672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com Open in urlscan Pro
185.7.176.221 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/adview?a=672a7c43e4b0bcbb5fa9a0f7&r=
Submission: On November 12 via api (November 12th 2024, 8:17:40 am UTC) from TR — Scanned from US

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 185.7.176.221, located in Turkey and belongs to PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC, TR. The main domain is 672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 11th 2024. Valid for: a year.

This is the only time 672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC)
1	185.7.176.222 185.7.176.222	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC)
1 3	188.165.145.89 188.165.145.89	16276 (OVH) (OVH)
1 5	188.165.145.88 188.165.145.88	16276 (OVH) (OVH)
1	92.222.252.172 92.222.252.172	16276 (OVH) (OVH)
11	5

3 185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC, TR)

672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.165.145.89 (France) 1 redirects

ASN16276 (OVH, FR)

trgde.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.165.145.88 (France) 1 redirects

ASN16276 (OVH, FR)

gdetr.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.222.252.172 (Paris, France)

ASN16276 (OVH, FR)
PTR: ip172.ip-92-222-252.eu

gdetr.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	gemius.pl 1 redirects gdetr.hit.gemius.pl — Cisco Umbrella Rank: 100365	32 KB
3	adocean.pl 1 redirects trgde.adocean.pl — Cisco Umbrella Rank: 111436	32 KB
2	advertune.com 672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com	1 KB
1	virgul.com ng.virgul.com — Cisco Umbrella Rank: 95722	245 B
1	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 157339	35 KB
11	5

	Domain	Requested by
6	gdetr.hit.gemius.pl	1 redirects trgde.adocean.pl gdetr.hit.gemius.pl
3	trgde.adocean.pl	1 redirects 672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com trgde.adocean.pl
2	672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com
1	ng.virgul.com	672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com
1	c1.imgiz.com	672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com
11	5

This site contains links to these domains. Also see Links.

Domain
ng.virgul.com

Subject Issuer	Validity	Valid
*.advertune.com Sectigo RSA Domain Validation Secure Server CA	`2024-10-11` - `2025-11-11`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-10` - `2025-10-11`	a year	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2024-10-14` - `2025-11-14`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2024-09-12` - `2025-09-25`	a year	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2024-01-29` - `2025-02-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/adview?a=672a7c43e4b0bcbb5fa9a0f7&r=
Frame ID: D2557965DC3116CF0B8807F54F0DCBA6
Requests: 10 HTTP requests in this frame

Frame: https://gdetr.hit.gemius.pl/gdejs/xgde.html
Frame ID: BCC02DF94CD4ED6CA26B10D69C422B43
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AdOcean (Advertising) Expand

Overall confidence: 80%
Detected patterns

adocean\.pl

Gemius (Analytics) Expand

Overall confidence: 80%
Detected patterns

hit\.gemius\.pl

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

82 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

99 kB
Transfer

203 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&sdr=&et=&r=&l=noref&info=&t=banner&cs=1731399453903&m=https://gdetr.hit.gemius.pl/hitredir/id=.Rbqxq7mI4JLeH5lwlHVHGaEP_zNEIe0Gt4GPcVsZET.a7/fastid=dtsveurljsndpfjqrgwvequcdymy/stparam=knjfhiqjsq/roc=0/url=https://www.vakifkatilim.com.tr/tr/isim-icin/finansmanlar/nakdi-finansmanlar/mevsim-donemsel-isletme-finansmani?utm_source=Masthead&utm_placement=320x100&utm_campaign=Vakif-Katilim-Kasim-MevsimKampanyasi1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://trgde.adocean.pl/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&sdr=&et=&r=&l=noref&info=&t=banner&cs=1731399453903&m= HTTP 301
https://trgde.adocean.pl/__/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&sdr=&et=&r=&l=noref&info=&t=banner&cs=1731399453903&m=

Request Chain 8

https://gdetr.hit.gemius.pl/_1731399457454/redot.js?id=.Rbqxq7mI4JLeH5lwlHVHGaEP_zNEIe0Gt4GPcVsZET.a7/fastid=jkpydyrnargtnmdhlkrpvjajfymb/stparam=qlliqnmqsw&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=ls%3D1%7Ctpb%3D0%7Cifr%3D0%7Cnet%3D4g%2C10%2C100%7Chct%3D1001&lsdata=-TIMEDOUT&href=https%3A%2F%2F672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com%2Fadview%3Fa%3D672a7c43e4b0bcbb5fa9a0f7%26r%3D HTTP 301
https://gdetr.hit.gemius.pl/__/_1731399457454/redot.js?id=.Rbqxq7mI4JLeH5lwlHVHGaEP_zNEIe0Gt4GPcVsZET.a7/fastid=jkpydyrnargtnmdhlkrpvjajfymb/stparam=qlliqnmqsw&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=ls%3D1%7Ctpb%3D0%7Cifr%3D0%7Cnet%3D4g%2C10%2C100%7Chct%3D1001&lsdata=-TIMEDOUT&href=https%3A%2F%2F672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com%2Fadview%3Fa%3D672a7c43e4b0bcbb5fa9a0f7%26r%3D

