offer01.marketingsurface.online Open in urlscan Pro
89.117.77.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://offer01.marketingsurface.online/
Submission: On December 02 via api (December 2nd 2023, 9:50:35 pm UTC) from US — Scanned from US

Summary HTTP 168 Redirects Links 62 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 25 domains to perform 168 HTTP transactions. The main IP is 89.117.77.90, located in New York, United States and belongs to NL-811-40021, US. The main domain is offer01.marketingsurface.online.
TLS certificate: Issued by R3 on December 2nd 2023. Valid for: 3 months.

This is the only time offer01.marketingsurface.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	89.117.77.90 89.117.77.90	40021 (NL-811-40021) (NL-811-40021)
20	77.223.133.228 77.223.133.228	43391 (NETDIREKT-AS) (NETDIREKT-AS)
2	212.102.38.46 212.102.38.46	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2.59.169.31 2.59.169.31	49981 (WORLDSTREAM) (WORLDSTREAM)
2	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
1	212.68.47.11 212.68.47.11	15830 (EQUINIX) (EQUINIX)
3	2607:f8b0:400... 2607:f8b0:4004:c17::66	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c1d::9a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::71	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4a93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	178.128.135.204 178.128.135.204	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::69	15169 (GOOGLE) (GOOGLE)
9	3.20.63.239 3.20.63.239	16509 (AMAZON-02) (AMAZON-02)
15	23.222.4.152 23.222.4.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	46.20.149.250 46.20.149.250	48737 (DORATELEKOM) (DORATELEKOM)
5	18.189.152.57 18.189.152.57	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c0b::9d	15169 (GOOGLE) (GOOGLE)
21	2607:f8b0:400... 2607:f8b0:4004:c1d::84	15169 (GOOGLE) (GOOGLE)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
4	2607:f8b0:400... 2607:f8b0:4004:c19::95	15169 (GOOGLE) (GOOGLE)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
15	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::65	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
1	142.251.167.148 142.251.167.148	15169 (GOOGLE) (GOOGLE)
2	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
1	23.220.132.230 23.220.132.230	16625 (AKAMAI-AS) (AKAMAI-AS)
168	35

5 89.117.77.90 (New York, United States)

ASN40021 (NL-811-40021, US)
PTR: vmi1463663.contaboserver.net

offer01.marketingsurface.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 77.223.133.228 (Turkey)

ASN43391 (NETDIREKT-AS, TR)

s.hbrcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.haberler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.102.38.46 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-212-102-38-46.datapacket.com

i.hbrcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.59.169.31 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 2-59-169-31.hosted-by-worldstream.net

cdn.p.analitik.bik.gov.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.68.47.11 (Turkey)

ASN15830 (EQUINIX, NL)

c.keltis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::66 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c1d::9a (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::71 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a93 (United States)

ASN13335 (CLOUDFLARENET, US)

melon-prebid.rtb.pixad.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

rt.marphezis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::69 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.20.63.239 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-63-239.us-east-2.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.222.4.152 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-4-152.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.20.149.250 (Turkey)

ASN48737 (DORATELEKOM, TR)
PTR: izle.haberler.com

izlehls.haberler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.189.152.57 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-152-57.us-east-2.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c0b::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)

b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c19::95 (Washington, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::65 (Washington, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.148 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.220.132.230 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-132-230.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	208 KB
29	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1487 secure-ds.serving-sys.com — Cisco Umbrella Rank: 2632 lm.serving-sys.com — Cisco Umbrella Rank: 2628	345 KB
20	hbrcdn.com s.hbrcdn.com — Cisco Umbrella Rank: 256227 i.hbrcdn.com — Cisco Umbrella Rank: 141489	498 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	311 KB
14	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	233 KB
7	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2	12 KB
6	gstatic.com fonts.gstatic.com	94 KB
6	haberler.com www.haberler.com — Cisco Umbrella Rank: 198212 d.haberler.com Failed izlehls.haberler.com — Cisco Umbrella Rank: 386221	740 KB
5	marketingsurface.online offer01.marketingsurface.online	19 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	159 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	157 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	1 KB
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 487 fonts.googleapis.com — Cisco Umbrella Rank: 29	128 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	190 KB
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 848	566 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	291 B
1	marphezis.com rt.marphezis.com — Cisco Umbrella Rank: 9704	243 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7367	194 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	1 KB
1	pixad.com.tr melon-prebid.rtb.pixad.com.tr — Cisco Umbrella Rank: 469902
1	keltis.com c.keltis.com — Cisco Umbrella Rank: 352426	144 B
1	bik.gov.tr cdn.p.analitik.bik.gov.tr — Cisco Umbrella Rank: 56190 58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr Failed	34 KB
0	atdmt.com Failed ad.atdmt.com Failed
168	25

	Domain	Requested by
19	tpc.googlesyndication.com	s.hbrcdn.com offer01.marketingsurface.online b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com
18	s.hbrcdn.com	offer01.marketingsurface.online s.hbrcdn.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
15	secure-ds.serving-sys.com	s.hbrcdn.com secure-ds.serving-sys.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com
9	bs.serving-sys.com	offer01.marketingsurface.online s.hbrcdn.com secure-ds.serving-sys.com
9	securepubads.g.doubleclick.net	offer01.marketingsurface.online s.hbrcdn.com securepubads.g.doubleclick.net b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com www.googletagservices.com
6	fonts.gstatic.com	fonts.googleapis.com
5	lm.serving-sys.com	secure-ds.serving-sys.com
5	offer01.marketingsurface.online	offer01.marketingsurface.online s.hbrcdn.com
4	www.googletagservices.com	b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com www.googletagservices.com
4	s0.2mdn.net	secure-ds.serving-sys.com s0.2mdn.net b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com
4	izlehls.haberler.com	s.hbrcdn.com
4	analytics.google.com	www.googletagmanager.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	offer01.marketingsurface.online www.google-analytics.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	id5-sync.com	s.hbrcdn.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com	s.hbrcdn.com
2	www.google.com	offer01.marketingsurface.online s.hbrcdn.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.haberler.com	s.hbrcdn.com offer01.marketingsurface.online
2	www.googletagmanager.com	offer01.marketingsurface.online s.hbrcdn.com
2	i.hbrcdn.com	offer01.marketingsurface.online
1	stags.bluekai.com	b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	lb.eu-1-id5-sync.com	s.hbrcdn.com
1	imasdk.googleapis.com	offer01.marketingsurface.online
1	rt.marphezis.com	s.hbrcdn.com
1	prebid-eu.creativecdn.com	s.hbrcdn.com
1	cdn.jsdelivr.net	s.hbrcdn.com
1	melon-prebid.rtb.pixad.com.tr	s.hbrcdn.com
1	fundingchoicesmessages.google.com	s.hbrcdn.com
1	c.keltis.com	offer01.marketingsurface.online
1	cdn.p.analitik.bik.gov.tr	offer01.marketingsurface.online
0	ad.atdmt.com Failed	b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com
0	58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr Failed	cdn.p.analitik.bik.gov.tr
0	d.haberler.com Failed	s.hbrcdn.com
168	40

This site contains links to these domains. Also see Links.

Domain
www.haberler.com
kuponkodu.haberler.com
portal.haberler.com
news.google.com
s.hbrcdn.com
www.facebook.com
twitter.com
instagram.com
www.linkedin.com
wa.me
assistant.google.com
open.spotify.com
rss.haberler.com
tr.wikipedia.org
www.youtube.com
www.tiktok.com
t.me
www.dailymotion.com
apps.apple.com
play.google.com
appgallery.cloud.huawei.com
www.yenimedya.com.tr

Subject Issuer	Validity	Valid
offer01.marketingsurface.online R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
s.hbrcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-19` - `2024-04-21`	a year	crt.sh
i.hbrcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-19` - `2024-04-21`	a year	crt.sh
*.p.analitik.bik.gov.tr RapidSSL TLS RSA CA G1	`2023-05-08` - `2024-05-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
c.keltis.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.haberler.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-02` - `2024-05-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
rtb.pixad.com.tr E1	`2023-10-06` - `2024-01-04`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.marphezis.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-03` - `2024-01-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
bs.serving-sys.com Amazon RSA 2048 M02	`2023-10-23` - `2024-11-21`	a year	crt.sh
secure-ds.serving-sys.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
lm.serving-sys.com Amazon RSA 2048 M01	`2023-09-26` - `2024-10-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://offer01.marketingsurface.online/
Frame ID: 8B43AA8F4F890ED6514E7E34D0B09061
Requests: 94 HTTP requests in this frame

Frame: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 116ED2CB45C6EE955EDF335E200DBCB4
Requests: 1 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Frame ID: D415F4E9162E330ED6529324892C2C20
Requests: 8 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/index.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Frame ID: 28972535512BD3BBF1AF29547BEFFA31
Requests: 35 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77BCA803D79B40CBD8183BAA9E8D8A1B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9606797963F394A680B8AB87D26117E2
Requests: 2 HTTP requests in this frame

Frame: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 23157B666467B2BD62FF6105CA536949
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: FEEF447BADE1B545D85137CD3B6ABDD5
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: B74296DBC92D7EB4A4CC807B96FF4457
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 11163FBE19811757BE5A41DC57D62124
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ACEAF6560D21DE0B5DCB9F8F88823068
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sakatlıkların bir türlü peşini bırakmadığı Arda'dan haber var - Haberler

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

168
Requests

96 %
HTTPS

50 %
IPv6

25
Domains

40
Subdomains

35
IPs

6
Countries

3152 kB
Transfer

11321 kB
Size

26
Cookies

62 Outgoing links

These are links going to different origins than the main page.

URL: https://www.haberler.com/haberler/cerez-politikasi/
Title: çerez

Search URL Search Domain Scan URL

URL: https://www.haberler.com/haberler/web-sitesi-cerez-aydinlatma-metni/
Title: Aydınlatma Metnimizi

Search URL Search Domain Scan URL

URL: https://www.haberler.com/

Search URL Search Domain Scan URL

URL: https://www.haberler.com/son-dakika/
Title: SON DAKİKA

Search URL Search Domain Scan URL

URL: https://www.haberler.com/guncel/
Title: GÜNCEL

Search URL Search Domain Scan URL

URL: https://www.haberler.com/ekonomi/
Title: EKONOMİ

Search URL Search Domain Scan URL

URL: https://www.haberler.com/magazin/
Title: MAGAZİN

Search URL Search Domain Scan URL

URL: https://www.haberler.com/spor/
Title: SPOR

Search URL Search Domain Scan URL

URL: https://www.haberler.com/dunya/
Title: DÜNYA

Search URL Search Domain Scan URL

URL: https://kuponkodu.haberler.com/
Title: KUPONLAR

Search URL Search Domain Scan URL

URL: https://portal.haberler.com/Login/?refererUrl=https://offer01.marketingsurface.online/
Title: Üye Girişi

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMNm4nwkwwIlv?hl=tr&gl=TR&ceid=TR%3Atr
Title: Abone Ol

Search URL Search Domain Scan URL

URL: https://www.haberler.com/ali-erbas/
Title: Ali Erbaş

Search URL Search Domain Scan URL

URL: https://www.haberler.com/omer-bolat/
Title: Ömer Bolat

Search URL Search Domain Scan URL

URL: https://www.haberler.com/umit-ozdag/
Title: Ümit Özdağ

Search URL Search Domain Scan URL

URL: https://www.haberler.com/yilmaz-tunc/
Title: Yılmaz Tunç

Search URL Search Domain Scan URL

URL: https://www.haberler.com/sadir-durmaz/
Title: Sadir Durmaz

Search URL Search Domain Scan URL

URL: https://www.haberler.com/mansur-yavas/
Title: Mansur Yavaş

Search URL Search Domain Scan URL

URL: https://www.haberler.com/isaac-herzog/
Title: Isaac Herzog

Search URL Search Domain Scan URL

URL: https://www.haberler.com/ozlem-oz/
Title: Özlem Öz

Search URL Search Domain Scan URL

URL: https://www.haberler.com/itir-esen/
Title: Itır Esen

Search URL Search Domain Scan URL

URL: https://www.haberler.com/elton-john/
Title: Elton John

Search URL Search Domain Scan URL

URL: https://www.haberler.com/berk-oktay/
Title: Berk Oktay

Search URL Search Domain Scan URL

URL: https://www.haberler.com/sinem-kobal/
Title: Sinem Kobal

Search URL Search Domain Scan URL

URL: https://www.haberler.com/nazan-oncel/
Title: Nazan Öncel

Search URL Search Domain Scan URL

URL: https://www.haberler.com/murat-agirel/
Title: Murat Ağırel

Search URL Search Domain Scan URL

URL: https://www.haberler.com/lugano/
Title: Lugano

Search URL Search Domain Scan URL

URL: https://www.haberler.com/muslera/
Title: Muslera

Search URL Search Domain Scan URL

URL: https://www.haberler.com/okan-buruk/
Title: Okan Buruk

Search URL Search Domain Scan URL

URL: https://www.haberler.com/fatih-tekke/
Title: Fatih Tekke

Search URL Search Domain Scan URL

URL: https://www.haberler.com/burak-yilmaz/
Title: Burak Yılmaz

Search URL Search Domain Scan URL

URL: https://www.haberler.com/abdullah-avci/
Title: Abdullah Avcı

Search URL Search Domain Scan URL

URL: https://www.haberler.com/riza-calimbay/
Title: Rıza Çalımbay

Search URL Search Domain Scan URL

URL: https://www.haberler.com/hava-durumu/
Title: Hava Durumu

Search URL Search Domain Scan URL

URL: https://www.haberler.com/namaz-vakitleri/
Title: Namaz Vakitleri

Search URL Search Domain Scan URL

URL: https://www.haberler.com/gamegar/
Title: Gamegar

Search URL Search Domain Scan URL

URL: https://www.haberler.com/secim/
Title: Seçim Sonuçları

Search URL Search Domain Scan URL

URL: https://www.haberler.com/sans-oyunlari/
Title: Şans Oyunları

Search URL Search Domain Scan URL

URL: https://www.haberler.com/ruya-tabirleri/
Title: Rüya Tabirleri

Search URL Search Domain Scan URL

URL: https://www.haberler.com/yemek-tarifi/
Title: Yemek Tarifleri

Search URL Search Domain Scan URL

URL: https://s.hbrcdn.com/static/kisisel-veri-sahibi-basvuru-formu.pdf
Title: Veri Sahibi Başvuru Formu

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMNm4nwkwwIlv

Search URL Search Domain Scan URL

URL: https://www.facebook.com/haberler

Search URL Search Domain Scan URL

URL: https://twitter.com/haberler

Search URL Search Domain Scan URL

URL: https://instagram.com/haberlercom

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/haberler.com/

Search URL Search Domain Scan URL

URL: https://wa.me/905495474951

Search URL Search Domain Scan URL

URL: https://assistant.google.com/services/invoke/uid/000000e94a58e27a/alm/CgTzh-CxEgIQAQ==?hl=tr

