT

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DEE 36 KB
14 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 17:26:18 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 3059 2 KB
3 KB 59ms
30ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kqhrfvtdvrvhxzx2xngftjd7whjm2za3a77fa2nkdsfgy73fhm68d9arf4d1m53smz32evwej9s43x2zj2923wqt5ps7zfz3xsvdrak65mez3pbvc2v2aqq3x63c9kdzktq1gk4g6rfs0fb34z1tpe2dw22ak93n90rkd804wad2wp2vth1qwdg8nwv7gvc8snjhe9v1pkxtxv14p91pcq6z8x4zr4evg5c7gtzggjhpm19b4qk0xg7xg244fkbzbjdp8zq1vyd47qy7536v1zxtmfpcjr7535ecbpgw0qzxw9tq50yb87v6p43gswgfv9wpwm0bsxe3pz99pq00k05xjd9x09jtetc90fhts3mw3w5pnp81d6d66ehnqad5yq13wx5p6zj9jy46vmsr4evjrpsg86ms0b3pvxz0gn5xdzqdpqd80qgczpgwhzpgyrpmzrb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%26client%3Dca-pub-3511830694161206%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

babd5b737cbf191aef3df197d99a7914f907c0ffc2386f9733758879431aa656

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a73582bcc95924d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 09:45:30 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5106 1 KB
643 B 9ms
8ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 06:41:34 GMT
etag: 48472445140208031
expires: Tue, 14 Mar 2023 06:41:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3942 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b758ad4347ec22789e50e1582bacd83c3378835ac90856ce26598d335c07b426

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 720A 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QFCEAAAAAENb4QDAECg0QFSEAAAAAAAAuQDAECg0QFiEAAAAAAAAcQDAECg0QGCEAAACZmSGJQDAECg0QMiEAAAAAAIBCQDAECg0QMyEAAAAAAIBCQDAECg0QNCEAAAAAAIBCQDAECg0QNSEAAAAAAIBCQDAECg0QNiEAAAAAAIBCQDAECg0QNyEAAAAAAIBCQDAECg0QOCEAAAAAAMBNQDAECg0QOSEAAAAwM7NQQDAECg0QOiEAAAAwMxNRQDAECg0QOyEAAACamelwQDAECg0QPCEAAACamelwQDAECg0QPSEAAADMzPRwQDAECg0QPiEAAABmZuKIQDAECg0QPyEAAABmZuKIQDAECg0QQCEAAAAAADiJQDAEEhpDSTJROThUUDJQMENGUXE2bWdvZHNDUUhXUSIJZ3BhL21vbnRlKAw=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a1bcd720d76fe498b484a6335c7fbb84.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 09:45:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3942 0
18 B 51ms
51ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQNy2ufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwAFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5h-PtdZqdlwoH1LHbKBCJ5Rmt0He1i_HadCiRIJdwh72P3lCDA6-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM1MTE4MzA2OTQxNjEyMDYYAA&sigh=Hp9C09PBDgg&uach_m=[UACH]&cid=CAQSOwDUE5ymbkpkThSetLuxrDl12mgGF-dtggLV9SKHNiPmOENUuzPbiB6c1VbUN7uAng-7RkyaK0TLwFMhGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=90&adk=3047021595&adf=2709691283&pi=t.aa~a.3346274810~rp.1&daaos=1678624934481&w=1200&fwrn=4&fwrnh=100&lmt=1678700729&rafmt=1&to=qs&pwprc=9764909401&format=1200x90&url=https%3A%2F%2Fmedodo.gen.tr%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700729134&bpp=1&bdt=753&idt=-M&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b3c78446cb7b9d9-229427434ddd00aa%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MbLQWQ40tAkln1ajApneZQ43-SBgQ&gpic=UID%3D00000bc5740238e4%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MYckaBFq_VptcxYdGu66rEdwwGVWQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=8538797762317&frm=20&pv=1&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&psts=AD37Y7sLePhkRLwdYMZOXo-IskmQy4tcu8AvIo9RGMrrMCaiTgz0OZpqGjtlv4zcmGi6k-ct5UkakbTqKX7y7Mlf&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8E3SgcEsFX&p=https%3A//medodo.gen.tr&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 13 Mar 2023 09:45:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 3942 0
103 B 50ms
19ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g33236920nna2qtrrv3am05rkdbk98acdr9rrjzks08g1kvk12zm0zyehzeymp0kcmaq532s1dk7m8g151shwkv4ezbx95wp8bkb2z9vjc1wqe5hbsf88hpr7y6rhpgy278ejrxssqcygcc0208sz6997vzrs404vt0vddzfejjayq5mrsgsx3hftds509mct2e5dcgr55veke5mdjwtqjjkzpzv3k42tc06n2n007qnqgx4mj5gqrmx1cz74frsxad0qnfmspfk40zpg8rner5pp8q2zy0pym2j7w5hy6mttzm4pw5q5ym889w47nett4fhw5b2p6pnp8wx6cj122h6kxpfm5sdseatfmcjxckfmpc4ppfh0jnww85vmdzmspht5zhjca3tmg&b=ZA7wuQAFiegKmtOQAAGYMayCA5isb1PAVbcgwQ&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=90&adk=3047021595&adf=2709691283&pi=t.aa~a.3346274810~rp.1&daaos=1678624934481&w=1200&fwrn=4&fwrnh=100&lmt=1678700729&rafmt=1&to=qs&pwprc=9764909401&format=1200x90&url=https%3A%2F%2Fmedodo.gen.tr%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678700729134&bpp=1&bdt=753&idt=-M&shv=r20230308&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b3c78446cb7b9d9-229427434ddd00aa%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MbLQWQ40tAkln1ajApneZQ43-SBgQ&gpic=UID%3D00000bc5740238e4%3AT%3D1678700728%3ART%3D1678700728%3AS%3DALNI_MYckaBFq_VptcxYdGu66rEdwwGVWQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=8538797762317&frm=20&pv=1&ga_vid=2036871709.1678700729&ga_sid=1678700729&ga_hid=864034401&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072649%2C31072791&oid=2&psts=AD37Y7sLePhkRLwdYMZOXo-IskmQy4tcu8AvIo9RGMrrMCaiTgz0OZpqGjtlv4zcmGi6k-ct5UkakbTqKX7y7Mlf&pvsid=2309703544583366&tmod=939287527&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8E3SgcEsFX&p=https%3A//medodo.gen.tr&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Mar 2023 09:45:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 66B3 42 B
174 B 45ms
43ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukrtGv9uUx0uRhSJeqBxt4zGcA-ehfH9Jxc7tdwU9DCexhsI2cHLyMcN87vmnVJA0eWPQt_OhoZzMEqfQu4KDXPVpnxngCb2Mg2Xz5_1F8yuUDr6G-dFxMWHMVTQ03x7tf765Khw&sai=AMfl-YTgq3TQknao7Gvg2b3YlAsN0R0irEBothr0byfmdgQN9R7ovH35f_JSnve2NzRc3B5v26kzH7mA3pC5&sig=Cg0ArKJSzGRoHr-fDZtzEAE&cid=CAQSGwDUE5ym4G7QiscbGw1bOaoUuKwEz7VBovQarRgB&id=lidar2&mcvt=1013&p=0,0,280,1200&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3690125967&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678700728643&rpt=561&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 09:45:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5106
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENbGht9DhsHML15rD1etpUM&google_cver=1&google_push=Aa02lx8s5JWPHnBZ-Gusj6Yz4OK1-K83LyER68W3TCmqc9hBkHIPcAmugSJ-k8T5YrVKKl-ajFNflHzrlSGtFeo_MD-UTTOpCHnWi0Jr
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzEwMzc3Mzk0MDI2NTkzMjY4Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENbGht9DhsHML15rD1etpUM&google_cver=1