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request adview Show response 672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/	2 KB 1 KB	788ms 180ms	Document text/html	185.7.176.221 PREMIERDC-VERI-ME...
General Check archive.org Show headers Download Go to Full URL https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/adview?a=672a7c43e4b0bcbb5fa9a0f7&r= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash `ce297ad2f08bf2caffcb8ac34c8864381ca58dca68df40c20664a9d1218d114b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-origin * content-encoding gzip content-type text/html date Tue, 12 Nov 2024 08:17:33 GMT expires Tue, 04 Jan 2022 10:49:40 GMT p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' server openresty/1.15.8.3 vary Accept-Encoding
GET H2	200	jquery-3.3.1.min.js Show response c1.imgiz.com/js/site/	85 KB 35 KB	592ms 183ms	Script application/javascript	185.7.176.222 PREMIERDC-VERI-ME...
General Check archive.org Show headers Download Go to Full URL https://c1.imgiz.com/js/site/jquery-3.3.1.min.js Requested by Host: 672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com URL: https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/adview?a=672a7c43e4b0bcbb5fa9a0f7&r= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/ Response headers cache-control max-age=604800 content-encoding gzip expires Tue, 19 Nov 2024 08:17:34 GMT access-control-allow-origin * date Tue, 12 Nov 2024 08:17:34 GMT content-type application/javascript vary Accept-Encoding server openresty/1.15.8.3 last-modified Wed, 16 May 2018 07:27:31 GMT
GET H2	200	672a7c43e4b0bcbb5fa9a0f7 ng.virgul.com/tck/imp/	0 245 B	601ms 182ms	Image text/plain	185.7.176.221 PREMIERDC-VERI-ME...
General Check archive.org Show headers Download Go to Show image Full URL https://ng.virgul.com/tck/imp/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&mt=&sdr=&et=&r=&l=noref&info=&t=banner:&os=&c=&cs=1731399453903 Requested by Host: 672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com URL: https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/adview?a=672a7c43e4b0bcbb5fa9a0f7&r= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/ Response headers expires Tue, 04 Jan 2022 10:49:40 GMT access-control-allow-origin https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com content-length 0 p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' date Tue, 12 Nov 2024 08:17:34 GMT server openresty/1.15.8.3 access-control-allow-credentials true
GET H2	200	ad.js Show response trgde.adocean.pl/__/_1731399454795/ Redirect Chain https://trgde.adocean.pl/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71... https://trgde.adocean.pl/__/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912...	3 KB 1 KB	137ms 137ms	Script application/x-javascript	188.165.145.89 OVH
General Check archive.org Show headers Download Go to Full URL https://trgde.adocean.pl/__/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&sdr=&et=&r=&l=noref&info=&t=banner&cs=1731399453903&m= Requested by Host: 672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com URL: https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/adview?a=672a7c43e4b0bcbb5fa9a0f7&r= Protocol H2 Server 188.165.145.89 , France, ASN16276 (OVH, FR), Reverse DNS Software GAD / Resource Hash `f2b5a78b5ed477332dcd8ebf77dfcb5ae85f3334fed283b7770190cbfc4d1644` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/ Response headers cache-control no-cache, must-revalidate, max-age=0 content-encoding gzip pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor cross-origin-resource-policy cross-origin expires Mon, 11 Nov 2024 08:17:35 GMT accept-ranges none p3p CP="NOI DSP COR NID PSAo OUR IND" content-length 1052 date Tue, 12 Nov 2024 08:17:35 GMT content-type application/x-javascript vary Accept-Encoding,Origin server GAD Redirect headers cache-control no-store, no-cache, must-revalidate, max-age=0 location /__/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&sdr=&et=&r=&l=noref&info=&t=banner&cs=1731399453903&m= pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor cross-origin-resource-policy cross-origin expires Mon, 11 Nov 2024 08:17:35 GMT p3p CP="NOI DSP COR NID PSAo OUR IND" content-length 0 date Tue, 12 Nov 2024 08:17:35 GMT vary Accept-Encoding,Origin server GAD