Search URL Search Domain Scan URL

URL: https://www.haberler.com/podcast/

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/7lNZfax380NS6noCicIpTr?si=fcEbMp33TOKVPox9TxWwSg

Search URL Search Domain Scan URL

URL: https://rss.haberler.com/rss.asp

Search URL Search Domain Scan URL

URL: https://tr.wikipedia.org/wiki/Haberler.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/haberlercomresmi

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@haberlercom

Search URL Search Domain Scan URL

URL: https://t.me/s/haberlercomresmi

Search URL Search Domain Scan URL

URL: https://www.dailymotion.com/haberler

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tr/app/haberler-com/id339144085

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=tr.com.yenimedya.haberler

Search URL Search Domain Scan URL

URL: https://appgallery.cloud.huawei.com/marketshare/app/C101348841

Search URL Search Domain Scan URL

URL: https://www.yenimedya.com.tr/tickets/?site=haberler&referrer=https://www.haberler.com/spor/sakatliklarin-bir-turlu-pesini-birakmadigi-arda-16582970-haberi/
Title: [Hata Bildir]

Search URL Search Domain Scan URL

URL: https://portal.haberler.com/Login/
Title: Üye Girişi

Search URL Search Domain Scan URL

URL: https://www.yenimedya.com.tr/basvuru/
Title: İnsan Kaynakları

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foffer01.marketingsurface.online%2F&domain=offer01.marketingsurface.online&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=9N85HHxwelZENnI5MlFoU2h1aURTcGx1bDdmZmVrVzEyeHdKcGljejAvVXU3S2lHRWd0bTh5WFZmTCs2UENOUmhrUkhSbGd2UHlwNnJBU1RhTElXQm1vRFpDZ0JWdThZb0ZtQitiSEZOdm03dDlOcC9EOVF2aWtaNFU1VEJCdVQ0cVlERll4TElSbkVXdHduNE9uaVdsL0xVK2ZXWGNmUDF0RFRDMjJVUTFWTkNUNkRKNC9NYWdhT202SktmUDU5eWQ3YnlWbWpWVGc1WlpubENZNDBNcksycCs4ZlhHaEVOYnRUOUhUNzhEaG1tU1UrOTVTSWIwU09IYmNjSnM5NjU1Szh0fA&cppv=2

168 HTTP transactions
45 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
offer01.marketingsurface.online/ 78 KB
17 KB 1679ms
1124ms Document
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx / PHP/8.0.30 PleskLin
Resource Hash: c617370720720b4a789594e80f2ae40401f668eaa667d8266f310208c188206f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 21:50:26 GMT
server: nginx
x-powered-by: PHP/8.0.30 PleskLin

GET
H2 200 cookieconsent.js Show response
s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/ 101 KB
24 KB 1092ms
724ms Script
application/javascript 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: af9899a393c086ef1507641bc6ed14e6d86f6478d6d1fbd701598918a24b0df8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:26 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 11188191
x-powered-by: ASP.NET
x-midtier: tr-izm-nt-s05
x-cache-status: HIT
server: MerlinCDN
etag: W/"4d95b6d5ae46d91:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
s.hbrcdn.com/mstatic/assets/js/ 132 KB
47 KB 1008ms
641ms Script
application/javascript 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/js/jquery-3.6.0.min.js?v=88
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 673313e96a0534f9af92ca33def0f1116ba8935661c63ff6f644303cc3f2e834

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:26 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 466836
x-powered-by: ASP.NET
x-midtier: tr-izm-nt-s15
x-cache-status: HIT
server: MerlinCDN
etag: W/"83d7f5f2a21da1:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 general.min.css
s.hbrcdn.com/mstatic/assets/css/ 298 KB
57 KB 709ms
342ms Stylesheet
text/css 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100400
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: c08460d7dd465cdfe32fe4d47eec5e648cfbb65cf91a52bca93328a6df0ed8b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:26 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 212863
x-powered-by: ASP.NET
x-midtier: tr-izm-nt-s15
x-cache-status: HIT
server: MerlinCDN
etag: W/"6ba8b52bc922da1:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 header.css
s.hbrcdn.com/mstatic/assets/css/ 15 KB
3 KB 546ms
180ms Stylesheet
text/css 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100400
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 7ab1ddc9fb494d565a1526c1d56cd90495b3e680abdad7ff4cb2f58d7e516882

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:26 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 212913
x-powered-by: ASP.NET
x-midtier: tr-izm-nt-s15
x-cache-status: HIT
server: MerlinCDN
etag: W/"649eee5ffb21da1:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 responsive.css
s.hbrcdn.com/mstatic/assets/css/ 139 KB
29 KB 925ms
559ms Stylesheet
text/css 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/css/responsive.css?v=100400
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 74060c2cee39f6cd2b8e3391da6498ac183035f1ae83d53e9c535fe9fffbb734

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:26 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 212823
x-powered-by: ASP.NET
x-midtier: tr-izm-nt-s15
x-cache-status: HIT
server: MerlinCDN
etag: W/"c5501d2bc922da1:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haberler-logo.svg
s.hbrcdn.com/static/img/tasarim/ 3 KB
2 KB 1104ms
738ms Image
image/svg+xml 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/static/img/tasarim/haberler-logo.svg
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: b6d5ce14b069d40cb5859aa9fdeeb16368192644526d6353cf773f040edc9ad3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:26 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
server: MerlinCDN
age: 11188191
etag: W/"d0e022c5def2d51:0"
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: tr-izm-nt-s12
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
allow: GET, HEAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haberler-logo.png
s.hbrcdn.com/mstatic/assets/img/ 5 KB
6 KB 171ms
168ms Image
image/png 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/haberler-logo.png
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 8e2c49db07018a59ab49b67849718cd1cfe72bec77de478771f5e70a7327cb88

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 11188192
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: tr-izm-nt-s12
content-length: 5417
server: MerlinCDN
etag: "c9b327ec6b9d71:0"
allow: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-header-search.png
s.hbrcdn.com/mstatic/assets/img/ 1 KB
1 KB 172ms
168ms Image
image/png 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/icon-header-search.png
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 8ab35ac6bc54b61452906c1c99641547a8ea08869d7d25b6f7baa872009035f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 11188191
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: tr-izm-nt-s05
content-length: 1141
server: MerlinCDN
etag: "541f49ec6b9d71:0"
allow: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sakatliklarin-bir-turlu-pesini-birakmadigi-arda-16582971_4828_o.jpg
i.hbrcdn.com/haber/2023/11/30/ 33 KB
33 KB 706ms
218ms Image
image/jpeg 212.102.38.46
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.hbrcdn.com/haber/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-arda-16582971_4828_o.jpg
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.38.46 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-212-102-38-46.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: 4d1384b647f253b924594830c31e53ee5af63dda537e4a0ea185784267f7c19f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
via: HTTP/2.0 Merlin CDN
server: MerlinCDN
age: 198344
x-powered-by: ASP.NET
x-cache-status: HIT
allow: GET, HEAD
x-midtier: de-fra-lea-s01
content-type: image/jpeg
access-control-allow-origin: *
x-edge: cz-prg-dp-s03
cache-control: max-age=864560
part: netrs
accept-ranges: bytes
content-length: 33528

GET
H2 404 1x1.gif
offer01.marketingsurface.online/ 808 B
808 B 139ms
136ms Image
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer01.marketingsurface.online/1x1.gif
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
content-encoding: br
last-modified: Sat, 02 Dec 2023 13:43:07 GMT
server: nginx
etag: W/"328-60b8710960f65"
content-type: text/html

GET
H2 200 advertisement.gif
s.hbrcdn.com/static/reklam/ 95 B
400 B 166ms
165ms Image
image/gif 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/static/reklam/advertisement.gif?ads=1
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 51b42074adc78d3a6e9e45b60e8f366ed5dc028a84e4bbcf7811e7d42e188510

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 11188192
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: tr-izm-nt-s12
content-length: 95
server: MerlinCDN
etag: "379128da78d7d51:0"
allow: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haber-detay.js Show response
s.hbrcdn.com/mstatic/js/ 74 KB
19 KB 178ms
177ms Script
application/javascript 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/js/haber-detay.js?v=2.800
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 47e6de7aa7cb396d543583e8870c8fc721d7a1f7105421d10e9967b67e72a4df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 200743
x-powered-by: ASP.NET
x-midtier: tr-izm-nt-s15
x-cache-status: HIT
server: MerlinCDN
etag: W/"9e25d3ed9423da1:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tracker1.js Show response
cdn.p.analitik.bik.gov.tr/ 34 KB
34 KB 856ms
410ms Script
text/plain 2.59.169.31
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.59.169.31 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 2-59-169-31.hosted-by-worldstream.net
Software: MerlinCDN /
Resource Hash: 275ae68d7e6a744bfa1bfb3d8fd72518dc3144a5d2e9c67c380f640b9c5305d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
via: HTTP/2.0 Merlin CDN
server: MerlinCDN
age: 714
x-midtier: tr-ist-shy-s01
x-cache-status: HIT
access-control-max-age: 2592000
access-control-allow-methods: OPTIONS, GET, POST
access-control-allow-origin: *
x-edge: nl-naw-ws-s13
allow: GET, HEAD
cache-control: max-age=3600

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 418 KB
94 KB 278ms
43ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSKB5QB

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad02f87b5ad859422ff4f63ec0adb9a27228960c86080dcf1656873aeb37138a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95676
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Dec 2023 21:50:27 GMT

POST
H2 200 c.aspx Show response
c.keltis.com/ 0
144 B 491ms
154ms XHR
application/x-javascript 212.68.47.11
EQUINIX

General

Check archive.org

Show headers Download Go to

Full URL: https://c.keltis.com/c.aspx?
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.68.47.11 , Turkey, ASN15830 (EQUINIX, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 02 Dec 2023 21:50:26 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: private, max-age=86400
content-length: 0

GET
H2 200 spdx.js Show response
s.hbrcdn.com/mstatic/assets/js/ 12 KB
5 KB 173ms
171ms Script
application/javascript 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/js/spdx.js?v=0
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: a79f658e21388c2f1c9237816ccb4d86b311b7a97420c764d5c8beddd53f3e9b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 11188191
x-powered-by: ASP.NET
x-midtier: tr-izm-nt-s05
x-cache-status: HIT
server: MerlinCDN
etag: W/"bf3bbc9eccb7d81:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 268ms
33ms Script
text/javascript 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 20:27:34 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4973
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 02 Dec 2023 22:27:34 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 308ms
74ms Script
text/javascript 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e8dc0d86bef96aee54a11b172719cbb09c4843729b8bdcb15bd0db9d3509b9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29971
x-xss-protection: 0
server: cafe
etag: 994 / 19693 / m202311150101 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 21:50:27 GMT

GET
H2 200 prebid8.22.0.js Show response
s.hbrcdn.com/mstatic/js/ 420 KB
158 KB 186ms
184ms Script
application/javascript 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/js/prebid8.22.0.js
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 3b54c0df53a0fcfe113fd65b3196a56ec684d55285880032421ec8ec7443d3e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 2283603
x-powered-by: ASP.NET
x-midtier: tr-izm-nt-s15
x-cache-status: HIT
server: MerlinCDN
etag: W/"84a61ee79a10da1:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 404 1x1.gif
offer01.marketingsurface.online/ 808 B
808 B 136ms
135ms Image
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer01.marketingsurface.online/1x1.gif
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
content-encoding: br
last-modified: Sat, 02 Dec 2023 13:43:07 GMT
server: nginx
etag: W/"328-60b8710960f65"
content-type: text/html

GET
H2 200 searchbar-icon.png
s.hbrcdn.com/mstatic/assets/img/ 995 B
1 KB 300ms
300ms Image
image/png 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/searchbar-icon.png
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100400
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 2a689ccabc2668e13126715b0b9ea6829af15218f5445e6f595c3a04c8f8276c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 11188192
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: tr-izm-nt-s12
content-length: 995
server: MerlinCDN
etag: "fcb7aaec6b9d71:0"
allow: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search-icon.svg
www.haberler.com/mstatic/assets/img/ 608 B
750 B 517ms
165ms Image
image/svg+xml 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haberler.com/mstatic/assets/img/search-icon.svg

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100400

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),

Reverse DNS

Software

MerlinCDN / ASP.NET

Resource Hash

73c379d75be2202585d1f33f3c8047654e4f0ad9911e0eae1de2df5d1ee168f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.hbrcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
content-encoding: gzip
age: 733755
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: tr-izm-nt-s15
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 08:50:33 GMT
server: MerlinCDN
etag: W/"fcb7aaec6b9d71:0"
allow: GET, HEAD
content-type: image/svg+xml
x-edge: tr-izm-nt-s02
cache-control: max-age=10454400
expires: Sun, 24 Mar 2024 10:01:12 GMT

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 i-time.svg
s.hbrcdn.com/mstatic/assets/img/ 561 B
613 B 295ms
295ms Image
image/svg+xml 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/i-time.svg
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100400
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 22a2251d406dde7956601090cefa2f2280bbc168d0c6d1ed76caa4f93967e881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
server: MerlinCDN
age: 1063499
etag: W/"5d7a2c0bb1bda1:0"
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: tr-izm-nt-s15
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
allow: GET, HEAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 i-googleNews.png
s.hbrcdn.com/mstatic/assets/img/ 5 KB
6 KB 298ms
298ms Image
image/png 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/i-googleNews.png
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100400
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: ae8266b08b009d1e8a33cc15ef3836034632fd32f86a09c57bfd62eadfa85fca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 1063498
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: tr-izm-nt-s15
content-length: 5404
server: MerlinCDN
etag: "dbaf53bebb1bda1:0"
allow: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sakatliklarin-bir-turlu-pesini-birakmadigi-arda-16582971_4828_o.jpg
i.hbrcdn.com/haber/2023/11/30/ 33 KB
33 KB 853ms
853ms Image
image/jpeg 212.102.38.46
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.hbrcdn.com/haber/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-arda-16582971_4828_o.jpg
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.38.46 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-212-102-38-46.datapacket.com
Software: MerlinCDN / ASP.NET
Resource Hash: 4d1384b647f253b924594830c31e53ee5af63dda537e4a0ea185784267f7c19f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
via: HTTP/2.0 Merlin CDN
server: MerlinCDN
age: 198345
x-powered-by: ASP.NET
x-cache-status: HIT
allow: GET, HEAD
x-midtier: de-fra-lea-s01
content-type: image/jpeg
access-control-allow-origin: *
x-edge: cz-prg-dp-s03
cache-control: max-age=864560
part: netrs
accept-ranges: bytes
content-length: 33528