43 B
398 B

75ms
17ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENbGht9DhsHML15rD1etpUM&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 13 Mar 2023 09:45:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 09:45:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENbGht9DhsHML15rD1etpUM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5106
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESENetFXK1ssCAU4HDkijJuEo&google_cver=1&google_push=Aa02lx951qpgaVhWdPmoMncSMU_ZUKUMwLG-ZpYrnHL-fEBxzUuwMp-2951FBcg8a867R-_-znDnNsE3KtcIVDvC...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=flmLNiy8SKGU1ululdhmqQ2&google_push=Aa02lx951qpgaVhWdPmoMncSMU_ZUKUMwLG-ZpYrnHL-fEBxzUuwMp-2951FBcg8a867R-_-znDnNsE3KtcIVDvCqZ-uhzc97gfzI7g

170 B
232 B

297ms
27ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=flmLNiy8SKGU1ululdhmqQ2&google_push=Aa02lx951qpgaVhWdPmoMncSMU_ZUKUMwLG-ZpYrnHL-fEBxzUuwMp-2951FBcg8a867R-_-znDnNsE3KtcIVDvCqZ-uhzc97gfzI7g

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 09:45:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 13 Mar 2023 09:45:30 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=flmLNiy8SKGU1ululdhmqQ2&google_push=Aa02lx951qpgaVhWdPmoMncSMU_ZUKUMwLG-ZpYrnHL-fEBxzUuwMp-2951FBcg8a867R-_-znDnNsE3KtcIVDvCqZ-uhzc97gfzI7g
x-host: tde-deliveryengine-production-86c874c4d8-8d9gr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5106
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAR1dnNVay4gWKIaebwrMfw&google_cver=1&google_push=Aa02lx-VlH7ry2qwtm-Fq06ofCZDYmQDbIv7OKhruyWVU1NZDOgJjtFYDOalKYC98vTXBM5vnSDrZQJY6hzRbSjCORpJ...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAR1dnNVay4gWKIaebwrMfw&google_cver=1&google_push=Aa02lx-VlH7ry2qwtm-Fq06ofCZDYmQDbIv7OKhruyWVU1NZDOgJjtFYDOalKYC98vTXBM5vnSDrZQJY6hzRbS...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-VlH7ry2qwtm-Fq06ofCZDYmQDbIv7OKhruyWVU1NZDOgJjtFYDOalKYC98vTXBM5vnSDrZQJY6hzRbSjCORpJZyQ-A3kmDfv3&google_hm=mKdMOu4DR2yeeBiiQg0...

170 B
232 B

297ms
55ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-VlH7ry2qwtm-Fq06ofCZDYmQDbIv7OKhruyWVU1NZDOgJjtFYDOalKYC98vTXBM5vnSDrZQJY6hzRbSjCORpJZyQ-A3kmDfv3&google_hm=mKdMOu4DR2yeeBiiQg0YeQ==

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 09:45:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-VlH7ry2qwtm-Fq06ofCZDYmQDbIv7OKhruyWVU1NZDOgJjtFYDOalKYC98vTXBM5vnSDrZQJY6hzRbSjCORpJZyQ-A3kmDfv3&google_hm=mKdMOu4DR2yeeBiiQg0YeQ==
date: Mon, 13 Mar 2023 09:45:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5106
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA43pdy8Q3E4iQiO-lMzgqI&google_cver=1&google_push=Aa02lx-SSip9WcO-waJQyoTeuiUk2krm1fXfPrHB-TZej-tE-eM8k0xH7B8YGbIRnoao-X5ZYDhHKIL4...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA43pdy8Q3E4iQiO-lMzgqI&google_cver=1&google_push=Aa02lx-SSip9WcO-waJQyoTeuiUk2krm1fXfPrHB-TZej-tE-eM8k0xH7B8YGbIRnoao-X5ZYDh...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU2NjA2NjMyNjIxMDU4MzMyMA&google_push=Aa02lx-SSip9WcO-waJQyoTeuiUk2krm1fXfPrHB-TZej-tE-eM8k0xH7B8YGbIRnoao-X5ZYDhHKI...

170 B
232 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU2NjA2NjMyNjIxMDU4MzMyMA&google_push=Aa02lx-SSip9WcO-waJQyoTeuiUk2krm1fXfPrHB-TZej-tE-eM8k0xH7B8YGbIRnoao-X5ZYDhHKIL45bneO5LfheP9AKzt_HQtcxdh

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 09:45:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 09:45:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU2NjA2NjMyNjIxMDU4MzMyMA&google_push=Aa02lx-SSip9WcO-waJQyoTeuiUk2krm1fXfPrHB-TZej-tE-eM8k0xH7B8YGbIRnoao-X5ZYDhHKIL45bneO5LfheP9AKzt_HQtcxdh
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5106
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDB-WvDPzG1O6G5567so2hQ&google_cver=1&google_push=Aa02lx9tR8HhpA33exwbGxDrqF1q6HIPcG_SF7saMiBWZ1D0fSsvtqm2NO8rZxktwhe4ajyDd5Q...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY2TjJMREEtMTEtSFJDVA==&google_push=Aa02lx9tR8HhpA33exwbGxDrqF1q6HIPcG_SF7saMiBWZ1D0fSsvtqm2NO8rZxktwhe4ajyDd5Q1G6BFO9TpH-Jukb2a4OEsNpzTpKVW