GET H2	200	xgde.js Show response gdetr.hit.gemius.pl/gdejs/	57 KB 20 KB	542ms 146ms	Script application/x-javascript	188.165.145.88 OVH
General Check archive.org Show headers Download Go to Full URL https://gdetr.hit.gemius.pl/gdejs/xgde.js Requested by Host: trgde.adocean.pl URL: https://trgde.adocean.pl/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&sdr=&et=&r=&l=noref&info=&t=banner&cs=1731399453903&m= Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 188.165.145.88 , France, ASN16276 (OVH, FR), Reverse DNS Software GHC / Resource Hash `98468b617767ca2a3dd115f2db945bf8ae9fa6e5f5a0749373623209bea73f3d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/ Response headers cache-control public, max-age=14400 content-encoding gzip etag "6731ED830000E4B16AE93791" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor cross-origin-resource-policy cross-origin expires Tue, 12 Nov 2024 12:17:36 GMT accept-ranges none p3p CP="NOI DSP COR NID PSAo OUR IND" content-length 20487 date Tue, 12 Nov 2024 08:17:36 GMT last-modified Mon, 11 Nov 2024 11:41:55 GMT vary Accept-Encoding,Origin server GHC content-type application/x-javascript
GET H2	200	320x100-gif.gif trgde.adocean.pl/files/akajgcpolie/zinmlphnth/vfnnovekqh/	30 KB 30 KB	137ms 137ms	Image image/gif	188.165.145.89 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://trgde.adocean.pl/files/akajgcpolie/zinmlphnth/vfnnovekqh/320x100-gif.gif Requested by Host: trgde.adocean.pl URL: https://trgde.adocean.pl/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&sdr=&et=&r=&l=noref&info=&t=banner&cs=1731399453903&m= Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 188.165.145.89 , France, ASN16276 (OVH, FR), Reverse DNS Software GAD / Resource Hash `f98d0c7e659be04eac2506766bf7d1a8c961d8bea48013af348f052853a4bb65` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/ Response headers cache-control public, must-revalidate, max-age=4320000 etag "672C774F000078EA10109839" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor cross-origin-resource-policy cross-origin expires Wed, 01 Jan 2025 08:17:35 GMT accept-ranges bytes p3p CP="NOI DSP COR NID PSAo OUR IND" content-length 30954 date Tue, 12 Nov 2024 08:17:35 GMT last-modified Thu, 07 Nov 2024 08:16:15 GMT vary Accept-Encoding,Origin server GAD content-type image/gif
GET H2	200	inscreen_lib.js Show response gdetr.hit.gemius.pl/gdejs/	26 KB 10 KB	541ms 145ms	Script application/x-javascript	188.165.145.88 OVH
General Check archive.org Show headers Download Go to Full URL https://gdetr.hit.gemius.pl/gdejs/inscreen_lib.js Requested by Host: trgde.adocean.pl URL: https://trgde.adocean.pl/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&sdr=&et=&r=&l=noref&info=&t=banner&cs=1731399453903&m= Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 188.165.145.88 , France, ASN16276 (OVH, FR), Reverse DNS Software GHC / Resource Hash `f4127127b3cf1142f69777cc7de7fb6ed68ff6957ada137f91c59989d64490ae` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/ Response headers cache-control public, max-age=14400 content-encoding gzip etag "6731ED830000664A0B67D04E" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor cross-origin-resource-policy cross-origin expires Tue, 12 Nov 2024 12:17:36 GMT accept-ranges none p3p CP="NOI DSP COR NID PSAo OUR IND" content-length 9827 date Tue, 12 Nov 2024 08:17:36 GMT last-modified Mon, 11 Nov 2024 11:41:55 GMT vary Accept-Encoding,Origin server GHC content-type application/x-javascript
GET H2	200	favicon.ico 672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/	0 61 B	181ms 181ms	Other text/plain	185.7.176.221 PREMIERDC-VERI-ME...
General Check archive.org Show headers Download Go to Full URL https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/adview?a=672a7c43e4b0bcbb5fa9a0f7&r= Response headers content-length 0 date Tue, 12 Nov 2024 08:17:36 GMT content-type text/plain server openresty/1.15.8.3
GET H2	200	xgde.html gdetr.hit.gemius.pl/gdejs/ Frame BCC0	0 0	609ms 308ms	Document text/html	92.222.252.172 OVH