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AGSKWxXjiBnhdVIxfzhC0gUQPzo5qLJsy4eVGLVy4xdw4xNvKGRdKWS8LzrzJb569YdXDCxZm_Fwnum-KlbU3Z__hn8= Show response
fundingchoicesmessages.google.com/f/ 22 KB
10 KB 150ms
76ms Script
application/javascript 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXjiBnhdVIxfzhC0gUQPzo5qLJsy4eVGLVy4xdw4xNvKGRdKWS8LzrzJb569YdXDCxZm_Fwnum-KlbU3Z__hn8=

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a00c9034ee0a006bbcbf6330329e4385b15248468cce6ec66f4aee0487d3edf1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-p1FJSrnYDVYJ1OYQI_K6FQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-p1FJSrnYDVYJ1OYQI_K6FQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
158 B 43ms
41ms XHR
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=228837449&t=event&_s=1&dl=https%3A%2F%2Foffer01.marketingsurface.online%2F&ul=en-us&de=UTF-8&dt=Sakatl%C4%B1klar%C4%B1n%20bir%20t%C3%BCrl%C3%BC%20pe%C5%9Fini%20b%C4%B1rakmad%C4%B1%C4%9F%C4%B1%20Arda%27dan%20haber%20var%20-%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Mobil%20Haber%20Detay&ea=Impression&el=Videolu%20Haber&_u=aEBAAEABEAAAACAAI~&jid=1463721689&gjid=1355481364&cid=401201743.1701553828&tid=UA-242929-3&_gid=1041430212.1701553828&_r=1&_slc=1&cd6=%7CDefault%7C&cd4=Sadece%20Haberler%2CSa%C4%9Fl%C4%B1k%2CSpor%2CReal%20Madrid%2CArda%20G%C3%BCler&z=993925582

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketingsurface.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 33ms
33ms Image
image/gif 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=228837449&t=pageview&_s=2&dl=https%3A%2F%2Foffer01.marketingsurface.online%2F&ul=en-us&de=UTF-8&dt=Sakatl%C4%B1klar%C4%B1n%20bir%20t%C3%BCrl%C3%BC%20pe%C5%9Fini%20b%C4%B1rakmad%C4%B1%C4%9F%C4%B1%20Arda%27dan%20haber%20var%20-%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=&gjid=&cid=401201743.1701553828&tid=UA-242929-3&_gid=1041430212.1701553828&cd6=%7CDefault%7C&cd4=Sadece%20Haberler%2CSa%C4%9Fl%C4%B1k%2CSpor%2CReal%20Madrid%2CArda%20G%C3%BCler&cd1=Spor&z=1151715900

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 03:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64927
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 pb
melon-prebid.rtb.pixad.com.tr/ Frame 0
0 459ms
376ms Preflight 2606:4700:20::ac43:4a93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://melon-prebid.rtb.pixad.com.tr/pb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://offer01.marketingsurface.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: POST
access-control-allow-origin: https://offer01.marketingsurface.online
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f6c920f9ae4bc6-BUF
date: Sat, 02 Dec 2023 21:50:28 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdkE3V%2BcYoEG2lZu6OOTt%2BtPJKl1GAJSnWPi8iY0OjjnDzV9JTz8Wv%2FmQSt6bJcVt8UnKYkFsdmmKHrUJ5BppegmMbnnH1uoyhd1YRLSrJxqblx1k4WBmk6d9HLz4DvamozZZ7D2hZ32%2FDfPII2tnK2Xn6Ne%2FMEYgJAJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
working-on: pxd-k8s
x-powered-by: Pixad-k8s

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 102ms
32ms Fetch
application/json 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231202

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/prebid8.22.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5a787d539cf38c44227edae3b32f9baffcccf721d2ada015b732e11bac0db170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 02 Dec 2023 21:50:27 GMT
x-content-type-options: nosniff
content-encoding: br
age: 20980
x-jsd-version: 1.0.1892
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 785
x-served-by: cache-fra-eddf8230103-FRA, cache-nyc-kteb1890022-NYC
x-jsd-version-type: version
etag: W/"642-maGbSK4k2X9erGcOaUhCqMYsf3g"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
194 B 658ms
215ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/prebid8.22.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketingsurface.online
date: Sat, 02 Dec 2023 21:50:28 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 204
No Content hb Show response
rt.marphezis.com/ 0
243 B 504ms
238ms Fetch 178.128.135.204
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.marphezis.com/hb
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/prebid8.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketingsurface.online
pragma: no-cache
date: Sat, 02 Dec 2023 21:50:27 GMT
cache-control: no-store
access-control-allow-credentials: true
vary: Origin
expires: 0

POST pb
melon-prebid.rtb.pixad.com.tr/ 0
0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
358 B 124ms
51ms XHR
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-242929-3&cid=401201743.1701553828&jid=1463721689&gjid=1355481364&_gid=1041430212.1701553828&_u=aEBAAEAAEAAAACAAI~&z=1092027789

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 02 Dec 2023 21:50:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketingsurface.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 34ms
34ms Script
text/javascript 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17466
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:59:21 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 82 B
78 B 125ms
53ms XHR
application/json 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=offer01.marketingsurface.online

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93c31bd20153300398dc146a6c8fba7f627a34f3af3e6520af26608612e68a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54
x-xss-protection: 0
expires: Sat, 02 Dec 2023 21:50:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
96 KB 43ms
43ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

350e63f454dfebc450df0e7c05e79e08be189d84495b8eb8e147e09f81a2ae08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97911
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Dec 2023 21:50:27 GMT

GET adv.js
d.haberler.com/ 0
0

GET
H2 200 haberler.com.png
www.haberler.com/static/images/ 1 KB
1 KB 169ms
168ms Image
image/png 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haberler.com/static/images/haberler.com.png

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),

Reverse DNS

Software

MerlinCDN / ASP.NET

Resource Hash

32868a1bf80d19678eb0651409c76b377427788cf2ba1dd6aefc3f0c9fdd796c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
age: 820153
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: tr-izm-nt-s15
content-length: 1086
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Jun 2021 10:59:31 GMT
server: MerlinCDN
etag: "a32ea75d9e57d71:0"
allow: GET, HEAD, POST
content-type: image/png
x-edge: tr-izm-nt-s02
cache-control: max-age=2592000
accept-ranges: bytes

POST
H2 204 collect
analytics.google.com/g/ 0
175 B 47ms
43ms Ping
text/plain 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je3bt0v9103786146z8838813481&_p=1701553826414&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=401201743.1701553828&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701553828&sct=1&seg=0&dl=https%3A%2F%2Foffer01.marketingsurface.online%2F&dt=Sakatl%C4%B1klar%C4%B1n%20bir%20t%C3%BCrl%C3%BC%20pe%C5%9Fini%20b%C4%B1rakmad%C4%B1%C4%9F%C4%B1%20Arda%27dan%20haber%20var%20-%20Haberler&en=page_view&_fv=1&_ss=1&tfd=3355
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketingsurface.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 45ms
44ms Ping
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FFKENFZBJW&cid=401201743.1701553828&gtm=45je3bt0v9103786146z8838813481&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketingsurface.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 122ms
45ms Image
image/gif 2607:f8b0:4004:c09::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-242929-3&cid=401201743.1701553828&jid=1463721689&_u=aEBAAEAAEAAAACAAI~&z=665777773

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::69 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 45ms
44ms Ping
text/plain 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je3bt0v9103786146z8838813481&_p=1701553826414&gcd=11l1l1l1l1&dma=0&cid=401201743.1701553828&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1701553828&sct=1&seg=0&dl=https%3A%2F%2Foffer01.marketingsurface.online%2F&dt=Sakatl%C4%B1klar%C4%B1n%20bir%20t%C3%BCrl%C3%BC%20pe%C5%9Fini%20b%C4%B1rakmad%C4%B1%C4%9F%C4%B1%20Arda%27dan%20haber%20var%20-%20Haberler&_s=2&tfd=3425
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketingsurface.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 ah_2.js
offer01.marketingsurface.online/static/js/ 0
0 139ms
136ms Script
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://offer01.marketingsurface.online/static/js/ah_2.js?v=0.02.113
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
content-encoding: br
last-modified: Sat, 02 Dec 2023 13:43:07 GMT
server: nginx
etag: W/"328-60b8710960f65"
content-type: text/html

GET
H2 200 icon-login.svg
s.hbrcdn.com/mstatic/assets/img/ 409 B
592 B 166ms
165ms Image
image/svg+xml 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/icon-login.svg
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100400
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: d7b57d66afbe39520418a8832d590f40b1c372c001acbab8cf1d67b0a40b447b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
server: MerlinCDN
age: 11188191
etag: W/"85814bec6b9d71:0"
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: tr-izm-nt-s12
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
allow: GET, HEAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 lazyload.js
offer01.marketingsurface.online/mstatic/assets/js/ 0
0 137ms
135ms Script
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://offer01.marketingsurface.online/mstatic/assets/js/lazyload.js
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
content-encoding: br
last-modified: Sat, 02 Dec 2023 13:43:07 GMT
server: nginx
etag: W/"328-60b8710960f65"
content-type: text/html

GET
H2 200 hls.light.m.js Show response
s.hbrcdn.com/mstatic/js/ 205 KB
69 KB 172ms
171ms Script
application/javascript 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/js/hls.light.m.js
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 059d42589e2143481e88a37bab21bcacbc5797045f9fe8c1d66fb17514186c14

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 11188179
x-powered-by: ASP.NET
x-midtier: tr-izm-nt-s12
x-cache-status: HIT
server: MerlinCDN
etag: W/"8e195e9fccb7d81:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ 4 KB
2 KB 155ms
46ms Script
text/html 3.20.63.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079874789&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&w=970&h=250&ord=_ADTIME_&z=10000
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.63.239 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-63-239.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6ef3829a3df2052b5018cac1934d4a28df0f9bbacc6270fce47a024f6c210895

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:28 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 1690
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST collect
58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr/api/ 0
0

GET
H2 200 ebPreServing_ndw.js Show response
secure-ds.serving-sys.com/BurstingScript/ 44 KB
13 KB 156ms
35ms Script
application/javascript 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing_ndw.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c5151b8cf46d2a6f145bed7ed4f04cc68aebcb3e53fac281810eaa53f89a6873

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
content-encoding: gzip
x-amz-request-id: 5QP1APS8N4X75NQZ
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
content-length: 12805
x-amz-id-2: uy5m0cQrblHnx7BP2CCBBIvv89bmjAJzs8tLdC+hFgMn4gUQ4ZFQEOVqz1U4F4Jltkyi3Ei8/8Q=
pragma: no-cache
last-modified: Wed, 04 Oct 2023 14:16:50 GMT
server: AmazonS3
etag: "37a6d38869955594a397c114462564b7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: V_dUqX8ceOGYTHDz7s2a30WM-1H_95ORZwNfh3_qQ4Qda_vPlyCJDQ==
expires: Sat, 02 Dec 2023 21:50:28 GMT

GET
H/1.1 200
OK playlist.m3u8 Show response
izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/ 149 B
376 B 740ms
156ms XHR
application/vnd.apple.mpegurl 46.20.149.250
DORATELEKOM

General

Check archive.org

Show headers Download Go to

Full URL: https://izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/playlist.m3u8
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/hls.light.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.20.149.250 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS: izle.haberler.com
Software: Nimble/4.0.1-9 /
Resource Hash: e76dff0cb1d104c9b2df8e22dbbf28ddfd7c811b56535d4b1a33b301e4e4b712

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 02 Dec 2023 21:50:29 GMT
Cache-Control: no-cache
Server: Nimble/4.0.1-9
Connection: Keep-Alive
Content-Length: 149
Content-Type: application/vnd.apple.mpegurl

GET
H2 200 video-ads.js Show response
s.hbrcdn.com/mstatic/scripts/ 10 KB
3 KB 166ms
166ms Script
application/javascript 77.223.133.228
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/scripts/video-ads.js?v=46
Requested by: Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.133.228 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 69243cba8f1d4cf91955556e24044c73d02285bb8e3c9166aca3a7853d5ec9d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 11188178
x-powered-by: ASP.NET
x-midtier: tr-izm-nt-s12
x-cache-status: HIT
server: MerlinCDN
etag: W/"43e86c4ae6a4d91:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: tr-izm-nt-s02
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ 0
197 B 236ms
44ms XHR
text/plain 18.189.152.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing_ndw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.152.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-152-57.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://offer01.marketingsurface.online
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ 13 KB
5 KB 55ms
55ms Script
text/html 3.20.63.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?secCall=1&sessionid=4055235530519630191&usercookie=u2=14e34a95-912c-48bd-b6cf-118a243897ed&c=28&cn=display&pli=1079874789&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&w=970&h=250&ord=_ADTIME_&z=10000&ccpastatus=1&gdprpurposes=847&rand=37644549262892557&vurl=$$https%3A%2F%2Foffer01.marketingsurface.online%2F$$&vurlem=2
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.63.239 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-63-239.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f0d563e8ba87dbe12c1993a5e8df0953134438a6421a4ab8752f0909e48d2277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:28 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 4748
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 118ms
38ms Script
text/javascript 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128095
x-xss-protection: 0
expires: Sat, 02 Dec 2023 21:50:28 GMT

GET
H2 200 versionsOH.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/versions/ 213 B
509 B 53ms
52ms Script
application/javascript 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/versions/versionsOH.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 52c60926de4e2ecac39a3cd11b1808c425a84bd32e5b76aa0551be74a03ffdbe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
content-encoding: gzip
x-amz-request-id: 40MV2H9E7YMVWJHY
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
content-length: 126
x-amz-id-2: KF/hdveY4lYdwHGdgJt6aqaaE9mxeDF9vZnx31pG5RhTA5ihI0Fa0Nk8plITWtzCVviPyF77nKM=
last-modified: Thu, 23 Nov 2023 13:38:49 GMT
server: AmazonS3
etag: "e8788c87ad1f5db307887d64bba4d2f6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1784844
accept-ranges: bytes
x-amz-cf-id: YBX8d8Uxcu3A3VDhPw6rRQOnvmcNFOczJjVOlaQRsO18Y8_2xt-DzQ==