170 B
232 B

278ms
28ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY2TjJMREEtMTEtSFJDVA==&google_push=Aa02lx9tR8HhpA33exwbGxDrqF1q6HIPcG_SF7saMiBWZ1D0fSsvtqm2NO8rZxktwhe4ajyDd5Q1G6BFO9TpH-Jukb2a4OEsNpzTpKVW

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 09:45:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY2TjJMREEtMTEtSFJDVA==&google_push=Aa02lx9tR8HhpA33exwbGxDrqF1q6HIPcG_SF7saMiBWZ1D0fSsvtqm2NO8rZxktwhe4ajyDd5Q1G6BFO9TpH-Jukb2a4OEsNpzTpKVW
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5106
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEG2vmlYd64-vsBPoR1Ozj_M&google_cver=1&google_push=Aa02lx_ribkERQFzkyRmd6bHD-ztvDXyYcAqS2UhHvW7cHNQkxikfo4AZ5CAhSsL472XVMWEpDCPe6gBhv4o2CHjI...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEG2vmlYd64-vsBPoR1Ozj_M&google_cver=1&google_push=Aa02lx_ribkERQFzkyRmd6bHD-ztvDXyYcAqS2UhHvW7cHNQkxikfo4AZ5CAhSsL472XVMWEpDCPe6gBhv4o2CHjI...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_ribkERQFzkyRmd6bHD-ztvDXyYcAqS2UhHvW7cHNQkxikfo4AZ5CAhSsL472XVMWEpDCPe6gBhv4o2CHjIi5WVfNj_1h8jrDm&google_hm=GTYptGZHIcIrMexjQj...

170 B
232 B

290ms
56ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_ribkERQFzkyRmd6bHD-ztvDXyYcAqS2UhHvW7cHNQkxikfo4AZ5CAhSsL472XVMWEpDCPe6gBhv4o2CHjIi5WVfNj_1h8jrDm&google_hm=GTYptGZHIcIrMexjQjiXxhJD

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 09:45:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 13 Mar 2023 09:45:30 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_ribkERQFzkyRmd6bHD-ztvDXyYcAqS2UhHvW7cHNQkxikfo4AZ5CAhSsL472XVMWEpDCPe6gBhv4o2CHjIi5WVfNj_1h8jrDm&google_hm=GTYptGZHIcIrMexjQjiXxhJD
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5106
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIRZP6DofbhQejNck07QRv0&google_cver=1&google_push=Aa02lx87d3kC2ksgoTcB_yo_iiZ7_qBto7JgPzKtXfnG-qkdvBbMr8l_FhLH15yMSecsNeYOSKjtjbck_vRw...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx87d3kC2ksgoTcB_yo_iiZ7_qBto7JgPzKtXfnG-qkdvBbMr8l_FhLH15yMSecsNeYOSKjtjbck_vRw7lKdMsunRf1qzU9HJE4

170 B
329 B

309ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx87d3kC2ksgoTcB_yo_iiZ7_qBto7JgPzKtXfnG-qkdvBbMr8l_FhLH15yMSecsNeYOSKjtjbck_vRw7lKdMsunRf1qzU9HJE4

