panel.poco-for-turkgsm.website Open in urlscan Pro
185.143.234.120 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://panel.poco-for-turkgsm.website/
Submission: On December 08 via api (December 8th 2023, 10:24:07 am UTC) from US — Scanned from DE

Summary HTTP 169 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 49 IPs in 11 countries across 42 domains to perform 169 HTTP transactions. The main IP is 185.143.234.120, located in Iran, Islamic Republic Of and belongs to ARVANCLOUD-CDN-, IR. The main domain is panel.poco-for-turkgsm.website.
TLS certificate: Issued by R3 on November 21st 2023. Valid for: 3 months.

This is the only time panel.poco-for-turkgsm.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	185.143.234.120 185.143.234.120	205585 (ARVANCLOU...) (ARVANCLOUD-CDN-)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1	2606:4700:20:... 2606:4700:20::ac43:4097	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:3600:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b110:b9d7:5d50:f444:5e53	14618 (AMAZON-AES) (AMAZON-AES)
1	34.225.218.210 34.225.218.210	14618 (AMAZON-AES) (AMAZON-AES)
14	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4 9	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
4	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
8	2606:4700::68... 2606:4700::6813:d383	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
2	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	3.11.198.160 3.11.198.160	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	104.64.118.247 104.64.118.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	44.209.173.11 44.209.173.11	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.52 99.86.4.52	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 2	13.32.27.113 13.32.27.113	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1 2	52.5.50.31 52.5.50.31	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2.19.217.66 2.19.217.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.58.171.137 52.58.171.137	16509 (AMAZON-02) (AMAZON-02)
1 1	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 2	54.194.146.163 54.194.146.163	16509 (AMAZON-02) (AMAZON-02)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.176.121.206 35.176.121.206	16509 (AMAZON-02) (AMAZON-02)
169	49

9 185.143.234.120 (Iran, Islamic Republic Of)

ASN205585 (ARVANCLOUD-CDN-, IR)

panel.poco-for-turkgsm.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

content.swncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.teachertube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.swncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4097 (United States)

ASN13335 (CLOUDFLARENET, US)

www.teachertube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:3600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:b9d7:5d50:f444:5e53 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.218.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-218-210.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6813:d383 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.64.38 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal900011.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.198.160 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.209.173.11 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-173-11.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.113 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-113.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.5.50.31 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-50-31.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.217.66 (Prague, Czech Republic) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-66.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.171.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-171-137.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.146.163 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-146-163.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.176.121.206 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-121-206.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	242 KB
27	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422	246 KB
26	teachertube.com cdn.teachertube.com — Cisco Umbrella Rank: 830005 www.teachertube.com — Cisco Umbrella Rank: 754294	1 MB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37721 hal900011.redintelligence.net — Cisco Umbrella Rank: 194567	44 KB
9	poco-for-turkgsm.website panel.poco-for-turkgsm.website	683 KB
8	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 5638	204 KB
8	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	2 KB
8	swncdn.com content.swncdn.com — Cisco Umbrella Rank: 162222 media.swncdn.com — Cisco Umbrella Rank: 92755	67 KB
6	liadm.com 3 redirects b-code.liadm.com — Cisco Umbrella Rank: 2977 rp.liadm.com — Cisco Umbrella Rank: 1632 rp4.liadm.com — Cisco Umbrella Rank: 6685 i.liadm.com — Cisco Umbrella Rank: 517	19 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	366 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	19 KB
3	gstatic.com fonts.gstatic.com	45 KB
3	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570 d.turn.com — Cisco Umbrella Rank: 1349	1 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 47317 medialead.de — Cisco Umbrella Rank: 46843	851 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	192 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6765	669 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1554	1 KB
2	rkdms.com 1 redirects mid.rkdms.com — Cisco Umbrella Rank: 1698	189 B
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 1785	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	960 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306	69 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	85 KB
1	azurewebsites.net lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 29736	1 KB
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	291 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 408	98 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 825	1 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	436 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	586 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	174 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	610 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 13930	702 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 128498	923 B
169	42