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ 12 KB
5 KB 49ms
47ms Script
text/html 3.20.63.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?secCall=1&sessionid=4055235530519630191&usercookie=u2=14e34a95-912c-48bd-b6cf-118a243897ed&c=28&cn=display&pli=1079874789&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&w=970&h=250&ord=_ADTIME_&z=10000&ccpastatus=1&gdprpurposes=847&rand=07039914230076239&vurl=$$https%3A%2F%2Foffer01.marketingsurface.online%2F$$&vurlem=2
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.63.239 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-63-239.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 06176850a5c3c222a0ead5365f1126e637b0edee2be6d0f9c6cedeff2cae932e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:28 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 4582
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 221 KB
35 KB 616ms
615ms Fetch
text/plain 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4176314242330574&correlator=452962877790007&eid=31079527%2C31078659&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=1007216%2CHaberler_Desktop_NP_160x600_Left_YM%2CHaberler_Desktop_NP_160x600_Right_YM%2CHaberler_Desktop_NP_Recommendation_YM%2CHaberler_Desktop_HP_336x280_1_YM%2CHaberler_Desktop_NP_300x600_YM&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=320x50%7C120x600%7C160x600%2C320x50%7C160x600%7C120x600%2C320x50%7C500x400%7C480x320%7C580x400%2C320x50%7C250x250%7C336x280%7C300x250%7C200x200%2C320x50%7C300x600%7C120x600%7C160x600&fluid=height%2Cheight%2Cheight%2Cheight%2Cheight&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701553828912&lmt=1701553828&adxs=1302%2C2538%2C1570%2C1832%2C2192&adys=571%2C571%2C2468%2C2798%2C591&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Foffer01.marketingsurface.online%2F&vis=1&psz=160x-1%7C160x-1%7C1056x3429%7C360x304%7C336x-1&msz=160x-1%7C160x-1%7C696x0%7C340x-1%7C336x-1&fws=1028%2C1028%2C1028%2C1028%2C1028&ohw=1600%2C1600%2C696%2C340%2C1600&ga_vid=401201743.1701553828&ga_sid=1701553829&ga_hid=228837449&ga_fc=true&dlt=1701553826386&idt=1700&cust_params=Haber_Kat%3DSpor&adks=293307002%2C2322404063%2C1539203115%2C2605381309%2C2972572884&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08932eed5b3b22e199d2e287fc1aa066cea41cafce311584f501609288aade8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36263
x-xss-protection: 0
google-lineitem-id: 6422255275,-2,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138456408548,-2,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://offer01.marketingsurface.online
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 127ms
55ms XHR
application/json 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abbe5cadb2dbc2d9a92edfa28a89408d791dbeee9097a2ebf971b9b2c15e55de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12154
x-xss-protection: 0

GET
H2 200 container.html Show response
b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 116E 6 KB
3 KB 130ms
44ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer01.marketingsurface.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:50:29 GMT
expires: Sun, 01 Dec 2024 21:50:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 107ms
35ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foffer01.marketingsurface.online%2F&domain=offer01.marketingsurface.online&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://offer01.marketingsurface.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://offer01.marketingsurface.online
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 02 Dec 2023 21:50:28 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 182291
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foffer01.marketingsurface.online%2F&domain=offer01.marketingsurface.online&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=9N85HHxwelZENnI5MlFoU2h1aURTcGx1bDdmZmVrVzEyeHdKcGljejAvVXU3S2lHRWd0bTh5WFZmTCs2UENOUmhrUkhSbGd2UHlwNnJBU1RhTElXQm1vRFpDZ0JWdThZb0ZtQitiSEZOdm03dDlOcC9EOVF2aWtaNFU1VE...

386 B
666 B

96ms
33ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=9N85HHxwelZENnI5MlFoU2h1aURTcGx1bDdmZmVrVzEyeHdKcGljejAvVXU3S2lHRWd0bTh5WFZmTCs2UENOUmhrUkhSbGd2UHlwNnJBU1RhTElXQm1vRFpDZ0JWdThZb0ZtQitiSEZOdm03dDlOcC9EOVF2aWtaNFU1VEJCdVQ0cVlERll4TElSbkVXdHduNE9uaVdsL0xVK2ZXWGNmUDF0RFRDMjJVUTFWTkNUNkRKNC9NYWdhT202SktmUDU5eWQ3YnlWbWpWVGc1WlpubENZNDBNcksycCs4ZlhHaEVOYnRUOUhUNzhEaG1tU1UrOTVTSWIwU09IYmNjSnM5NjU1Szh0fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

fc53f9392b831e206e2fd5a531366ddebb6f2809c922082cfbda22f5ec686485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 553426
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://offer01.marketingsurface.online
location: https://mug.criteo.com/sid?cpp=9N85HHxwelZENnI5MlFoU2h1aURTcGx1bDdmZmVrVzEyeHdKcGljejAvVXU3S2lHRWd0bTh5WFZmTCs2UENOUmhrUkhSbGd2UHlwNnJBU1RhTElXQm1vRFpDZ0JWdThZb0ZtQitiSEZOdm03dDlOcC9EOVF2aWtaNFU1VEJCdVQ0cVlERll4TElSbkVXdHduNE9uaVdsL0xVK2ZXWGNmUDF0RFRDMjJVUTFWTkNUNkRKNC9NYWdhT202SktmUDU5eWQ3YnlWbWpWVGc1WlpubENZNDBNcksycCs4ZlhHaEVOYnRUOUhUNzhEaG1tU1UrOTVTSWIwU09IYmNjSnM5NjU1Szh0fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 331567
content-length: 0
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
432 B 347ms
115ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/prebid8.22.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

1de60550f4ce94177080ca7d071c09240d5b62be4c4c4e4949bea203b851e388

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketingsurface.online
date: Sat, 02 Dec 2023 21:50:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 ebHtml5Banner.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ 302 KB
82 KB 45ms
45ms Script
application/javascript 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 30c26578fa0df200478a3fe63c5cd23995195d646707e6602ef527c0587b1695

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
content-encoding: gzip
x-amz-request-id: JJT1K0JKMTQC54Q4
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
content-length: 83539
x-amz-id-2: nawv8lyhAvzJKIKP2lbIk4kBebvfsETSTRmAkhuqMsqyXEBTZp7lAHafqrSjrh6VwcipVXk88GQ=
last-modified: Thu, 23 Nov 2023 13:31:07 GMT
server: AmazonS3
etag: "eca8c15b68f0ca045ff477063a23db64"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1784456
accept-ranges: bytes
x-amz-cf-id: HMDtSODKMgv-ejympE8SAtXTWyGftIXBkXFgJ2yoOOysf_Mvu2RFaA==

GET
H2 200 versionsOH.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/versions/ 213 B
509 B 82ms
82ms Script
application/javascript 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/versions/versionsOH.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 52c60926de4e2ecac39a3cd11b1808c425a84bd32e5b76aa0551be74a03ffdbe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:28 GMT
content-encoding: gzip
x-amz-request-id: 40MV2H9E7YMVWJHY
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
content-length: 126
x-amz-id-2: KF/hdveY4lYdwHGdgJt6aqaaE9mxeDF9vZnx31pG5RhTA5ihI0Fa0Nk8plITWtzCVviPyF77nKM=
last-modified: Thu, 23 Nov 2023 13:38:49 GMT
server: AmazonS3
etag: "e8788c87ad1f5db307887d64bba4d2f6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1784844
accept-ranges: bytes
x-amz-cf-id: YBX8d8Uxcu3A3VDhPw6rRQOnvmcNFOczJjVOlaQRsO18Y8_2xt-DzQ==

GET
H2 200 ebHtml5PoliteBanner.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ 309 KB
83 KB 42ms
41ms Script
application/javascript 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5PoliteBanner.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3d3dcb9df7355755d17d153a2b140c73bce475e8bcf4d5d8901a9947d12ff72b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:29 GMT
content-encoding: gzip
x-amz-request-id: JJT9MZAEFHHM6AY5
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
content-length: 84865
x-amz-id-2: AEBDubnoZvLg4k4yYFZlnRczTWn/MmsdfTTP3g8niGJXFZ1E53VOtkTREYwN7Omqh3PONoqUXD4=
last-modified: Thu, 23 Nov 2023 13:31:08 GMT
server: AmazonS3
etag: "2a11c5cfeeb6f587ab977f3e6ea62e90"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1784418
accept-ranges: bytes
x-amz-cf-id: E5mzQMO6tAo_hzmv6ziqNNpXSzzrYgwPvnXPxbElBUpcGlQX6dobTA==

GET
H2 200 URLUtil.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_117_0_0/ 7 KB
2 KB 44ms
44ms Script
application/javascript 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_117_0_0/URLUtil.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:29 GMT
content-encoding: gzip
x-amz-request-id: QCNS82GVYFBGDZAE
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
content-length: 1951
x-amz-id-2: 37QrxweEtiURZEeRL1gZ+i0pr43vY8XWdsBZ6Tyz/in1bpDe3Qr5rQKo+epAm4n/4SI7P2W4BYc=
last-modified: Thu, 23 Nov 2023 13:31:14 GMT
server: AmazonS3
etag: "3470a076f0022d50a41874998110932e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1784537
accept-ranges: bytes
x-amz-cf-id: 4hMKH9HR7MLsnQL63-FSb3VZ_gjV6QPz30OyXOkPvQuucr2dmhwDFg==

GET
H2 200 970x250.html Show response
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/ Frame D415 3 KB
2 KB 37ms
34ms Document
text/html 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 61c5c51bb7ea7b78c07acfeac3b1227a1aa4df4901ced669b0877584d6e3e1ba

Request headers

Referer: https://offer01.marketingsurface.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: gzip
content-length: 1421
content-type: text/html
date: Sat, 02 Dec 2023 21:50:29 GMT
etag: "60c4912e961a173f62e9340bd33cf0c7"
expires: Mon, 31 Dec 2035 00:00:00 GMT
last-modified: Wed, 29 Nov 2023 08:59:44 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-cf-id: rc1Lf4K79-ez_ZAYK4WzZmTGBuMG2IsHn-nSeNV_kHZFg-9taCmeeQ==
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: mb.T6D4_E_uPJ1Js3lbaDzO9kdib41Sb

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D415 236 KB
63 KB 115ms
41ms Script
text/javascript 2607:f8b0:4004:c19::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 21:50:29 GMT

GET
H2 200 970x250.js Show response
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/ Frame D415 166 KB
44 KB 39ms
38ms Script
application/x-javascript 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/970x250.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1e0fb40242098a27dfd2cb484b05a82b2ff32ee9ffe932016855264463b68c80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: fndTH0MqcQhIe0IuSvPB_WvrPZvPSp5e
content-encoding: gzip
date: Sat, 02 Dec 2023 21:50:29 GMT
last-modified: Wed, 29 Nov 2023 08:59:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P1
etag: "38c67bcf2473a3591a1169ff17a49d4e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: ZLaJG4r-WMOiR5eRvsf8AVodQzjbAvi7_PE6n_QGiPYNx3wc7s8Tzg==
content-length: 45027
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 EBLoader.js Show response
secure-ds.serving-sys.com/BurstingScript/ Frame D415 12 KB
4 KB 36ms
36ms Script
application/javascript 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7ae0b8e3f80fd2c97dea35c4a3643b17368ea41e6e63f083065bfb2a38caf37c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:29 GMT
content-encoding: gzip
x-amz-request-id: PBZKZ9E99F7PZTQS
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
content-length: 3615
x-amz-id-2: dY1sog/jFEOXiYot7VLY5EaWxRlMw+g1cFNblO7r9aXCbhbJezkSDuJakCliYca4euOvAZIL6gI=
pragma: no-cache
last-modified: Tue, 18 Jul 2023 10:48:48 GMT
server: AmazonS3
etag: "b92fa833b298e9df5fa8ee69009adb9a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: 4OXxlVtKMzrf0CE86k4M55OedEnm5LY-Vch0e6nzkZFnV1iXH_OAlw==
expires: Sat, 02 Dec 2023 21:50:29 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 86ms
84ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 21:50:29 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 101ms
32ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 02 Dec 2023 21:50:28 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 270144
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 index.html Show response
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/ Frame 2897 59 KB
17 KB 56ms
56ms Document
text/html 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/index.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2ba02499f7b3de5f87bdcc85dbf9eee3ad1ce5813a667fecc852000c5af793dd

Request headers

Referer: https://offer01.marketingsurface.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: gzip
content-length: 17005
content-type: text/html
date: Sat, 02 Dec 2023 21:50:29 GMT
etag: "45a1bd95bb719aefb8f9a7a533f5c8b1"
expires: Mon, 31 Dec 2035 00:00:00 GMT
last-modified: Tue, 07 Nov 2023 15:02:34 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-cf-id: 08klphWowDfPrRjeGiHRhZ6sUP3CWRrSRtSGIP4QvGpplqjZ7tmd4A==
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: b1.QeJn59zu8UJFgMZrnmILwMa_jHuU3

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
291 B 357ms
120ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/prebid8.22.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

0d7aecc59219372a7c38eea8fd7e609fe8ddc5da9678544f09d94e5852852c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketingsurface.online
date: Sat, 02 Dec 2023 21:50:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 2897 139 KB
48 KB 57ms
56ms Script
text/javascript 2607:f8b0:4004:c19::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/index.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48652
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 21:59:32 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77BC 13 KB
5 KB 47ms
46ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer01.marketingsurface.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 3268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 20:56:01 GMT
expires: Sun, 01 Dec 2024 20:56:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9606 829 B
998 B 48ms
47ms Document
text/html 2607:f8b0:4004:c09::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::69 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7a80264a088ca3bb8e62845e56b21ba26a72e5442adb411ce458d10cf931295

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vsY9I1HfFUTGioK9joxjEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offer01.marketingsurface.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vsY9I1HfFUTGioK9joxjEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:50:29 GMT
expires: Sat, 02 Dec 2023 21:50:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 EB.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_179_1_0/ Frame D415 79 KB
28 KB 39ms
39ms XHR
application/javascript 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_179_1_0/EB.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b1f1881d36e033f8a3a3c2d76a8cee754ed1f5bf38cd2b8616489997ebd4cb0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:29 GMT
content-encoding: gzip
x-amz-request-id: JJTCGT4878XWPGCF
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
content-length: 28366
x-amz-id-2: mZVWaWlzIfkagWn/39BoMV8ULHJweWthKKabePRmZcL7JGZJHDDkOCOeU46OVW2GVHx5Xkbe6gc=
last-modified: Thu, 23 Nov 2023 13:31:12 GMT
server: AmazonS3
etag: "1e19bdb7b58f499266826e96c99faa92"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1784391
accept-ranges: bytes
x-amz-cf-id: gl-BEmkvB6wt94ZJBpUKcl4KV3rtwo2VvqS--EZl-OnrbffS38q8Mw==

GET
H2 200 _2_8_aralik_10tl_01.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/images/ Frame D415 26 KB
26 KB 45ms
44ms Image
image/png 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/images/_2_8_aralik_10tl_01.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f24da1c8352009f01a0d15eee7fb59bdbd3cbf599ca35b74e202120d20a9dcae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: YWSwo0UXyVOss7pM6k4ASLSCbltjMb1n
date: Sat, 02 Dec 2023 21:50:29 GMT
last-modified: Wed, 29 Nov 2023 08:59:45 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P3
etag: "d2a9a2d7d3973c684ca9a4e6576e1b85"
x-amz-server-side-encryption: AES256
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 26631
x-amz-cf-id: 1HBzjElNj-TGa_N-SOIwX1jSRiXy-LxcKT3SQBxhIj4TdFzFbDM7Uw==
expires: Mon, 31 Dec 2035 00:00:00 GMT