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 09:45:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx87d3kC2ksgoTcB_yo_iiZ7_qBto7JgPzKtXfnG-qkdvBbMr8l_FhLH15yMSecsNeYOSKjtjbck_vRw7lKdMsunRf1qzU9HJE4
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5106 0
139 B 331ms
14ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LyCCdVMqUV60aUFAZRh5ujpnXV3Tv_WKtJOE9EgOV2_MIml8bhn93VHzZuKDkAQmhahSiH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 3059 94 KB
12 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kqhrfvtdvrvhxzx2xngftjd7whjm2za3a77fa2nkdsfgy73fhm68d9arf4d1m53smz32evwej9s43x2zj2923wqt5ps7zfz3xsvdrak65mez3pbvc2v2aqq3x63c9kdzktq1gk4g6rfs0fb34z1tpe2dw22ak93n90rkd804wad2wp2vth1qwdg8nwv7gvc8snjhe9v1pkxtxv14p91pcq6z8x4zr4evg5c7gtzggjhpm19b4qk0xg7xg244fkbzbjdp8zq1vyd47qy7536v1zxtmfpcjr7535ecbpgw0qzxw9tq50yb87v6p43gswgfv9wpwm0bsxe3pz99pq00k05xjd9x09jtetc90fhts3mw3w5pnp81d6d66ehnqad5yq13wx5p6zj9jy46vmsr4evjrpsg86ms0b3pvxz0gn5xdzqdpqd80qgczpgwhzpgyrpmzrb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%26client%3Dca-pub-3511830694161206%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kqhrfvtdvrvhxzx2xngftjd7whjm2za3a77fa2nkdsfgy73fhm68d9arf4d1m53smz32evwej9s43x2zj2923wqt5ps7zfz3xsvdrak65mez3pbvc2v2aqq3x63c9kdzktq1gk4g6rfs0fb34z1tpe2dw22ak93n90rkd804wad2wp2vth1qwdg8nwv7gvc8snjhe9v1pkxtxv14p91pcq6z8x4zr4evg5c7gtzggjhpm19b4qk0xg7xg244fkbzbjdp8zq1vyd47qy7536v1zxtmfpcjr7535ecbpgw0qzxw9tq50yb87v6p43gswgfv9wpwm0bsxe3pz99pq00k05xjd9x09jtetc90fhts3mw3w5pnp81d6d66ehnqad5yq13wx5p6zj9jy46vmsr4evjrpsg86ms0b3pvxz0gn5xdzqdpqd80qgczpgwhzpgyrpmzrb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%26client%3Dca-pub-3511830694161206%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 1033919
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30PWmVeQGz%2BdkYuF9qPcwDR2OIM8QyP5t6Kuceg6nDsopdbja3xq9iB0gX3RR3tBWALYpBOrg6nOUL6ZvjKzM2Fzy6sfkkpxbA19IMVgbtWbBppiFShrZBWtDmW1Vf7NYPf8DoQAHm8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a73582c0d0b924d-FRA
expires: Mon, 13 Mar 2023 10:45:30 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 3059 35 KB
12 KB 42ms
18ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kqhrfvtdvrvhxzx2xngftjd7whjm2za3a77fa2nkdsfgy73fhm68d9arf4d1m53smz32evwej9s43x2zj2923wqt5ps7zfz3xsvdrak65mez3pbvc2v2aqq3x63c9kdzktq1gk4g6rfs0fb34z1tpe2dw22ak93n90rkd804wad2wp2vth1qwdg8nwv7gvc8snjhe9v1pkxtxv14p91pcq6z8x4zr4evg5c7gtzggjhpm19b4qk0xg7xg244fkbzbjdp8zq1vyd47qy7536v1zxtmfpcjr7535ecbpgw0qzxw9tq50yb87v6p43gswgfv9wpwm0bsxe3pz99pq00k05xjd9x09jtetc90fhts3mw3w5pnp81d6d66ehnqad5yq13wx5p6zj9jy46vmsr4evjrpsg86ms0b3pvxz0gn5xdzqdpqd80qgczpgwhzpgyrpmzrb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%26client%3Dca-pub-3511830694161206%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 314312
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6mFb6NYiTAqp%2F1CSfIulIViYbg6HeATVFN9D4x2LKhRCECYyYnJLzCBoHrQororMV%2Bme0LbpqyKt9CGfBUWUzWEUYVvWuIiINQ4VpWKycuEUmB8kqkSAa5PsAZNQuPk5zSKxnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7a73582c3d3a924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Mar 2023 22:55:34 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3059 3 KB
4 KB 271ms
21ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2949
x-guploader-uploadid: ADPycds4_fkNWsUn9dqbK6vvrl69R7e2yptmTdP7xpUchNj65TN_2MLwN7wim7e5PV-VpnLQR6Er5SZaeY4xOYgj7O9fMJM4tduP
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jm9t2mk74UCaClX4qhDssFUAiE9afOP%2FCWDh3olyz5wK37qOUa7FnbLPXcIMO5vAsRVfIWBn%2BwpgENKsY8pQkJU6WLiOBQvFREA9obvedTh01ID%2BXEsY33aYlUqyVy8BSE3f%2FfjqrjKhpNd%2BvHTrm39t"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7a73582def883671-FRA
expires: Mon, 13 Mar 2023 09:17:09 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 91A2 2 KB
1 KB 20ms
19ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 317849
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7a73582def3e2c2f-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 09:45:30 GMT
expires: Mon, 27 Feb 2023 21:37:06 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ht1a43oahLDyEuWjEBQ4a67PbYtonqROANLb0kXH%2B44UYV6npmMXQjT%2FGy%2BL0mTO4Ckn%2BNjM1KNIrZrUy8ZgUyORHid9Ywmwh1ZuXcp8nacyFaOOY%2FXNUOZzLZqrZCxU3%2B%2FlS14%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 60ms
59ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230308&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13a87651865af42687da0c62e9b98dbc23818545a21f5c711f480082b364f40d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11247
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 3059 1 KB
2 KB 31ms
30ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4545ef0210efcd3b1d83a7c54604cb12bf50fa3183fd679cd19ed01bf4f3122b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXKwDDlKxLt9L14%2BVVFxksUKQdfxMk3wGu9YSWjA0k1zzW%2FL3OG5y2L2nrnpHxb8Oes8QcITEh%2FPyogk82CutgYosHzjvR86MOevHxVZ51Q55Cx1%2FdX5HbvyjBRwTi88DjL3Ov0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7a73582e7f225cb0-FRA
x-backend-server: aa-reachservice-group-europe-west1-s8d7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 45ms
34ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a73582e4eb15cb0-FRA
content-length: 24
content-type: text/plain
date: Mon, 13 Mar 2023 09:45:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xd4ndCSkGWreVuByhZxpx5PgiOOy4V853RG6umSiG2gZQqD%2BdfoGurNlypKApMWycrvHnNZDo703lMi9menqTMqeJfjMQabzk%2FocuJaELIVc3MtdesL795tXB%2Bym97pe%2BBwrF2Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-s8d7

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Mar 2023 09:45:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CC69 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medodo.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 54885
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 18:30:45 GMT
expires: Mon, 11 Mar 2024 18:30:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 50E1 783 B
1001 B 17ms
16ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d478787eb3344fd58df3c20429320d192a5412f357980001ef1d4e10f8c64f31

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8_2KVDyxzRicNOl7RGctkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medodo.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-8_2KVDyxzRicNOl7RGctkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 09:45:30 GMT
expires: Mon, 13 Mar 2023 09:45:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame D8F8 9 KB
4 KB 32ms
32ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C157265%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CY4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=bbca2d264975aa4e482a541150c05ccc%2F11996794128003119282&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678700730653&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz00dg1heq3tx32x0befryqc7v0s995r1segmd380fk20zchwpxyf0xjk38gzdsn6c2wztvprzqqg7n8ts6vpcwg5fgpwxncf6mm70qcpgjdhmjtxzf5msey6gpz9c9prtsga004f011h5nc4hhpb31t5m1e33h553yvcpqspvgcg6seexqx4crbjdczmh8rmjyn0vbhc5xvrjrftp8c50a5t9xepqtx8bqw52tpj7y2r58d91yezavgqxcqfpqkgwkc63w3m7peqn0ek597cg3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541c5626101fe87618e3a0108f5908c1f5644c1e1c7838881a5afad07d7b95ea