General Check archive.org Show headers Download Go to Full URL https://gdetr.hit.gemius.pl/gdejs/xgde.html Requested by Host: gdetr.hit.gemius.pl URL: https://gdetr.hit.gemius.pl/gdejs/xgde.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 92.222.252.172 Paris, France, ASN16276 (OVH, FR), Reverse DNS ip172.ip-92-222-252.eu Software GHC / Resource Hash Request headers Referer https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor accept-ranges none cache-control public, max-age=14400 content-encoding gzip content-length 215 content-type text/html;charset=utf-8 cross-origin-resource-policy cross-origin date Tue, 12 Nov 2024 08:17:36 GMT etag "5996D7A50000012F9178E011" expires Tue, 12 Nov 2024 12:17:36 GMT last-modified Fri, 18 Aug 2017 12:03:49 GMT p3p CP="NOI DSP COR NID PSAo OUR IND" server GHC vary Accept-Encoding,Origin
GET H2	200	redot.js Show response gdetr.hit.gemius.pl/__/_1731399457454/ Redirect Chain https://gdetr.hit.gemius.pl/_1731399457454/redot.js?id=.Rbqxq7mI4JLeH5lwlHVHGaEP_zNEIe0Gt4GPcVsZET.a7/fastid=jkpydyrnargtnmdhlkrpvjajfymb/stparam=qlliqnmqsw&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_... https://gdetr.hit.gemius.pl/__/_1731399457454/redot.js?id=.Rbqxq7mI4JLeH5lwlHVHGaEP_zNEIe0Gt4GPcVsZET.a7/fastid=jkpydyrnargtnmdhlkrpvjajfymb/stparam=qlliqnmqsw&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%...	2 B 396 B	179ms 178ms	XHR application/x-javascript	188.165.145.88 OVH
General Check archive.org Show headers Download Go to Full URL https://gdetr.hit.gemius.pl/__/_1731399457454/redot.js?id=.Rbqxq7mI4JLeH5lwlHVHGaEP_zNEIe0Gt4GPcVsZET.a7/fastid=jkpydyrnargtnmdhlkrpvjajfymb/stparam=qlliqnmqsw&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=ls%3D1%7Ctpb%3D0%7Cifr%3D0%7Cnet%3D4g%2C10%2C100%7Chct%3D1001&lsdata=-TIMEDOUT&href=https%3A%2F%2F672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com%2Fadview%3Fa%3D672a7c43e4b0bcbb5fa9a0f7%26r%3D Protocol H2 Server 188.165.145.88 , France, ASN16276 (OVH, FR), Reverse DNS Software GHC / Resource Hash `75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/ Response headers cache-control no-store, no-cache, must-revalidate, max-age=0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Mon, 11 Nov 2024 08:17:37 GMT accept-ranges none access-control-allow-origin https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com p3p CP="NOI DSP COR NID PSAo OUR IND" content-length 2 date Tue, 12 Nov 2024 08:17:37 GMT content-type application/x-javascript server GHC Redirect headers cache-control no-store, no-cache, must-revalidate, max-age=0 location /__/_1731399457454/redot.js?id=.Rbqxq7mI4JLeH5lwlHVHGaEP_zNEIe0Gt4GPcVsZET.a7/fastid=jkpydyrnargtnmdhlkrpvjajfymb/stparam=qlliqnmqsw&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=ls%3D1%7Ctpb%3D0%7Cifr%3D0%7Cnet%3D4g%2C10%2C100%7Chct%3D1001&lsdata=-TIMEDOUT&href=https%3A%2F%2F672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com%2Fadview%3Fa%3D672a7c43e4b0bcbb5fa9a0f7%26r%3D pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Mon, 11 Nov 2024 08:17:37 GMT accept-ranges none access-control-allow-origin https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com p3p CP="NOI DSP COR NID PSAo OUR IND" content-length 0 date Tue, 12 Nov 2024 08:17:37 GMT server GHC
GET H2	200	redot.js Show response gdetr.hit.gemius.pl/_1731399457709/	2 B 397 B	195ms 194ms	XHR application/x-javascript	188.165.145.88 OVH
General Check archive.org Show headers Download Go to Full URL https://gdetr.hit.gemius.pl/_1731399457709/redot.js?id=.Rbqxq7mI4JLeH5lwlHVHGaEP_zNEIe0Gt4GPcVsZET.a7/stparam=nmcpdlgfiv&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=isn%3D0%7Cisn_d%3D4506%7Cisn_s_v%3D3v4d_4%7Cls%3D1%7Ctpb%3D0%7Cifr%3D0%7Ctq%3D2%7Cnet%3D4g%2C10%2C100%7Chct%3D1001&lsdata=-TIMEDOUT&href=https%3A%2F%2F672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com%2Fadview%3Fa%3D672a7c43e4b0bcbb5fa9a0f7%26r%3D Requested by Host: gdetr.hit.gemius.pl URL: https://gdetr.hit.gemius.pl/gdejs/xgde.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 188.165.145.88 , France, ASN16276 (OVH, FR), Reverse DNS Software GHC / Resource Hash `75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/ Response headers cache-control no-store, no-cache, must-revalidate, max-age=0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Mon, 11 Nov 2024 08:17:37 GMT accept-ranges none access-control-allow-origin https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com p3p CP="NOI DSP COR NID PSAo OUR IND" content-length 2 date Tue, 12 Nov 2024 08:17:37 GMT content-type application/x-javascript server GHC