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ 0
197 B 45ms
45ms XHR
text/plain 18.189.152.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5PoliteBanner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.152.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-152-57.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://offer01.marketingsurface.online
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

GET
DATA 200
OK truncated
/ Frame 2897 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 Serving Show response
bs.serving-sys.com/ 24 B
606 B 48ms
47ms XHR
text/html 3.20.63.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&dmae=0&sessionid=4055235530519630191&ai=1092163831&usercookie=u2=14e34a95-912c-48bd-b6cf-118a243897ed&oo=0&clsrc=2&clbv=_2_250_3_0&gdprpurposes=847&dg=1078263137&sdg=1079543897&ctick=200&ord=0.8708753654806309
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.63.239 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-63-239.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://offer01.marketingsurface.online
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: private
access-control-allow-credentials: true
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H2 200 adServer.bs
bs.serving-sys.com/Serving/ 0
476 B 46ms
46ms Ping
text/html 3.20.63.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&int=1092163831~~0~~1078263137~~4055235530519630191^MultiBurn~0~0~01020~21^VsR~0~0~01020~203^VsRAd~0~0~01020~203^AdStart~0~0~01020~203&usercookie=u2=14e34a95-912c-48bd-b6cf-118a243897ed&rnd=0.17176012206928615&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.63.239 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-63-239.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://offer01.marketingsurface.online
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ 0
476 B 47ms
47ms XHR
text/html 3.20.63.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&interactionsStr=$$1092163831~~0~~1078263137~~4055235530519630191%5EActualSize~970x250x0x1x0000x0x0x970x250~0~01020~205$$&usercookie=u2=14e34a95-912c-48bd-b6cf-118a243897ed&rnd=0.6686830959067898&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.63.239 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-63-239.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://offer01.marketingsurface.online
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ 0
476 B 47ms
46ms XHR
text/html 3.20.63.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&interactionsStr=$$1092163831~~0~~1078263137~~4055235530519630191%5EAdParams~ifr%3D0%26loc%3D1515x320%26size%3D970x250%26cb%3D2%26env%3D0%26vsbp%3D1%26bi%3D-1%26idx%3D1~0~01020~207$$&usercookie=u2=14e34a95-912c-48bd-b6cf-118a243897ed&rnd=0.8060907491255789&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.63.239 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-63-239.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://offer01.marketingsurface.online
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 77BC 39 KB
15 KB 102ms
34ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:47:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 20:47:43 GMT

GET
DATA 200
OK truncated
/ Frame 2897 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9606 0
0 109ms
58ms Image
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=4176314242330574&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H/1.1 200
OK chunk.m3u8 Show response
izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/ 536 B
763 B 159ms
159ms XHR
application/vnd.apple.mpegurl 46.20.149.250
DORATELEKOM

General

Check archive.org

Show headers Download Go to

Full URL: https://izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/chunk.m3u8?nimblesessionid=336428864
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/hls.light.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.20.149.250 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS: izle.haberler.com
Software: Nimble/4.0.1-9 /
Resource Hash: 35d218a0cca702b1dec64ad8b8715c5d9b4451357e575723157e5b7b29183620

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 02 Dec 2023 21:50:29 GMT
Cache-Control: no-cache
Server: Nimble/4.0.1-9
Connection: Keep-Alive
Content-Length: 536
Content-Type: application/vnd.apple.mpegurl

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ 0
197 B 45ms
45ms XHR
text/plain 18.189.152.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.152.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-152-57.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://offer01.marketingsurface.online
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

GET
H2 200 Serving Show response
bs.serving-sys.com/ 24 B
606 B 49ms
49ms XHR
text/html 3.20.63.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&dmae=0&sessionid=4055235530519630191&ai=1092163799&usercookie=u2=14e34a95-912c-48bd-b6cf-118a243897ed&oo=0&clsrc=2&clbv=_2_250_3_0&gdprpurposes=847&dg=1078263137&sdg=1079543897&ctick=415&ord=0.4613530726313153
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.63.239 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-63-239.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://offer01.marketingsurface.online
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: private
access-control-allow-credentials: true
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ 0
476 B 46ms
46ms XHR
text/html 3.20.63.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&interactionsStr=$$1092163799~~0~~1078263137~~4055235530519630191%5EActualSize~970x250x0x1x0000x0x0x970x250~0~01020~416$$&usercookie=u2=14e34a95-912c-48bd-b6cf-118a243897ed&rnd=0.8552040321195609&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.63.239 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-63-239.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://offer01.marketingsurface.online
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 _2_8_aralik_10tl_02.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/images/ Frame D415 22 KB
23 KB 40ms
40ms Image
image/png 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/images/_2_8_aralik_10tl_02.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9bf4861c15ce1be18f39a311d1bf9de6a77c5036bba4c2d1c5a40d2f6c9cfb37

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: QTl9gdfOerF4Iki_0lDUOJtaCHgTt9da
date: Sat, 02 Dec 2023 21:50:29 GMT
last-modified: Wed, 29 Nov 2023 08:59:45 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P1
etag: "340cacbb6daa560c3b74c72645e7dfdf"
x-amz-server-side-encryption: AES256
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 22971
x-amz-cf-id: 7EwpQnpZF6GtbuAbCVl-bNoXxT7HUwuiANLkO8Y0XvfjcMHnIHiBrg==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2897 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 dev_studio_01_250_videomodule.js Show response
s0.2mdn.net/ads/studio/ Frame 2897 14 KB
5 KB 38ms
38ms Script
text/javascript 2607:f8b0:4004:c19::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/dev_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/Enabler.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023b881adfdfbd01a5c162f6a497f4ac793bec2dee6c664e011fe2505365af95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5140
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 21:54:40 GMT

GET
H2 206 25_FILM_A101_81_IL_79SN_970x250_1.mp4
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/ Frame 2897 3 MB
0 36ms
36ms Media
video/mp4 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/25_FILM_A101_81_IL_79SN_970x250_1.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/index.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: rW0EGFq_1hkw2XBXzaw00iSoESGAoU9a
date: Sat, 02 Dec 2023 21:50:29 GMT
last-modified: Tue, 07 Nov 2023 15:02:34 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P3
etag: "71d90a33404b640438165600954108c3"
x-amz-server-side-encryption: AES256
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-8298225/8298226
accept-ranges: bytes
x-amz-cf-id: 8w9D_LIJDBMyiBEooT0AaL5_SoY5j-E_RMMOBqsIsPvWJ1vdTFDbeQ==
Content-Length: 8298226
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2897 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 telefonelsag11.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/images/ Frame D415 4 KB
4 KB 73ms
72ms Image
image/png 23.222.4.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/images/telefonelsag11.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.4.152 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-4-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0f2bb0591c3166bb83f8600b99048a3d5e25ba5dd904df5971d8e4d2da2d4b31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327682/83943520788820510/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: E6VClu.gUm65SheKnBbyjOpwHhaS0O0X
date: Sat, 02 Dec 2023 21:50:29 GMT
last-modified: Wed, 29 Nov 2023 08:59:45 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P3
etag: "4c996d56de86f9d875dd4c1093e9a950"
x-amz-server-side-encryption: AES256
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3657
x-amz-cf-id: aSk3wKENGDjLC7OYilOxwKijbw3cJ0wYbrmg-g21e4taTvf9KPh7Jw==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2897 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 container.html Show response
b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2315 6 KB
3 KB 43ms
43ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer01.marketingsurface.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:50:29 GMT
expires: Sun, 01 Dec 2024 21:50:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame FEEF 196 KB
56 KB 124ms
35ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 06:31:11 GMT
age: 314358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 06:31:11 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame FEEF 15 KB
5 KB 237ms
148ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 09:13:15 GMT
age: 304634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 09:13:15 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame FEEF 95 KB
29 KB 240ms
152ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 12:42:11 GMT
age: 292098
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 12:42:11 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame FEEF 5 KB
2 KB 237ms
149ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 06:31:11 GMT
age: 314358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 06:31:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame FEEF 40 KB
13 KB 238ms
150ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 01 Dec 2023 03:30:55 GMT
age: 152374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Nov 2024 03:30:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FEEF 4 KB
927 B 51ms
50ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 21:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 20:40:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 21:50:29 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame B742 196 KB
55 KB 188ms
115ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 06:31:11 GMT
age: 314358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 06:31:11 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B742 15 KB
5 KB 164ms
161ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 09:13:15 GMT
age: 304634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 09:13:15 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B742 95 KB
28 KB 166ms
163ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 12:42:11 GMT
age: 292098
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 12:42:11 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B742 5 KB
2 KB 165ms
162ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 06:31:11 GMT
age: 314358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 06:31:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B742 40 KB
13 KB 170ms
167ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 01 Dec 2023 03:30:55 GMT
age: 152374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Nov 2024 03:30:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B742 6 KB
779 B 50ms
49ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 21:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 19:54:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 21:50:29 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 1116 196 KB
55 KB 158ms
100ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 06:31:11 GMT
age: 314358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 06:31:11 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1116 15 KB
5 KB 168ms
166ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 09:13:15 GMT
age: 304634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 09:13:15 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1116 95 KB
28 KB 176ms
173ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 12:42:11 GMT
age: 292098
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 12:42:11 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1116 5 KB
2 KB 177ms
175ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 06:31:11 GMT
age: 314358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 06:31:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1116 40 KB
13 KB 171ms
169ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 01 Dec 2023 03:30:55 GMT
age: 152374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Nov 2024 03:30:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1116 6 KB
779 B 47ms
46ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 21:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 21:37:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 21:50:29 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FEEF 2 KB
2 KB 35ms
34ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
age: 15950
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 03 Dec 2023 17:24:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FEEF 295 B
319 B 38ms
36ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
age: 15950
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 03 Dec 2023 17:24:39 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B742 2 KB
2 KB 38ms
37ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
age: 15950
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 03 Dec 2023 17:24:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B742 295 B
319 B 44ms
43ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
age: 15950
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 03 Dec 2023 17:24:39 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1116 2 KB
2 KB 44ms
43ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
age: 15950
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 03 Dec 2023 17:24:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1116 295 B
319 B 45ms
44ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
age: 15950
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 03 Dec 2023 17:24:39 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15139493918337893942/ Frame FEEF 24 KB
24 KB 43ms
42ms Image
image/jpeg 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15139493918337893942/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6171cec97d387ab85b2229f0383a057bc211d571099f5ec2040d4e06b9854896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 06:46:47 GMT
x-content-type-options: nosniff
age: 54222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24971
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:01:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 06:46:47 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6268704366443222237/ Frame FEEF 13 KB
13 KB 51ms
51ms Image
image/jpeg 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6268704366443222237/14763004658117789537

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4633bbf6bc38c0a87dc94129d93268809682b97a5adefef846466887e1b1e2b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 16:49:17 GMT
x-content-type-options: nosniff
age: 190872
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13143
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 15:35:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 16:49:17 GMT

GET
DATA 200
OK truncated
/ Frame FEEF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e57a2f9d2bdc5ea44153ec46a751b5648a61a4c294de2ef557df14b256515914

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11290085524791034197/ Frame B742 17 KB
17 KB 94ms
94ms Image
image/jpeg 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11290085524791034197/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5e24afc7b8b2819d7c664b71fd8030dff7b43e0777d50df346161b0c839ca3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:29 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16928
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 14:31:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 21:50:29 GMT

GET
DATA 200
OK truncated
/ Frame B742 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B742 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 452142093ea5fd524327f24a76bbe7bf039861f691ab66ea77c4f492ade59335

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/18305049409414776502/ Frame 1116 44 KB
44 KB 50ms
49ms Image
image/jpeg 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18305049409414776502/2076313506083323656

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

210d2973e327a194fcd857a265c62cebec444a3d08be60128dd3def8f920623b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:27:50 GMT
x-content-type-options: nosniff
age: 51759
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45482
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 01:23:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 07:27:50 GMT

GET
H3 200 9088799497363390590
tpc.googlesyndication.com/simgad/ Frame 1116 2 KB
2 KB 48ms
48ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9088799497363390590?w=100&h=100&tw=1&q=75

Requested by

Host: offer01.marketingsurface.online
URL: https://offer01.marketingsurface.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe2de3eaad83b096fcee729fa3bccb263fc99e61d1a6a3f3bb018ddf33ed63d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 22:49:20 GMT
x-content-type-options: nosniff
age: 169269
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2290
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 10:05:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 22:49:20 GMT

GET
DATA 200
OK truncated
/ Frame 1116 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1116 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a0f1c9a01c9bef148cb5d86edff7a78f87f47f86b72d35dde258149ecbd6907

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 48ms
48ms Ping
text/plain 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je3bt0v9103786146&_p=1701553826414&gcd=11l1l1l1l1&dma=0&cid=401201743.1701553828&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=gA&_s=3&sid=1701553828&sct=1&seg=0&dl=https%3A%2F%2Foffer01.marketingsurface.online%2F&dt=Sakatl%C4%B1klar%C4%B1n%20bir%20t%C3%BCrl%C3%BC%20pe%C5%9Fini%20b%C4%B1rakmad%C4%B1%C4%9F%C4%B1%20Arda%27dan%20haber%20var%20-%20Haberler&en=Impression&ep.event_category=Mobil%20Haber%20Detay&ep.event_label=Videolu%20Haber&_et=49&tfd=5012
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketingsurface.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK n_0_0_0.ts Show response
izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/ 589 KB
589 KB 182ms
181ms XHR
video/mpegts 46.20.149.250
DORATELEKOM

General

Check archive.org

Show headers Download Go to

Full URL: https://izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/n_0_0_0.ts?nimblesessionid=336428864
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/hls.light.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.20.149.250 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS: izle.haberler.com
Software: Nimble/4.0.1-9 /
Resource Hash: 479df91fa16c1c7f394b9b2eef2793ea8f46c5153cffd6839f8c40ce43c9aab7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 02 Dec 2023 21:50:29 GMT
Cache-Control: no-cache
Server: Nimble/4.0.1-9
Connection: Keep-Alive
Content-Length: 602916
Content-Type: video/mpegts

GET
BLOB 200
OK f2197ddb-f9f9-428f-ab40-24ee584b413e
https://offer01.marketingsurface.online/ 76 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://offer01.marketingsurface.online/f2197ddb-f9f9-428f-ab40-24ee584b413e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 174ee81fe3239c66218623548b7dce74bdfaebbb783c59a84826f1689a056d74