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kqhrfvtdvrvhxzx2xngftjd7whjm2za3a77fa2nkdsfgy73fhm68d9arf4d1m53smz32evwej9s43x2zj2923wqt5ps7zfz3xsvdrak65mez3pbvc2v2aqq3x63c9kdzktq1gk4g6rfs0fb34z1tpe2dw22ak93n90rkd804wad2wp2vth1qwdg8nwv7gvc8snjhe9v1pkxtxv14p91pcq6z8x4zr4evg5c7gtzggjhpm19b4qk0xg7xg244fkbzbjdp8zq1vyd47qy7536v1zxtmfpcjr7535ecbpgw0qzxw9tq50yb87v6p43gswgfv9wpwm0bsxe3pz99pq00k05xjd9x09jtetc90fhts3mw3w5pnp81d6d66ehnqad5yq13wx5p6zj9jy46vmsr4evjrpsg86ms0b3pvxz0gn5xdzqdpqd80qgczpgwhzpgyrpmzrb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%26client%3Dca-pub-3511830694161206%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a73582eb88c2c2f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 09:45:30 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame D8F8 94 KB
12 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C157265%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CY4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=bbca2d264975aa4e482a541150c05ccc%2F11996794128003119282&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678700730653&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz00dg1heq3tx32x0befryqc7v0s995r1segmd380fk20zchwpxyf0xjk38gzdsn6c2wztvprzqqg7n8ts6vpcwg5fgpwxncf6mm70qcpgjdhmjtxzf5msey6gpz9c9prtsga004f011h5nc4hhpb31t5m1e33h553yvcpqspvgcg6seexqx4crbjdczmh8rmjyn0vbhc5xvrjrftp8c50a5t9xepqtx8bqw52tpj7y2r58d91yezavgqxcqfpqkgwkc63w3m7peqn0ek597cg3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C157265%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CY4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=bbca2d264975aa4e482a541150c05ccc%2F11996794128003119282&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678700730653&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz00dg1heq3tx32x0befryqc7v0s995r1segmd380fk20zchwpxyf0xjk38gzdsn6c2wztvprzqqg7n8ts6vpcwg5fgpwxncf6mm70qcpgjdhmjtxzf5msey6gpz9c9prtsga004f011h5nc4hhpb31t5m1e33h553yvcpqspvgcg6seexqx4crbjdczmh8rmjyn0vbhc5xvrjrftp8c50a5t9xepqtx8bqw52tpj7y2r58d91yezavgqxcqfpqkgwkc63w3m7peqn0ek597cg3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 316259
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7O7Eu7q5t0B5MW8%2BvnCXn7wvZrp4dlVKEZE866DwxgmWs7SIziw2Rn0wqLDstaiN05QKIo4DoZf0qJ%2B1ZoHZjAeI7Ihdfhou1RMndqeq1e0%2BSlV%2B2WdgVov9aQGKhVhGwLF1wa8Z%2BQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a73582f090e2c2f-FRA
expires: Mon, 13 Mar 2023 10:45:30 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame D8F8 2 KB
3 KB 114ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C157265%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CY4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=bbca2d264975aa4e482a541150c05ccc%2F11996794128003119282&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678700730653&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz00dg1heq3tx32x0befryqc7v0s995r1segmd380fk20zchwpxyf0xjk38gzdsn6c2wztvprzqqg7n8ts6vpcwg5fgpwxncf6mm70qcpgjdhmjtxzf5msey6gpz9c9prtsga004f011h5nc4hhpb31t5m1e33h553yvcpqspvgcg6seexqx4crbjdczmh8rmjyn0vbhc5xvrjrftp8c50a5t9xepqtx8bqw52tpj7y2r58d91yezavgqxcqfpqkgwkc63w3m7peqn0ek597cg3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2041862
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19A1Z%2BM1k2y50Gt4le31CfOiF8z1nWX%2B37tkO1o36X%2Bi6yv2B8GGJtp5CvnzFqY5kB9DvQVd5dtp1kMiF8vZab3kMGgtArUENxXUzeaeRKU3MXZpoTSfg4f2AlaaFI20DjxwNV%2B%2FcWBzJOeh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a73582f997f924d-FRA
expires: Tue, 14 Mar 2023 09:45:30 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame D8F8 339 KB
340 KB 103ms
19ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C157265%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CY4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=bbca2d264975aa4e482a541150c05ccc%2F11996794128003119282&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678700730653&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz00dg1heq3tx32x0befryqc7v0s995r1segmd380fk20zchwpxyf0xjk38gzdsn6c2wztvprzqqg7n8ts6vpcwg5fgpwxncf6mm70qcpgjdhmjtxzf5msey6gpz9c9prtsga004f011h5nc4hhpb31t5m1e33h553yvcpqspvgcg6seexqx4crbjdczmh8rmjyn0vbhc5xvrjrftp8c50a5t9xepqtx8bqw52tpj7y2r58d91yezavgqxcqfpqkgwkc63w3m7peqn0ek597cg3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1345362
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az2g1WhG4cYKntzohUO2Zwgz6qlQFfcNXT3XVYLxqazOfqywvD2rVt7X07gdhUEuxTkWfdpHkVXBzAwlqWbON9hN4oj2ggkX5IHzGrsnNzMLg%2FX5Bnwsg%2BNz4kTs6YKOPJXz%2FsI0ZZf8miYZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a73582f997c924d-FRA
expires: Tue, 14 Mar 2023 09:45:30 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D8F8 43 B
705 B 125ms
66ms Image
image/gif 95.100.75.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C157265%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CY4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=bbca2d264975aa4e482a541150c05ccc%2F11996794128003119282&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678700730653&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz00dg1heq3tx32x0befryqc7v0s995r1segmd380fk20zchwpxyf0xjk38gzdsn6c2wztvprzqqg7n8ts6vpcwg5fgpwxncf6mm70qcpgjdhmjtxzf5msey6gpz9c9prtsga004f011h5nc4hhpb31t5m1e33h553yvcpqspvgcg6seexqx4crbjdczmh8rmjyn0vbhc5xvrjrftp8c50a5t9xepqtx8bqw52tpj7y2r58d91yezavgqxcqfpqkgwkc63w3m7peqn0ek597cg3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.100.75.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-75-47.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Mar 2023 09:45:30 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame D8F8 53 KB
54 KB 99ms
15ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C157265%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CY4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=bbca2d264975aa4e482a541150c05ccc%2F11996794128003119282&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678700730653&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz00dg1heq3tx32x0befryqc7v0s995r1segmd380fk20zchwpxyf0xjk38gzdsn6c2wztvprzqqg7n8ts6vpcwg5fgpwxncf6mm70qcpgjdhmjtxzf5msey6gpz9c9prtsga004f011h5nc4hhpb31t5m1e33h553yvcpqspvgcg6seexqx4crbjdczmh8rmjyn0vbhc5xvrjrftp8c50a5t9xepqtx8bqw52tpj7y2r58d91yezavgqxcqfpqkgwkc63w3m7peqn0ek597cg3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1345716
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uj63eVA0QZgcKNYpG2MzxCYhx65psiv2%2FO0%2FO5d%2FUZGjsqFXAMe391s0v39ho24Dc8z9Zx0%2Bv8jivznteSV78JDt3Uh03N1vQ%2FTOib6quvmEG%2FS6sCQo8NWY1l%2BpEqT8HalTlCMSt3DjsyPR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a73582f9980924d-FRA
expires: Tue, 14 Mar 2023 09:45:30 GMT

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame D8F8 23 KB
23 KB 109ms
26ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C157265%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CY4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=bbca2d264975aa4e482a541150c05ccc%2F11996794128003119282&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678700730653&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz00dg1heq3tx32x0befryqc7v0s995r1segmd380fk20zchwpxyf0xjk38gzdsn6c2wztvprzqqg7n8ts6vpcwg5fgpwxncf6mm70qcpgjdhmjtxzf5msey6gpz9c9prtsga004f011h5nc4hhpb31t5m1e33h553yvcpqspvgcg6seexqx4crbjdczmh8rmjyn0vbhc5xvrjrftp8c50a5t9xepqtx8bqw52tpj7y2r58d91yezavgqxcqfpqkgwkc63w3m7peqn0ek597cg3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2178846
cf-polished: qual=85, origFmt=jpeg, origSize=132437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23154
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBddnou5vxfpe6nPhvuIkM4pHvWw%2FZsfOX9WdzBo7IsSTDxLY1AeP6r6Moq6bObhU2ym3zfZPHdAytlEonqbQm5bZ5e8%2FxTnOJ5BHaSPMtiBA725ht2vaJNr5BUK4gyBT2IHadN%2FYAr1tB0e"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a73582f9982924d-FRA
expires: Tue, 14 Mar 2023 09:45:30 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame D8F8
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMP698XP2P0CFVGE_QcdZu0G7g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023031310453182778777145X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suit...