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.trgde.adocean.pl/	1970-01-21 10:25:27	Name: GAD Value: KlGHUMMGQMGGvlPQTCVliXiUssGMXP8c2RySssX6QssGvaGpI7EPoxVmL18GG7_D18yUuAeGsG..
.hit.gemius.pl/	1970-01-21 10:25:27	Name: receive-cookie-deprecation Value: 1
.hit.gemius.pl/	1970-01-21 01:06:44	Name: Gtest Value: KlxNaRXGQMQG0jKeA8hbiXiUssGMXP8c2RbG
.hit.gemius.pl/	1970-01-21 10:25:27	Name: Gdyn Value: KlGnVRGGQMQG0jKeA8hbiXiUssGMXP8c28ySssX6nsGfGKf7Hb2xQjGowOx1G0F6Qssa
.hit.gemius.pl/	1970-01-21 10:25:27	Name: Gdynp Value: 3_Ya4oI3Ywnv4QBQg3FONUqMVsoKd7LpDErPYNykqkz.Y7

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/adview?a=672a7c43e4b0bcbb5fa9a0f7&r=(Line 27) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://trgde.adocean.pl/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&sdr=&et=&r=&l=noref&info=&t=banner&cs=1731399453903&m=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com/adview?a=672a7c43e4b0bcbb5fa9a0f7&r=(Line 27) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://trgde.adocean.pl/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&sdr=&et=&r=&l=noref&info=&t=banner&cs=1731399453903&m=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://trgde.adocean.pl/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&sdr=&et=&r=&l=noref&info=&t=banner&cs=1731399453903&m=(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://gdetr.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://trgde.adocean.pl/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&sdr=&et=&r=&l=noref&info=&t=banner&cs=1731399453903&m=(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://gdetr.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://trgde.adocean.pl/_1731399454795/ad.js?id=Zd3g96Cdd1wuxVyMFYpalDZuTH9Vux.o9zGpxmkK.6n.e7/nc=0/gdpr=0/gdpr_consent=/redir=https://ng.virgul.com/ct/672a7c43e4b0bcbb5fa9a0f7?userId=vnetaf912f71-3fc8-41b6-9341-32899cce0308&sdr=&et=&r=&l=noref&info=&t=banner&cs=1731399453903&m=(Line 31) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://gdetr.hit.gemius.pl/gdejs/inscreen_lib.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com
c1.imgiz.com
gdetr.hit.gemius.pl
ng.virgul.com
trgde.adocean.pl
185.7.176.221
185.7.176.222
188.165.145.88
188.165.145.89
92.222.252.172
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
98468b617767ca2a3dd115f2db945bf8ae9fa6e5f5a0749373623209bea73f3d
ce297ad2f08bf2caffcb8ac34c8864381ca58dca68df40c20664a9d1218d114b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2b5a78b5ed477332dcd8ebf77dfcb5ae85f3334fed283b7770190cbfc4d1644
f4127127b3cf1142f69777cc7de7fb6ed68ff6957ada137f91c59989d64490ae
f98d0c7e659be04eac2506766bf7d1a8c961d8bea48013af348f052853a4bb65

672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com Open in urlscan Pro 185.7.176.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

82 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

99 kBTransfer

203 kBSize

5 Cookies

1 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

5 Cookies

5 Console Messages

Indicators

672a7c43e4b0bcbb5fa9a0f7-ceyrekaltinfiyatlari.advertune.com Open in urlscan Pro
185.7.176.221 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

82 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

99 kB
Transfer

203 kB
Size

5
Cookies

11 HTTP transactions
0 data transactions