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 77329
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ Frame 2897 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FEEF 16 KB
16 KB 109ms
36ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offer01.marketingsurface.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:52:28 GMT
x-content-type-options: nosniff
age: 10681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 18:52:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FEEF 15 KB
15 KB 114ms
42ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offer01.marketingsurface.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:26:49 GMT
x-content-type-options: nosniff
age: 73420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 01:26:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B742 15 KB
16 KB 136ms
74ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offer01.marketingsurface.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:37:37 GMT
x-content-type-options: nosniff
age: 540772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Nov 2024 15:37:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B742 15 KB
15 KB 152ms
94ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offer01.marketingsurface.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:08 GMT
x-content-type-options: nosniff
age: 7281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 19:49:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1116 15 KB
16 KB 138ms
84ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offer01.marketingsurface.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:37:37 GMT
x-content-type-options: nosniff
age: 540772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Nov 2024 15:37:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1116 15 KB
15 KB 159ms
106ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offer01.marketingsurface.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:08 GMT
x-content-type-options: nosniff
age: 7281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 19:49:08 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2315 24 KB
6 KB 36ms
35ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com
URL: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 16:51:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Nov 2024 16:51:10 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 2315 18 KB
8 KB 117ms
34ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com
URL: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 02 Dec 2023 22:11:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2315 202 KB
64 KB 121ms
38ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com
URL: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 21:50:29 GMT

POST
H2 200 381.json Show response
id5-sync.com/g/v2/ 625 B
1 KB 354ms
120ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/381.json

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/prebid8.22.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

852795b9cd28d175be5fec4b40d0d063ac7239dfd7c76bda6f782b6ee9580145

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketingsurface.online
date: Sat, 02 Dec 2023 21:50:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2315 0
0 54ms
53ms Fetch
image/gif 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvir9ShtzyBA3p-AWi5jIlohbfGdrEYMKV70J6gTbJ4fh75H61a2y5YetW2KyPr6jxkZbeDRZr9hFZJw5tLcQvVMog2JoKGulmGZH2aTdFpQtY9hHJJ31D4ZfHd77bXbeAsQIqJ-Uaari9hSydqlPrUo3nxXiex5-IB19WuzA55I1VtfGQTWPxVhJ26Wv-rfonFrO8wboM5rs9g7m5EmlhFjhb7ra-cTFI9SqtuDl030ExMhvr3LnMlENKqSZZKwlug7k6hGksWjbqez_ewum-V1QckdXpk0MJRarrkdgAFibgksJQHFz6Q0DfUB8fwlBQF2XFCEXfYIyY3Nri47Biygcy1IHfm5hwJ2KNWHODfVbUi2AlmScFHwZX-u6mSwCz33mQSwLGm4bgZAafmcAw&sai=AMfl-YQXrglxt6QYH4dXnCHRkd5s8pcSHBXrr5AYtujtS-ddejKlhg-DVSQpuL29BkjtGmMWBNhZgbChETZ4YxIZ1pqxJH0YYl6GfMY_i82leS3ZR7-6Bbpw67Ymui_dzSiP2X6lcLYhJ3ccasHYEq5f1Wi8yDH4gUEnMKQckw&sig=Cg0ArKJSzG4ZSiDQrLPVEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com
URL: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 21:50:30 GMT

GET
H2 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 2315 59 KB
23 KB 44ms
43ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 12:08:48 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B742 2 KB
2 KB 39ms
39ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
age: 15951
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 03 Dec 2023 17:24:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B742 295 B
319 B 38ms
37ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
age: 15951
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 03 Dec 2023 17:24:39 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 77BC 0
10 B 33ms
33ms Image
text/plain 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Zkj0aQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 2897 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2897 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FEEF 0
0 67ms
67ms Image
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ce-7epKZrZeyfPOvkrr4P1LOUsAzGk8e1bbLo4bb1CrCQHxABILiT0B1gye6Oi8CkjBCgAZyxh9QDyAEJqQKzu_cPWslePuACAKgDAcgDCqoE1gJP0JzeQ5OMq_QRx8eHnQ472xKUYYT93uu0240zwyFK92ZyYqXM7ux1E5EtprIHmYoUePEVEWuO_uEHYeCvF6kpvJcHdM6sC90LbzJi0zQ_AGQIlqNpNfKnbZ_2N-UMTl67Xq3eNJLXvEdTEcz5UfvDRCQEIhZfH335dCgpmRswRPK6v0zvMyFBHIzRS8MIo6G8fkcFJxRhnHNOC8E5iRJN7sLA7pNfpQlBLQnXb9VcXerFs_In6qz8Q8IjjZPPlkPAw7sbhQUXvyK0KSw9tqtcn_r6WuLB8pRweadJIxgbYLXQe3cv4dzjd6cTmwhy8jgPAZ1yJq1gksqRCCldULWrRmL2y3G2Rcoj65hQFIYkfh4KdbnUdCNtzAGJDz0NzcYFvAg8b-yLXYww0Oi-wCp8p77qbJQQV6m-nwVQ-sERJWE6vGBrVWWGYLs8xxAk8gDg1NKPgdbABKfmwOqFA-AEAYgFmbuIqSWSBQQIBBgBkgUECAUYBKAGLoAHzM74K6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPvtENIIHQiAYRABGB0yAooCOgKAQEi9_cE6WNSWqvzd8YIDmgkZaHR0cHM6Ly93d3cuZ2Vtc25nZW1zLmNvbYAKA8gLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2gwRCgsQ8NXuxKC-8-ynARICAQPiDRMI5dmq_N3xggMVa7LLAR3UGQXGuBPkA9gTDYgUC9AVAZgWAYAXAbIXHgocCAASFHB1Yi03MzY3ODU2MTY1NDcwMjk2GMD3BQ&sigh=ANbW11C4oEc&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNMelWn_JvZKGzahjW4rVfiolmsTonUgN618LMFuZsPD0FoqRkTKSskVxaTMJySJlj78CEd-czNy_n2HtfwV_REtVo1mJ6fi1lOxgB&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1116 0
0 71ms
70ms Image
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGsTBpKZrZe6fPOvkrr4P1LOUsAyf3KH3c_aSkvf2EcONxeCPDhABILiT0B1gye6Oi8CkjBCgAcCQrdEpyAEJ4AIAqAMByAMKqgTMAk_QckQGZhjNE5w8Cro0tZkxIm6Ln-d_x3-q2rmJ6pQ2PFR1Ud6fkh4yc5D-kTBPWh0kfByNKVPI4EVtyB3An2ShNNuPpyT8lY7LSC_wyN7Hk-d-n1bMmDfn6tzLxXq1KDIC_AIy-S473WX2fACVh34pRTqps9rqrM9wOjoLAUbBKPc0roNAn2j1OFxlfo2L-ORwbBTDFfl_3nkSn71yzqmFUC4P_L92Lb_r9oECg-tGsJeK2nvxFZgxOVxYadDuyHUYaCaVrN8KcLjRqqSO43-23L2o-RNhuXiqii0aDCBWLzcyRMlMfmuqZVDy3W8gvCqecleVGrooBArA7KBi5kfpdhGI-2ZZSKNiG31FQuwFGPVgXJNlpqftr9b_O26ENsSCV3SuJHt7KadJPKtQ9JIIowkXFoSoDMWewbhuR7AcbK_zl_-qWckOQi9dwAT0oJz0vwTgBAGIBa2OkPVMkgUECAQYAZIFBAgFGASgBi6AB8DI_bAEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQpNsH0ggdCIBhEAEYHTICigI6AoBASL39wTpY1Jaq_N3xggOaCbEBaHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzP2NvbnQ9YWIyJnE9c29mdHdhcmUrb3V0c291cmNpbmcrY29tcGFueSZzcmM9bWcmZ2NoPVQwMDAwMzgyJnZpc2l0b3JfaWQ9JTdCZ2NsaWQlN0RfX19fJTdCcGxhY2VtZW50JTdEJmxpbmtfa2V5PTZhNThlZTI1MTUxYTc5ZjYzMjUwZjdhMjQxYWVkYjhjgAoDyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLaDA8KCRDwifjTgvDLZBICAQPiDRMI59mq_N3xggMVa7LLAR3UGQXGuBPkA9gTDNAVAYAXAbIXHgocCAASFHB1Yi03MzY3ODU2MTY1NDcwMjk2GMD3BQ&sigh=AlKEJvxANS0&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNMelWn_JvZKGzahjW4rVfiolmsTonUgN618LMFuZsPD0FoqRkTKSskVxaTMJySJlj78CEd-czNy_n2HtfwV_REtVo1mJ6fi1lOxgB&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B742 0
0 71ms
70ms Image
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqaIspKZrZe2fPOvkrr4P1LOUsAyFwbbMdLTChKPkEZ2E_siAEBABILiT0B1gye6Oi8CkjBCgAY-835IqyAEJqQIGRLMWG8hJPuACAKgDAcgDCqoEzwJP0NAvFAehhTaVmiOGb3inKWcR7PfH6-UutextU4bTup9r32Ip2OlXRQNJNC4f00-EdqWkqvEDJfa8j08d_9a4Y830AlQLqErCyWZfoqiR85OA7P4lc5QcIT-gfnetQ1UIhe1VajV8S3Xct9X9hKuscYgqlkGqTkPD7w14VUA_D5UtBjqf-ZeJpEm5vRO2q37DX-KcvcLy6OmMoASxWDl5kaZ6E8hD3M1FdpUbtdV5LzUlIZedMEY_YBnsU4os09U41zciENa5Rh1EzNO8XvIHCfFTld3tZdcQOP8bcW0DhCmZ_pxvackd0SO8DCykl-ES52Rnz2Nzp_MNw3Rgz0OS2j7_fvO4budjl5NpGSb_V-pPV9dw0CCNeJQnCoJQb18puXL9eJ4AAolOAFY_xzXt4yKNR_YPxan9URJEUfyHRltHpuv7ngV_omLHxw-GM8AEoPmvvswE4AQBiAXE0qGqTZIFBAgEGAGSBQQIBRgEoAYugAeP9K_yBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEL2fCNIIHQiAYRABGB0yAooCOgKAQEi9_cE6WNSWqvzd8YIDmgmVBGh0dHBzOi8vbmV4dGdlbmluZm9odWIuY29tL19jb250ZW50L2FydGljbGU_YXJ0aWNsZUlkPUJlc3QrUG9ydGZvbGlvK21hbmFnZW1lbnQrdG9vbHMmYnJhbmQ9Nzc2Mjc2MjcyMSZzdWdnZXN0ZWRUZXJtcz1BSS1wb3dlcmVkJTIwcG9ydGZvbGlvJTIwbWFuYWdlbWVudCUyMHNvZnR3YXJlJTIwZm9yJTIwaW52ZXN0b3JzLFJvYm8tYWR2aXNvciUyMHBvcnRmb2xpbyUyMG1hbmFnZW1lbnQlMjB0b29scyxQb3J0Zm9saW8lMjBtYW5hZ2VtZW50JTIwc29mdHdhcmUlMjB3aXRoJTIwcmlzayUyMGFzc2Vzc21lbnQsUmVhbC10aW1lJTIwcG9ydGZvbGlvJTIwdHJhY2tpbmclMjBhbmQlMjBhbmFseXNpcyUyMHRvb2xzLFBvcnRmb2xpbyUyMG1hbmFnZW1lbnQlMjB0b29scyUyMGZvciUyMHJldGlyZW1lbnQlMjBwbGFubmluZyxJbm5vdmF0aXZlJTIwcG9ydGZvbGlvJTIwbWFuYWdlbWVudCUyMGFwcHMlMjBmb3IlMjBtb2JpbGUlMjBkZXZpY2VzJmFkQ29weVRpdGxlPUJlc3QrUG9ydGZvbGlvK21hbmFnZW1lbnQrdG9vbHMmcGFnZT1jb250ZW50gAoDyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLaDBEKCxDwlKfmodXG14IBEgIBA-INEwjm2ar83fGCAxVrsssBHdQZBca4E-QD2BMMiBQB0BUBmBYBgBcBshceChwIABIUcHViLTczNjc4NTYxNjU0NzAyOTYYwPcF&sigh=I1bmyJCMuGc&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNMelWn_JvZKGzahjW4rVfiolmsTonUgN618LMFuZsPD0FoqRkTKSskVxaTMJySJlj78CEd-czNy_n2HtfwV_REtVo1mJ6fi1lOxgB&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 B31152372.382621930;dc_ver=99.292;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=1224470513;ord=qz3g16;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Foffer01.marketingsu... Show response
ad.doubleclick.net/ddm/adj/N195005.279382INVITEMEDIAINC.D3/ Frame 2315 72 KB
33 KB 311ms
69ms Script
text/javascript 142.251.167.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N195005.279382INVITEMEDIAINC.D3/B31152372.382621930;dc_ver=99.292;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=1224470513;ord=qz3g16;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Foffer01.marketingsurface.online%2F$0;xdt=1;crlt=Isu7vIxN5u;stc=1;chaa=1;sttr=165;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f148.1e100.net

Software

cafe /

Resource Hash

8e12cbf3344fa120a025ea7a16c2baad086a5d2e82180e7145c2b3b19b78a1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32764
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 2315 11 KB
4 KB 42ms
41ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N195005.279382INVITEMEDIAINC.D3/B31152372.382621930;dc_ver=99.292;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=1224470513;ord=qz3g16;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Foffer01.marketingsurface.online%2F$0;xdt=1;crlt=Isu7vIxN5u;stc=1;chaa=1;sttr=165;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:57:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2315 0
0 782ms
63ms Fetch
image/gif 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhNGENkI_68x6L3_8b3tnm-5Q7cnD6dtPac84vi8rhRCr5zNmNeRNWxtGvCimjiBsk4_oAs-uBhLXGZWWTYRVJOLjGVPL6-21i6SwPvcWlA2rUDwnbw_jjarL6JLfLV9knzInxvaFMKhtHS78Im4kwxG0feF1kuXK-f946O3s30dYheWqIDU2hAcZ1eb1n022RyrIZIEqCFu2NyBJ8h54J&sai=AMfl-YQPvEpZmwrCBhfEZ2K_K1Fq8ZZSVozKVYqhMKaHlseGpjaW2-oUtQJenOzX7hfQIY9rI9DMd28qQvbpWnJw_Hm33kGsrQG9ZEfczg&sig=Cg0ArKJSzJUS8W9fTUiGEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20231129.44028&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2315 41 KB
14 KB 34ms
34ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 19:52:14 GMT

GET
H3 200 3270622691705387018
s0.2mdn.net/simgad/ Frame 2315 41 KB
41 KB 39ms
38ms Image
image/jpeg 2607:f8b0:4004:c19::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3270622691705387018

Requested by

Host: b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com
URL: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16c4ff017a631f91514ea3648e96da1fc1e77bf45043a2c3e5bd576bb370a25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:00:54 GMT
x-content-type-options: nosniff
age: 100176
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41747
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 14:53:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 18:00:54 GMT

GET t.js;adv=11262207634697;ec=11262227304111;adv.a=8216674;c.a=31152372;s.a=3352359;p.a=382621930;a.a=573638413;cache=3222014926
ad.atdmt.com/i/ Frame 2315 0
0