49 B
1 KB

62ms
20ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023031310453182778777145X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023031310453182778777145X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C157265%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CY4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=bbca2d264975aa4e482a541150c05ccc%2F11996794128003119282&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678700730653&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz00dg1heq3tx32x0befryqc7v0s995r1segmd380fk20zchwpxyf0xjk38gzdsn6c2wztvprzqqg7n8ts6vpcwg5fgpwxncf6mm70qcpgjdhmjtxzf5msey6gpz9c9prtsga004f011h5nc4hhpb31t5m1e33h553yvcpqspvgcg6seexqx4crbjdczmh8rmjyn0vbhc5xvrjrftp8c50a5t9xepqtx8bqw52tpj7y2r58d91yezavgqxcqfpqkgwkc63w3m7peqn0ek597cg3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 09:45:31 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023031310453182778777145X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023031310453182778777145X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218
date: Mon, 13 Mar 2023 09:45:31 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame D8F8 44 KB
44 KB 107ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C157265%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CY4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=bbca2d264975aa4e482a541150c05ccc%2F11996794128003119282&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678700730653&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz00dg1heq3tx32x0befryqc7v0s995r1segmd380fk20zchwpxyf0xjk38gzdsn6c2wztvprzqqg7n8ts6vpcwg5fgpwxncf6mm70qcpgjdhmjtxzf5msey6gpz9c9prtsga004f011h5nc4hhpb31t5m1e33h553yvcpqspvgcg6seexqx4crbjdczmh8rmjyn0vbhc5xvrjrftp8c50a5t9xepqtx8bqw52tpj7y2r58d91yezavgqxcqfpqkgwkc63w3m7peqn0ek597cg3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1865841
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRvgjeddMO1ut%2FxmRCO6th0shatkMx0yLsnHp8sag%2B7pt5Tb8deHi%2Bl1zLk7gptRh7BdSJfqrER819yRxB80CnYfHLxy2mgzo%2F659DUNU7v3gkNomHt643syUK%2FjV0IikNlVIA732ToFV1BR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a73582f9983924d-FRA
expires: Tue, 14 Mar 2023 09:45:30 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame D8F8 222 KB
222 KB 108ms
26ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C157265%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CY4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=bbca2d264975aa4e482a541150c05ccc%2F11996794128003119282&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678700730653&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz00dg1heq3tx32x0befryqc7v0s995r1segmd380fk20zchwpxyf0xjk38gzdsn6c2wztvprzqqg7n8ts6vpcwg5fgpwxncf6mm70qcpgjdhmjtxzf5msey6gpz9c9prtsga004f011h5nc4hhpb31t5m1e33h553yvcpqspvgcg6seexqx4crbjdczmh8rmjyn0vbhc5xvrjrftp8c50a5t9xepqtx8bqw52tpj7y2r58d91yezavgqxcqfpqkgwkc63w3m7peqn0ek597cg3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoXUHufAOZOiTFpCn6wSxsAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQIOFLssD9uxPqgDAaoEwwFP0EuZASKY3sP1Uj5pdU3LXtH1eavx_h9T8dQ08wPfhmMS8xmt5h_4KZarYp8xbPrvkQxCMZUaZWAKkNSBeQ0RZxPQJU1oxh2U06IOeUc403wsibkSfjSY-wflQq1Na-BywyZ48Er8-748P8tUUgoODH5CJRzBlMLpdQw0S9SFVNOmAh4CmFhDWQdoV8CC66IJ92GicPMwHEq5xeHM501kEErPU_lN8lkbFyC52tq_pekH9OrYsm_kmZGXC4wcQ2cLV2-ABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pwex7aZgNBzHdt5anoZX_cy4Yog%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307213
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMaS04LywaWcbJCvjM1X0daaI9ezoeKskJU0ouxUOEsg%2BRQabDHvmJNuIBsjWY7tDUGdLAbvCLMjsGSXh9CAtAt6cgjTqD2Rqi9bKCD%2FgVbIcXbClpGbqmawChTsZTFJCxdRfjMPOH0t7Mp3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a73582f9984924d-FRA
expires: Tue, 14 Mar 2023 09:45:30 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame D8F8
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1678700730_caf3df50-c183-11ed-b09e-2262db7920ac&insert=AW&&gdpr=0&gdpr_consent=

0
1018 B

56ms
24ms

Image
text/plain

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1678700730_caf3df50-c183-11ed-b09e-2262db7920ac&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=9N_uVZh.S2FCoK_d7OW2wJMDI9IruUaAthLEZfE3ORk-1678700730-0-AWuguiesh-yKmeko2QqnFo-dUHEj5aH-BS4POW70_QtR3PbVoDNKh6ka9UFfAMmUsoETfzgPBW7mx-BvPoXRH1iaB0vwSLrGK1URpDhti8oxb27avtbsZUgwm1V1LCSqkg; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=9N_uVZh.S2FCoK_d7OW2wJMDI9IruUaAthLEZfE3ORk-1678700730-0-AWuguiesh-yKmeko2QqnFo-dUHEj5aH-BS4POW70_QtR3PbVoDNKh6ka9UFfAMmUsoETfzgPBW7mx-BvPoXRH1iaB0vwSLrGK1URpDhti8oxb27avtbsZUgwm1V1LCSqkg"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control: no-cache
cf-ray: 7a73582ffb4a9205-FRA
content-length: 0
expires: -1