GET
H2 200 93664
stags.bluekai.com/site/ Frame 2315 62 B
566 B 854ms
137ms Image
image/gif 23.220.132.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/93664?phint=event%3Dimp&phint=aid%3D8216674&phint=pid%3D382621930&phint=cid%3D31152372&phint=crid%3D206420031
Requested by: Host: b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com
URL: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.132.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-132-230.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 02 Dec 2023 21:50:31 GMT
content-length: 62
bk-server: 41e
content-type: image/gif

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2315 202 KB
64 KB 65ms
64ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com
URL: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 21:50:30 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2315 0
0 701ms
62ms Fetch
image/gif 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhNGENkI_68x6L3_8b3tnm-5Q7cnD6dtPac84vi8rhRCr5zNmNeRNWxtGvCimjiBsk4_oAs-uBhLXGZWWTYRVJOLjGVPL6-21i6SwPvcWlA2rUDwnbw_jjarL6JLfLV9knzInxvaFMKhtHS78Im4kwxG0feF1kuXK-f946O3s30dYheWqIDU2hAcZ1eb1n022RyrIZIEqCFu2NyBJ8h54J&sai=AMfl-YQPvEpZmwrCBhfEZ2K_K1Fq8ZZSVozKVYqhMKaHlseGpjaW2-oUtQJenOzX7hfQIY9rI9DMd28qQvbpWnJw_Hm33kGsrQG9ZEfczg&sig=Cg0ArKJSzJUS8W9fTUiGEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=82&vt=11&dtpt=80&dett=2&cstd=1&cisv=r20231129.44028&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2315 0
0 55ms
54ms Fetch
image/gif 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0rqZDkNF7mEKdTvqsAcgvyLLqDiYy47HNP3iMSUX62k05KdDYlGFsS15d5HzwP-qwkPtIr78ClX-2XFJLNavzkl-Fyeqef4gam0_xnKqzA-8RlxiTFLrbK5EhfZoELCphBl8TuDNDV85mucFKovVlrSD32Iw0T2GZpTWGGfebRcTSxHaRGYCPODNr09MxAIjIdoKgW46MPBLyvd28-hKkR4k1-gYxAszfrqB_Aru7lKcTP-vRXv5rm_IFL5YMYgoeoGoKbnWCbWByQ0dDhbWtjsmX4B6eAhl79Qf_KFKRuaReNn5q3Q9cAwv8ei4wKRReWB5mswpO2gY-1JNdizwojBF7ey67jOJS3dXPXFvQsFdnzGvr87Em6snSGDdpdk-MVwqASgy627q3T-94IztO_w&sai=AMfl-YRQLYkgBcxLEBg3ZjODv99aYM6c9q8zxXMzpyLzH8ij8QtP73L9pv_q5ep9MVTpGhCQrkN8vyv_Gu_6MwpwMHbejL-__nzSoF_NIUhRwDxC8_i2V8yaE7EbqqezY4yUlkhKwV62NP8ah-svSDgc1nXAbf5StpPlIIh0qQ&sig=Cg0ArKJSzNlp3lPeRCYfEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 21:50:30 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame ACEA 38 KB
13 KB 54ms
34ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 193468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 16:06:03 GMT
expires: Fri, 29 Nov 2024 16:06:03 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 103ms
102ms Image
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=4176314242330574&bg=!aWqlaiXNAAY3kmNgF5I7ADQBe5WfOLxMLn9408b4byzDG3oYihSmKSTGR6lLmB7tWhtTlUnolZgSl-XjLWqDSXGZZJU3AgAAAuJSAAAABGgBBwoAoVPw-JphXRO42QI-80CD9eEG6nwqnNVozDDq8AWBP3_orlaZ1rHV5Khit8Mg8ZkTkWcXx-nOCVt6fQ9Ct_sghNiEhwVh42y8MYJQgcOpEyEGmfTHmGvo6ApQgvDWPFoE4y5OXgbSHiGJqBzQp_Jqaw26IFsmlmLA7WcrAGLH4obdUt2ghQFgGq_kUwGGH6x607BOGUCnQPeyuHwLGWjZpExcmQLJGqJL4qv9Fa2ucsvgQADkOLMnPozX4Gck3KAflkSgbFzrRPFgsVoijXW-s1v9f_ygNzYaA7M9GPctZSwMPH1r7vcdChvARmCFYUjf_guPf5LdNcANPY5yEwgXrBBS-3LJSG3KysrUhwXW2jKLs4TZJlCuFC7HMQeM8wuh8oKS8COJz-sT8JWTJNAHfxsQxSjrYBsgfNuZTInddtDgtmFRANxSXY45417HaRHEMBPxvTcglsh8tdkvCP46V9j8CxS0sLSKkyxxDgW6dwDHFUEeNohqthzWyLQk5u-I06SRYVBRWI6n3SnOaU3oMtSR0jjATZEQpJ_FEB64xZEzb7rJIZD0BK5usVbDlgJWTMQmPMp0xzYfYSooJqoDCDScMD0uMZWeJTy52lMNyib82XQVlT9db3LjT1KD9k6BxzezzC4Lm7Rgb_4kwAsiIaAv_nEnkGkCaJlSmGJ4NXMtuJK0av0P9xN0ZXTvv6xppXdacVAOm-ydhGVlRwkheUXVTejlb35XVKhXlK2GIjsgUQX1TRWWBxgXaJ5OKtFsWqltz5nmI69fjpYLhF2xjneyNnuO232n4oNWTr3bPzkNjZqzX24YSJGfLLAmQlqZ8XJfKqw1ia8kZrLQVv8TfR-IfdGk0xUm1jJSiQ4W2To96jOYFU0M5_QhTiLYujt5f7gpZzI0TEZOLX032HL2A7p5WtELqtdTe2bfYtgPfJljfYQFXPQYcqxe19aiyLokAFgzmOBSpcx0q2upsMw4uncPAAbYb0f-QvbqPJzP6yxGL-poSoatn72JkA365vM1aiVSXYTuFfsQjPmmNZqNjurRAnCndFhq0lywThzvSJt8QePiFBBMM5cJ8uHRWkHOo_iL1ycjNpuuJz8xVflaJCYnabT-zs49TkjN1jwBCSVqadGTPjrYpTOS6wLbZuQS_O6QZFOQ0LygJreh-48
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 2315 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a871e30f8d877e0701abd74d3f4704163fb2c78a618a2e25a7230e11aabccdc9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame ACEA 39 KB
15 KB 42ms
41ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:47:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 20:47:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACEA 0
20 B 68ms
67ms Image
image/gif 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BK-xmpqZrZfzbJPDboPwPls6n0AUAAAAAOAHgBAI&bg=!SEulSwTNAAY3kmNgF5I7ADQBe5WfOHLVmKyPcmsGCNYRJopteEoS5cp-tb1tyVB2ASlcU890qVHQsHFURHPqYJGIPYTFAgAAAFRSAAAAAmgBBwoAMG8bBTMiMqGK94E57m15-sIviY0nQH2VLonLQA8PvEn9RuWFE7C5pqaB3f0Npn0NqZkDFQkTZPDWuLcitsyo2cnceN-J5Ahuzxa2yHGB2FOJMpYjeJLZzjAOYHajN4e4RzkUQoOdRGr5jLEndD_flZqUFpA1ChYTroM-9a3cg_4Zkeia0M4-18WtK6u3-kW-X78J3S6UG4Cu7cuPdljid4ww5hjOL1_WDORrIYy1VDXD8iIZnPrC6Ku8uswwLblY6F7Dl2nfZL21VhscWHQPra3caPefS9Y20aV6KGj65fpywFolrWaU0Q0yXVegHuosxep1f-CGdsVQI4G3gVTyNWCliCSbI5ZAMMfbs0ajCkxspxDQ8fxnWpDR2Glv2T7_5Jpb9_-UA3Q5MfvHAGKhG9zE3vJj-IgiagAWFKHKKYtvXVl_3zIAtj7OR0j8c3sxnRDDSAhRRVsg7mGdhFKyvg7haEBMo8oMNvYCy9HdNVV-1d5ODRJebmvMjV3opov0mAtJCHu_Rv94x7cx8GD-J6b3h-_BOIGbgoV4kJzryr3F4eHa63v2-7eL6U7_kJjW7pRYLBIA8jQqvuiJPsWdgSO1x288IqSTjTp2Rre_gFDuJuetzmR-M-2ga0yPIqTioXA5mY_lUdqgmHuKzYgKzz3BnUhLIZqcyQqpHxqV_9GrsVMGeJPyQi6beCTYUF4-g6fcluz5Bq7ATG9gXp43IzVxp2M-yuBAxuRmeZ1G4nxD7DwbnyAkaNGdxnroAkMKnqSiik97tPA4Ds9wYl_upDToZPS396AdGrOXDOCUSRZrw5Bn4QB1rXWh6PZZKgD7N7fBkepQEmP-FfNaRggPcCRvqgqrtGwto9HwJfA89wArT4Mi5CX2Ptw6K-rQSiqZPcyOZvU21sC7GLl6VeEk-7qu2fUOBOSerN38vo5Rv4GHKs243Q4RXO-cZJEhJA_pFSc8nBq7CWTeNus0zf-JGCOl8LOa8SlCHR2eY_ZkxPGHB9JwCYRH8gYtB9X6Wih8WRgzO9WxE5vrM4BzyPIB5OtHdgd_wuxkpYd6zjzQYA58wPGTTKohir11AnMHcjpLH-UN7oLqG0yHtzs9jMvNRzuigOg2XjaOMw

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2315 42 B
174 B 63ms
62ms Fetch
image/gif 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlA8UWsX9W9ErHDVeWWTluGivEDmGFQq7FaQRVd-RMvANCQ-hBxy4gjSqqlZ0HU1H-oI88akxdcHHg5QCVK2imiWw-G-rogxktPRz5uAwT-GxIYZlykWPURRA0&sig=Cg0ArKJSzO3_OQ7pngsLEAE&id=lidar2&mcvt=1004&p=0,0,600,160&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=1224470513&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701553829605&rpt=1166&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2315 42 B
108 B 62ms
62ms Fetch
image/gif 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNMzqK0Sqwdh0MiGoVHY3U4l7Pnc5Four1CiIOYhh60vQJdBd1pZbzAFieBnhkbYpJD8s2tBqd5mm_R0IXYM-z2iZ_Z9JSKkCTXiMte6tVWZgLG3f7iZ8usO5QWiaQQUOur5rwhgt_Hg&sai=AMfl-YQovQaFUqfpS1QwzMLoeMrd-R59iCUMKfYGPArrIgG5YHi24TY&sig=Cg0ArKJSzPcC6u5o1nGhEAE&id=lidar2&mcvt=1006&p=571,1302,1171,1462&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=293307002&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701553829605&rpt=1160&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK int Show response
lm.serving-sys.com/lm/ 0
197 B 162ms
40ms XHR
text/plain 18.189.152.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/int
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.152.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-152-57.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://offer01.marketingsurface.online
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK n_1_0_0.ts Show response
izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/ 147 KB
147 KB 184ms
184ms XHR
video/mpegts 46.20.149.250
DORATELEKOM

General

Check archive.org

Show headers Download Go to

Full URL: https://izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/n_1_0_0.ts?nimblesessionid=336428864
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/hls.light.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.20.149.250 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS: izle.haberler.com
Software: Nimble/4.0.1-9 /
Resource Hash: 0b63048ab50bcc1a98ed67dd6648c4af3822c8379f1e6f0824f4665de4044b8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketingsurface.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 02 Dec 2023 21:50:34 GMT
Cache-Control: no-cache
Server: Nimble/4.0.1-9
Connection: Keep-Alive
Content-Length: 150776
Content-Type: video/mpegts

POST
H/1.1 200
OK int Show response
lm.serving-sys.com/lm/ 0
197 B 42ms
42ms XHR
text/plain 18.189.152.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/int
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5PoliteBanner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.152.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-152-57.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://offer01.marketingsurface.online
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 45ms
45ms Ping
text/plain 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je3bt0v9103786146&_p=1701553826414&gcd=11l1l1l1l1&dma=0&cid=401201743.1701553828&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1701553828&sct=1&seg=0&dl=https%3A%2F%2Foffer01.marketingsurface.online%2F&dt=Sakatl%C4%B1klar%C4%B1n%20bir%20t%C3%BCrl%C3%BC%20pe%C5%9Fini%20b%C4%B1rakmad%C4%B1%C4%9F%C4%B1%20Arda%27dan%20haber%20var%20-%20Haberler&_s=4&tfd=10017
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketingsurface.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:50:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketingsurface.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: melon-prebid.rtb.pixad.com.tr
URL: https://melon-prebid.rtb.pixad.com.tr/pb

Domain: d.haberler.com
URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Aral%25C4%25B1k%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D

Domain: d.haberler.com
URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A2%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Aral%25C4%25B1k%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D

Domain: 58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr
URL: https://58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr/api/collect

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/t.js;adv=11262207634697;ec=11262227304111;adv.a=8216674;c.a=31152372;s.a=3352359;p.a=382621930;a.a=573638413;cache=3222014926

Verdicts & Comments Add Verdict or Comment

295 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
offer01.marketingsurface.online/	1970-01-20 16:40:40	Name: readNewsIdList Value: ,16582970
.marketingsurface.online/	1970-01-20 16:40:40	Name: _gid Value: GA1.2.1041430212.1701553828
.marketingsurface.online/	1970-01-20 16:39:13	Name: _gat Value: 1
.marketingsurface.online/	1970-01-21 01:24:49	Name: _pubcid Value: e78b767c-42b1-46bd-8ef9-75c3361a8c5f
.marketingsurface.online/	1970-01-21 01:24:49	Name: _pubcid_cst Value: zix7LPQsHA%3D%3D
offer01.marketingsurface.online/	1970-01-20 16:40:40	Name: enable_page_level_ads Value: 1
offer01.marketingsurface.online/	1970-01-20 16:40:40	Name: ClientCountryCode Value:
.marketingsurface.online/	1970-01-21 02:15:13	Name: _ga Value: GA1.1.401201743.1701553828
offer01.marketingsurface.online/	1970-01-20 16:49:18	Name: smartbanner2 Value: p2
.serving-sys.com/	1970-01-20 17:22:25	Name: u2 Value: 14e34a95-912c-48bd-b6cf-118a243897ed4PJ07g
.marketingsurface.online/	1970-01-21 02:00:13	Name: cto_bundle Value: NnMPvV9kWWVhSGd3ZjhkWkE2cnN2aGNKT3dTcVhRWUwlMkYlMkYlMkJWOHdXJTJGV0UxVUwxVzd6amFBUXRQZlo1UyUyRkl1TTBoMmEzVVo5dUlRJTJCaHZUYVJqeFloeThuYWhjTnUwaUZQNDJZZXlTRW1kMzdtNE1lbloxblowT0QxbFhQNXRNYlVYb0RCMQ
.marketingsurface.online/	1970-01-21 02:00:13	Name: cto_bidid Value: 2iGwG19SdnN0V1lwcWdISm11OGxZUGdyTFpYdlhmdnlXcmF6SENxNVlMUzhCR2hOOWh3YWF1bGtWNzA0RHhEMFhzZHhybUVLUm40eTgwUmNKZ1pBZWZqREJHWUJpcXclMkZPN0lIZ0tiemx6Y0swb1Y4JTNE
.serving-sys.com/	1970-01-20 17:22:25	Name: A6 Value: 116hznzYYu1007kQ000010000
.marketingsurface.online/	1970-01-21 02:00:49	Name: __gads Value: ID=4ea4e495a2975572:T=1701553828:RT=1701553828:S=ALNI_MYKUysYAkdoGVJqxp05Fn5TFVAXVg
.marketingsurface.online/	1970-01-21 02:00:49	Name: __gpi Value: UID=00000da545590f1a:T=1701553828:RT=1701553828:S=ALNI_MYVzCqrXcraT2OJ3B0jJPaZCcnyag
.marketingsurface.online/	1970-01-21 02:15:13	Name: _ga_FFKENFZBJW Value: GS1.1.1701553828.1.0.1701553829.59.0.0
.doubleclick.net/	1970-01-21 02:15:13	Name: IDE Value: AHWqTUn2PMn2Ituy-XInp0lSZ1TquoEEk8297e_NnDXr74HiUIEJJirzZL84bFH3Srw
.id5-sync.com/	1970-01-20 18:48:49	Name: 3pi Value:
.id5-sync.com/	1970-01-20 18:48:49	Name: id5 Value: 3f397540-dfef-7c99-868e-30e783a4fde5#1701553830197#1
offer01.marketingsurface.online/	1970-01-20 18:48:49	Name: pbjs-id5id Value: %7B%22signature%22%3A%22ID5_Ajbojp539OpPznbR1rx1bosJmc5jugJ8DFKvIcW2iw5dsrg3P6YlOEII-aT6XiLWzmnZ7M083by-FmFcR2NkDEQWKWagYDTHUl1FuQSAIHQDYAJcaxbizTVRIwEOG0fV5QbopA0kmIhX_A%22%2C%22created_at%22%3A%222023-12-02T21%3A50%3A30.197342539Z%22%2C%22id5_consent%22%3Atrue%2C%22original_uid%22%3A%22ID5d--rV79X3N6bkHqpH-GGmz1ZUUW-fxb6Lq9htg4T8VpyLqQ-gbEaEXFzkCCnMeSlci89Jh2VXhVEmb0tLwOotg%22%2C%22universal_uid%22%3A%22ID5d--rV79X3N6bkHqpH-GGmz1ZUUW-fxb6Lq9htg4T8VpyLqQ-gbEaEXFzkCCnMeSlci89Jh2VXhVEmb0tLwOotg%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Atrue%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22other%22%2C%22id5_consent%22%3Atrue%7D%2C%22ext%22%3A%7B%22linkType%22%3A0%2C%22pba%22%3A%22cblMd7ou%2BUpo%2B7Oz4lDHnA%3D%3D%22%7D%2C%22cache_control%22%3A%7B%22max_age_sec%22%3A7200%7D%7D
offer01.marketingsurface.online/	1970-01-20 18:48:49	Name: pbjs-id5id_cst Value: zix7LPQsHA%3D%3D
offer01.marketingsurface.online/	1970-01-20 18:48:49	Name: pbjs-id5id_last Value: Sat%2C%2002%20Dec%202023%2021%3A50%3A30%20GMT
.doubleclick.net/	1970-01-20 20:58:25	Name: APC Value: AfxxVi4VB-Qpppmi9xjwYJ86ri_XtVSxhOE1Z_AplcL2Ln9gI9dMbA
.bluekai.com/	1970-01-20 20:58:25	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 20:58:25	Name: bkpa Value: KJyN0eAmQY9x91eUS1LKrWOCqw0/DHvlAO9kFkXMV1bRu6L6QDULkc5BjRhlEvUMVRdzNNk6KI6JHjh+kf2ME6/RsB3r5HWcRA5d7+XuiYD9hQzQbu/Z
.bluekai.com/	1970-01-20 20:58:25	Name: bku Value: Ts6O9vKZStUSKSXZ

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://offer01.marketingsurface.online/1x1.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://offer01.marketingsurface.online/1x1.gif Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://offer01.marketingsurface.online/ Message: Access to XMLHttpRequest at 'https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A2%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Aral%25C4%25B1k%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D' from origin 'https://offer01.marketingsurface.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A2%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Aral%25C4%25B1k%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://offer01.marketingsurface.online/ Message: Access to XMLHttpRequest at 'https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Aral%25C4%25B1k%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D' from origin 'https://offer01.marketingsurface.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Aral%25C4%25B1k%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://offer01.marketingsurface.online/static/js/ah_2.js?v=0.02.113 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://offer01.marketingsurface.online/mstatic/assets/js/lazyload.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://ad.atdmt.com/i/t.js;adv=11262207634697;ec=11262227304111;adv.a=8216674;c.a=31152372;s.a=3352359;p.a=382621930;a.a=573638413;cache=3222014926 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr
ad.atdmt.com
ad.doubleclick.net
analytics.google.com
b009e074940d3dc72b72787702c2dca0.safeframe.googlesyndication.com
bs.serving-sys.com
c.keltis.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.p.analitik.bik.gov.tr
d.haberler.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads4.g.doubleclick.net
gum.criteo.com
i.hbrcdn.com
id5-sync.com
imasdk.googleapis.com
izlehls.haberler.com
lb.eu-1-id5-sync.com
lm.serving-sys.com
melon-prebid.rtb.pixad.com.tr
mug.criteo.com
offer01.marketingsurface.online
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
rt.marphezis.com
s.hbrcdn.com
s0.2mdn.net
secure-ds.serving-sys.com
securepubads.g.doubleclick.net
stags.bluekai.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.haberler.com
58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr
ad.atdmt.com
d.haberler.com
melon-prebid.rtb.pixad.com.tr
141.95.98.64
142.251.167.148
162.19.138.82
172.253.115.156
178.128.135.204
18.189.152.57
185.184.8.90
2.59.169.31
212.102.38.46
212.68.47.11
23.220.132.230
23.222.4.152
2606:4700:20::ac43:4a93
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::69
2607:f8b0:4004:c0b::9d
2607:f8b0:4004:c17::66
2607:f8b0:4004:c17::84
2607:f8b0:4004:c19::95
2607:f8b0:4004:c1b::65
2607:f8b0:4004:c1b::71
2607:f8b0:4004:c1d::84
2607:f8b0:4004:c1d::9a
2620:100:a001::c
2a04:4e42::485
3.20.63.239
46.20.149.250
74.119.119.139
77.223.133.228
89.117.77.90
023b881adfdfbd01a5c162f6a497f4ac793bec2dee6c664e011fe2505365af95
059d42589e2143481e88a37bab21bcacbc5797045f9fe8c1d66fb17514186c14
06176850a5c3c222a0ead5365f1126e637b0edee2be6d0f9c6cedeff2cae932e
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08932eed5b3b22e199d2e287fc1aa066cea41cafce311584f501609288aade8c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b63048ab50bcc1a98ed67dd6648c4af3822c8379f1e6f0824f4665de4044b8c
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0d7aecc59219372a7c38eea8fd7e609fe8ddc5da9678544f09d94e5852852c8c
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f2bb0591c3166bb83f8600b99048a3d5e25ba5dd904df5971d8e4d2da2d4b31
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
16c4ff017a631f91514ea3648e96da1fc1e77bf45043a2c3e5bd576bb370a25a
174ee81fe3239c66218623548b7dce74bdfaebbb783c59a84826f1689a056d74
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1de60550f4ce94177080ca7d071c09240d5b62be4c4c4e4949bea203b851e388
1e0fb40242098a27dfd2cb484b05a82b2ff32ee9ffe932016855264463b68c80
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
210d2973e327a194fcd857a265c62cebec444a3d08be60128dd3def8f920623b
22a2251d406dde7956601090cefa2f2280bbc168d0c6d1ed76caa4f93967e881
275ae68d7e6a744bfa1bfb3d8fd72518dc3144a5d2e9c67c380f640b9c5305d8
2a0f1c9a01c9bef148cb5d86edff7a78f87f47f86b72d35dde258149ecbd6907
2a689ccabc2668e13126715b0b9ea6829af15218f5445e6f595c3a04c8f8276c
2ba02499f7b3de5f87bdcc85dbf9eee3ad1ce5813a667fecc852000c5af793dd
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
30c26578fa0df200478a3fe63c5cd23995195d646707e6602ef527c0587b1695
32868a1bf80d19678eb0651409c76b377427788cf2ba1dd6aefc3f0c9fdd796c
350e63f454dfebc450df0e7c05e79e08be189d84495b8eb8e147e09f81a2ae08
35d218a0cca702b1dec64ad8b8715c5d9b4451357e575723157e5b7b29183620
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3b54c0df53a0fcfe113fd65b3196a56ec684d55285880032421ec8ec7443d3e2
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d3dcb9df7355755d17d153a2b140c73bce475e8bcf4d5d8901a9947d12ff72b
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3e8dc0d86bef96aee54a11b172719cbb09c4843729b8bdcb15bd0db9d3509b9f
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
452142093ea5fd524327f24a76bbe7bf039861f691ab66ea77c4f492ade59335
4633bbf6bc38c0a87dc94129d93268809682b97a5adefef846466887e1b1e2b7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479df91fa16c1c7f394b9b2eef2793ea8f46c5153cffd6839f8c40ce43c9aab7
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47e6de7aa7cb396d543583e8870c8fc721d7a1f7105421d10e9967b67e72a4df
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4d1384b647f253b924594830c31e53ee5af63dda537e4a0ea185784267f7c19f
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51b42074adc78d3a6e9e45b60e8f366ed5dc028a84e4bbcf7811e7d42e188510
52c60926de4e2ecac39a3cd11b1808c425a84bd32e5b76aa0551be74a03ffdbe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a787d539cf38c44227edae3b32f9baffcccf721d2ada015b732e11bac0db170
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6171cec97d387ab85b2229f0383a057bc211d571099f5ec2040d4e06b9854896
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c5c51bb7ea7b78c07acfeac3b1227a1aa4df4901ced669b0877584d6e3e1ba
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
673313e96a0534f9af92ca33def0f1116ba8935661c63ff6f644303cc3f2e834
69243cba8f1d4cf91955556e24044c73d02285bb8e3c9166aca3a7853d5ec9d5
6ef3829a3df2052b5018cac1934d4a28df0f9bbacc6270fce47a024f6c210895
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
73c379d75be2202585d1f33f3c8047654e4f0ad9911e0eae1de2df5d1ee168f9
74060c2cee39f6cd2b8e3391da6498ac183035f1ae83d53e9c535fe9fffbb734
7ab1ddc9fb494d565a1526c1d56cd90495b3e680abdad7ff4cb2f58d7e516882
7ae0b8e3f80fd2c97dea35c4a3643b17368ea41e6e63f083065bfb2a38caf37c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852795b9cd28d175be5fec4b40d0d063ac7239dfd7c76bda6f782b6ee9580145
8ab35ac6bc54b61452906c1c99641547a8ea08869d7d25b6f7baa872009035f2
8e12cbf3344fa120a025ea7a16c2baad086a5d2e82180e7145c2b3b19b78a1ce
8e2c49db07018a59ab49b67849718cd1cfe72bec77de478771f5e70a7327cb88
91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691
93c31bd20153300398dc146a6c8fba7f627a34f3af3e6520af26608612e68a16
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9bf4861c15ce1be18f39a311d1bf9de6a77c5036bba4c2d1c5a40d2f6c9cfb37
a00c9034ee0a006bbcbf6330329e4385b15248468cce6ec66f4aee0487d3edf1
a79f658e21388c2f1c9237816ccb4d86b311b7a97420c764d5c8beddd53f3e9b
a871e30f8d877e0701abd74d3f4704163fb2c78a618a2e25a7230e11aabccdc9
abbe5cadb2dbc2d9a92edfa28a89408d791dbeee9097a2ebf971b9b2c15e55de
ad02f87b5ad859422ff4f63ec0adb9a27228960c86080dcf1656873aeb37138a
ae8266b08b009d1e8a33cc15ef3836034632fd32f86a09c57bfd62eadfa85fca
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af9899a393c086ef1507641bc6ed14e6d86f6478d6d1fbd701598918a24b0df8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b1f1881d36e033f8a3a3c2d76a8cee754ed1f5bf38cd2b8616489997ebd4cb0f
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5e24afc7b8b2819d7c664b71fd8030dff7b43e0777d50df346161b0c839ca3d
b6d5ce14b069d40cb5859aa9fdeeb16368192644526d6353cf773f040edc9ad3
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c08460d7dd465cdfe32fe4d47eec5e648cfbb65cf91a52bca93328a6df0ed8b3
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
c5151b8cf46d2a6f145bed7ed4f04cc68aebcb3e53fac281810eaa53f89a6873
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c617370720720b4a789594e80f2ae40401f668eaa667d8266f310208c188206f
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7a80264a088ca3bb8e62845e56b21ba26a72e5442adb411ce458d10cf931295
d7b57d66afbe39520418a8832d590f40b1c372c001acbab8cf1d67b0a40b447b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57a2f9d2bdc5ea44153ec46a751b5648a61a4c294de2ef557df14b256515914
e76dff0cb1d104c9b2df8e22dbbf28ddfd7c811b56535d4b1a33b301e4e4b712
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d563e8ba87dbe12c1993a5e8df0953134438a6421a4ab8752f0909e48d2277
f24da1c8352009f01a0d15eee7fb59bdbd3cbf599ca35b74e202120d20a9dcae
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fc53f9392b831e206e2fd5a531366ddebb6f2809c922082cfbda22f5ec686485
fe2de3eaad83b096fcee729fa3bccb263fc99e61d1a6a3f3bb018ddf33ed63d7

offer01.marketingsurface.online Open in urlscan Pro 89.117.77.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

168 Requests

96 %HTTPS

50 %IPv6

25 Domains

40 Subdomains

35 IPs

6 Countries

3152 kBTransfer

11321 kBSize

26 Cookies

62 Outgoing links

Redirected requests

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 45 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

offer01.marketingsurface.online Open in urlscan Pro
89.117.77.90 Public Scan

Screenshot
Live screenshot

Full Image

168
Requests

96 %
HTTPS

50 %
IPv6

25
Domains

40
Subdomains

35
IPs

6
Countries

3152 kB
Transfer

11321 kB
Size

26
Cookies

168 HTTP transactions
45 data transactions