Redirect headers

Date: Mon, 13 Mar 2023 09:45:30 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1678700730_caf3df50-c183-11ed-b09e-2262db7920ac&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 50E1 0
0 41ms
40ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230308&jk=2309703544583366&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame CC69 36 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 17:26:18 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CC69 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?le_icA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:45:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 720A 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuz031dGxotHdnvq2fqeifFtACajcj20h_9Gv3-w3qUtc3MBQU7tnmn5A1sCmylCBuqNgdNfEiskRICqRKZbnhUbVGT76xt59Zh7lkQRn2iGFfT0jBAq3xvxTdUrIDElNv4Mf0FnQ&sai=AMfl-YQMfdmpmbwTNIfiraFXS6e2rtjdDUL4WoxVBbW3coF6QyR19_h0RhfnRYSyLuU3XMSl6YsUwhM3p20-&sig=Cg0ArKJSzLdityRKQpBhEAE&cid=CAQSGwDUE5ymu47rUVh_zal7U6brpjmxA7N9sy5IQRgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=561,1001,1001,1001,1001&tos=561,440,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=318159121&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678700729275&rpt=805&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 09:45:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 42ms
42ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230308&jk=2309703544583366&bg=!CgmlCV3NAAZKh9k7aoc7ADkAdvg8Wr5NpkCzqphrTqxTRHUcXiJya60Ac69aws5dQI6IauXkSEH3OSZEUk0wMTQXy-QZaOcX-M4CAAAAtlIAAAADaAEHCgBMR_K5EGSRwJnkbKhOeWhqg9PdrMHJdED163ZbLsIy_d4fEhZyhyay_OTA-WCzPx87_OdifjoL5K4e7I2ezHq3MHSWLtUZ3ZrthhGEE5kC74jK2PKGAWUTFTZfsQYIJCE9l99iK1Fr7uaDRoE28Tm3mBTvhRrbrqqs30QQvks4nfxiH46TAjq2C4I4PT7nfWUhJoOoC_4jWxwZAq1ei-ejHcWHP0rk_kRgjFv6AJ60zD12T-Lzp04Nl49Eb4-zpGoGhSrot6A4Xec2pMCBWeYpMUpbtO-MW0xfc2q-S6xY3l65YGhIct75oWcPX0a5HWSyDpGrBC3rXAHwk_uziBi7e5xtYix9lzTLkAcFSN8ThMZIfg46ZVPuXDEoYUXr8u_KrDeXt0gIxyCI-HCWUT_cXO_QRIlolXc1o0oNc2bAUx6MuvzlWEhndwmpZhAeOWsrDv51YcmhcztEOf3mMnAONWjYBNb8yVbVFHk0qhymhb2ligD4Pur8-4iyVam8SxPdH2Xuv0Zh04XvMZ40Rzm1rUruHkYjzqPSUFDRTomWq42B3CuCydtNxBy_vON170FruJOyEG7yWwvz9TRWNoYf-k2iKhvAi1Zt27gcNmFCCKsb60_npMiRA8vxxRT2ztNMrYrBfJxqGne0uwhZVv6DlalmW_elfbR8_FDI0r6913wmR4OY-3jkv0--g8DCdsSJ36lydTFO5t7ZQdjN3DEGgMFleyUI8M-KyLBMT9FGGrs8DCRAF-UpOG5V486a-cUU5eUkgaOp8tkCZYuIgFF9qPdwlFZO-2fZAW7bf5Kp3l47XuYFkvfbK3cGv-mopE7a77NgmAwOaweYgcxqDS1SYu7TKOzAq9Pp5z333EErzOKRnG-6so7CYj6cWdxeHr2cy9sjMzgMiD4u3USPAVnCLUiJfhCtMtLSBgDIL_CfeAnwJD8lTJnI2ewZCadK7G6J24kteffj-H4qC6gH_r2H6FOmTGQpCUiTgcgXVH72HnghQc7Oag6Al1XwlWkLKSwmj7bMClAFI9ska_w9cWs2GXHZox5ce-vtnFwHAxEoE9XWUdGkL_OzRdVs7GMMIntzWRsiHKbfFRIjoxP2Okk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medodo.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.portugals.icu/	1970-01-20 11:01:32	Name: uuid Value: 044a36b5-3176-4f80-8fbb-678368052132
.parkaevant.pp.ua/	1970-01-20 11:01:32	Name: uuid Value: b74c8a03-a94d-497e-90e8-92542e676961
.medodo.gen.tr/	1970-01-20 19:39:56	Name: __gads Value: ID=1b3c78446cb7b9d9-229427434ddd00aa:T=1678700728:RT=1678700728:S=ALNI_MbLQWQ40tAkln1ajApneZQ43-SBgQ
.medodo.gen.tr/	1970-01-20 19:39:56	Name: __gpi Value: UID=00000bc5740238e4:T=1678700728:RT=1678700728:S=ALNI_MYckaBFq_VptcxYdGu66rEdwwGVWQ
.doubleclick.net/	1970-01-20 19:39:56	Name: IDE Value: AHWqTUnY1aS3etbQqTIoz6sbZA_NGpe5fh4Q-Z2rg_Mp5gzfPUTh3RTToaVF1Ouh7pc
.travelaudience.com/	1970-01-20 19:50:01	Name: _tracker Value: %7B%22UUID%22%3A%227E598B36-2CBC-48A1-94D6-E96E95D866A9%22%7D
.bidswitch.net/	1970-01-20 19:03:56	Name: tuuid Value: 98a74c3a-ee03-476c-9e78-18a2420d1879
.bidswitch.net/	1970-01-20 19:03:56	Name: c Value: 1678700730
.bidswitch.net/	1970-01-20 19:03:56	Name: tuuid_lu Value: 1678700730
.lijit.com/	1970-01-20 19:03:56	Name: ljt_reader Value: GTYptGZHIcIrMexjQjiXxhJD
.bidswitch.net/	1970-01-20 10:18:21	Name: google_push Value: Aa02lx-VlH7ry2qwtm-Fq06ofCZDYmQDbIv7OKhruyWVU1NZDOgJjtFYDOalKYC98vTXBM5vnSDrZQJY6hzRbSjCORpJZyQ-A3kmDfv3
.adform.net/	1970-01-20 11:02:59	Name: C Value: 1
.adform.net/	1970-01-20 11:44:44	Name: uid Value: 1566066326210583320
.turn.com/	1970-01-20 14:37:32	Name: uid Value: 7103773940265932682
.awin1.com/	1970-01-20 10:22:39	Name: awpv11354 Value: 412871\|1678700730\|caf3df50-c183-11ed-b09e-2262db7920ac
.awin1.com/	1970-01-20 10:21:13	Name: awpv20044 Value: 412871\|1678700730\|caf42d71-c183-11ed-b339-2265b7c46fb7
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
www.conrad.de/	1970-01-20 10:22:39	Name: HTLP_timestamp Value: 1678700730888
www.conrad.de/	1970-01-20 10:22:39	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 10:18:22	Name: __cf_bm Value: cH6oEg9lj8ZIGJbb.rtQ.UVnlYq33ccVhhDSdczKYYE-1678700730-0-ATt9JVOhHMwg1ja/nGAb1//ukJtH295m35bvAuHT0CgOSqGQZPnN270jAbSZO2sC9wN1iA2icpmJz6KoXC2cA9A=
.o2online.de/	1970-01-20 10:28:25	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY3ODcwMDczMXZsZWExZGUyMDIzMDMxMzEwNDUzMTgyNzc4Nzc3MTQ1WDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWR4bURGUWZBZld6NGVjUEhkSHp0UXRSUmdjN1M2VEtLcHMxN3hkb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEyMV9CRVNUUEVSRk9STUVSMTE3NzAz
.o2online.de/	1970-01-20 10:28:25	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 10:28:25	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023031310453182778777145X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY3ODcwMDczMXZsZWExZGUyMDIzMDMxMzEwNDUzMTgyNzc4Nzc3MTQ1WDExNzcwM1YxMjI2MTMyNzAyT

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=318159121&client=ca-pub-3511830694161206&fa=1&ifi=6&uci=a!6&btvi=3&xpc=KpugpB3Dfd&p=https%3A//medodo.gen.tr Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.turn.com
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
as.ad4m.at
assets.ad4m.at
c1.adform.net
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
medodo.gen.tr
onetag-sys.com
pagead2.googlesyndication.com
parkaevant.pp.ua
partner.googleadservices.com
partner.o2online.de
pixel.rubiconproject.com
portugals.icu
prod-rtb.ad4mat.net
r.turn.com
static-de.ad4mat.net
static.doubleclick.net
tpc.googlesyndication.com
www.awin1.com
www.conrad.de
www.google.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
134.209.192.77
142.250.186.98
167.233.13.224
172.217.18.6
18.196.120.245
185.177.92.29
216.52.2.48
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:3034::6815:4934
2606:4700::6812:7f05
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2001
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
35.190.0.66
37.157.4.23
46.228.164.11
51.89.9.252
69.173.144.138
84.200.5.215
95.100.75.47
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13a87651865af42687da0c62e9b98dbc23818545a21f5c711f480082b364f40d
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38a267bdbcf66b8a91fe7208aa5129b11b1febd21537e9ee655885bbef69b724
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3e1eaa75648b2728ccef89c502b2e4fb5ce82de5d44b10e6e4646b80f4e181de
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c
4545ef0210efcd3b1d83a7c54604cb12bf50fa3183fd679cd19ed01bf4f3122b
46c4bac7fbec865c6e63cc0c6d3379c0605b6975a1afbf9911ae1cc9df4ad906
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
51ca2c00a3e30945e52227147fed9e296dde03af3c4d7589e8e95ca5740037db
541c5626101fe87618e3a0108f5908c1f5644c1e1c7838881a5afad07d7b95ea
542d343d39243359b90273983d90e0d211a2e1f2a09518d6f1746c3a3d2ba3fe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57be14a02baed5ba7f790d84d02ce8ce7b891db4fdfaf444e121e12c08366940
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621a5d844b317e77af4bfd1fda3a4ca35090b6b5b555ecc86c25479d035d5d46
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
737423a72d6d04cb58342821009671c36d81498a32fc4d7eed5276013998cfbe
74228d0e45ac652abf134fb83bd5971c7a29682e177ebb97e0068325080b8854
774c5f196c749476a5d9d7973043f7bc096c561b795fba6c43aaed935e9f5ccd
77effb07a1572d4ac2ed4612eb70845b0b36fe3e825db53cae1b96137fcc1953
7e231934edc88c872fabebe3e04b67b0cbc189239ce1089124414c406860d2b6
7f8835ca3867719a2fdc8640625779e802639cf39cb51045be1eed083fff4082
8332f8603549e66cbff86f70a7ad5f64021212407ea57b3ca58447deb016129d
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c
898a8209cfe241b1537d94a25d129a6a986cc50e5ae6ed42df408717e6716815
8cfee36191e74131f82df5a0cf8a0570d8bd1d6d9b2c0e1a1d1f2b6f186e4e89
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
96ab8cc4f3a7cd925e86b72b10530fc8c427bd053c1a1c858f08d53bc346f592
9960805ce672806e2f857ae08582a271184e40c45fe40d022e59e9eb5409955e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9e35d2243219d9e549a5c457cb898387fa3dc7eac43cabb41c70718c2528abca
a39b4352d9f6fa3d56076ec74024a8de66383d011d157906db4dcddfd9d75648
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2
b38bf480735ea9ba16486c96e38f0048c5a067de8bacadf74b154c496a1ca2b2
b758ad4347ec22789e50e1582bacd83c3378835ac90856ce26598d335c07b426
babd5b737cbf191aef3df197d99a7914f907c0ffc2386f9733758879431aa656
c000066f2b27add17d55cfec67196d43c6a529f550da7877663e34632c927bcf
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854
d12d58ed34ec144c604e4023e788ac6012c6a618180800b3801a4b9b6e5f2473
d478787eb3344fd58df3c20429320d192a5412f357980001ef1d4e10f8c64f31
d689ff3a9c4e7de7695a0661982019ec1e5b08f3eaee3e3373a9a9d03c6c9eff
dadd5066d84740ed0a2dee8c8a9b326d0847250bf2d1590e2a567cfa338b16c8
e045ee6bd4899826f059c42190191fdd9233c47032f0e8cd92c545205a54e259
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e76ec1cf269db0fc6dcb0625ef62393941fc0fe2010c157dd9dee0dca2f45b99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26af0f47b064938091be41a8bcfef2e33447a037886ba305187d655d1a3d9b1
f4ebbbe9e2cb7f812044295bf4773dbd8e6170652eb80e91cba87643fe176ddb
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67a4e0b1fed8fa7d9821feaab9333f0207824b68a442f23a65a0f994fdd81e4
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

medodo.gen.tr Open in urlscan Pro 2606:4700:3034::6815:4934 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

128 Requests

92 %HTTPS

53 %IPv6

25 Domains

35 Subdomains

23 IPs

5 Countries

1802 kBTransfer

3847 kBSize

23 Cookies

2 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

medodo.gen.tr Open in urlscan Pro
2606:4700:3034::6815:4934 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

92 %
HTTPS

53 %
IPv6

25
Domains

35
Subdomains

23
IPs

5
Countries

1802 kB
Transfer

3847 kB
Size

23
Cookies

128 HTTP transactions
4 data transactions