	Domain	Requested by
25	cdn.teachertube.com	panel.poco-for-turkgsm.website
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com
13	tpc.googlesyndication.com	86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net
10	securepubads.g.doubleclick.net	panel.poco-for-turkgsm.website securepubads.g.doubleclick.net www.googletagservices.com
9	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
9	panel.poco-for-turkgsm.website	panel.poco-for-turkgsm.website
8	www.lightboxcdn.com	panel.poco-for-turkgsm.website www.lightboxcdn.com
6	www.google.com	panel.poco-for-turkgsm.website 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	content.swncdn.com	panel.poco-for-turkgsm.website
5	hal900011.redintelligence.net	1 redirects 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com hal900011.redintelligence.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.googletagmanager.com	panel.poco-for-turkgsm.website www.googletagmanager.com adv.office-partner.de
4	hal9000.redintelligence.net	86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com hal900011.redintelligence.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	i.liadm.com	2 redirects b-code.liadm.com
3	www.googletagservices.com	86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3	www.google.de	panel.poco-for-turkgsm.website
3	googleads.g.doubleclick.net	www.googletagmanager.com 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	api.webgains.io	analytics.webgains.io
2	dpm.demdex.net	1 redirects i.liadm.com
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	mid.rkdms.com	1 redirects i.liadm.com
2	live.rezync.com	2 redirects
2	fonts.googleapis.com	hal900011.redintelligence.net www.lightboxcdn.com
2	eb2.3lift.com	2 redirects
2	match.adsrvr.org	86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com i.liadm.com
2	5994599.fls.doubleclick.net	1 redirects panel.poco-for-turkgsm.website
2	pv.medialead.de	hal900011.redintelligence.net 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
2	86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	c.amazon-adsystem.com	media.swncdn.com c.amazon-adsystem.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	media.swncdn.com	panel.poco-for-turkgsm.website
2	cdnjs.cloudflare.com	panel.poco-for-turkgsm.website cdnjs.cloudflare.com
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	b1sync.zemanta.com	1 redirects
1	x.bidswitch.net	i.liadm.com
1	dis.criteo.com	i.liadm.com
1	d.turn.com	1 redirects
1	idsync.rlcdn.com	i.liadm.com
1	p.rfihub.com	1 redirects
1	adservice.google.com	5994599.fls.doubleclick.net
1	cdn.track.production.webgains.team	86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	dsp.adfarm1.adition.com	1 redirects
1	tr.blismedia.com	86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	dclk-match.dotomi.com	86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
1	r.turn.com	86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	www.awin1.com	86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	track.webgains.com	panel.poco-for-turkgsm.website
1	adv.office-partner.de	hal900011.redintelligence.net
1	ad.doubleclick.net	86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	b-code.liadm.com	panel.poco-for-turkgsm.website
1	www.teachertube.com	panel.poco-for-turkgsm.website
169	61

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.teachertube.com
www.salemwebnetwork.com
help.salemwebnetwork.com
salemmedia.com

Subject Issuer	Validity	Valid
*.poco-for-turkgsm.website R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.swncdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-14`	a year	crt.sh
*.teachertube.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-08` - `2024-01-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
lightboxcdn.com Cloudflare Inc ECC CA-3	`2023-10-09` - `2024-10-08`	a year	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 05	`2023-11-29` - `2024-06-27`	7 months	crt.sh

This page contains 18 frames:

Primary Page: https://panel.poco-for-turkgsm.website/
Frame ID: 3B05F1AA381E0608240C5E75B8D742AC
Requests: 81 HTTP requests in this frame

Frame: https://panel.poco-for-turkgsm.website/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: C44B691FFA2A4B12F74B025A9D262EAE
Requests: 1 HTTP requests in this frame

Frame: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6CCEFD360B96202A372326521D48683C
Requests: 1 HTTP requests in this frame

Frame: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 610224C548EB6D34165ED2813A8A876F
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXI12OSbHIw9cNGPjDhfVSjIj4X9fOJBcA5LZN7wh2hmtykkjMcJmWqGI8QxxscAhy6PlvrrlhkThZ68mBp9iWh9FpHOml5GMcjkuA-Dz3TdxWRovzt5sQfU_2iwuhk_vF9UNwj5Gr7FSxlGPon6gIAwYsBBIfxXBMAyXixaC1ALy_jazc
Frame ID: 4E503279B6EA5979AA2251D12BDA3BAC
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgpae6RggZI0SRGzJin8QfEDF_84ZYqHnM_ieMSpcHNIpUdxtI9URIdBZ_m3WqY8knuggQLA4fBkzlfoZ7P_nU0xMgqkOyYfXwXYi1ipgKnxh5z7-y0WGze_ifEfFVQmCFRst2QcnjjLNWB3hE6ueb1tmuDSOtzW9xPEbJqTzYMuGSdWbdK4oAfx7oPgZfmUjZarfJ25ZGpbmblz_B_8RuZ1Ft3CFBBvRqMaC8LyAcXzhrn56iCIs1sBhkOoeVywsBGgM6_ie8zWfsTb9L9LbkPg4RroFoN9SiK21vPV1SRG-rMpylErXQMmVDnGppjFGbRXrc6LDeOWWMAmlPNcv8ftHSi-2YQXLT5v9ku6YRiqwcYz5dsjml8jztzW7E07TnrE9zU0wz7hmEg2anHcybfxOC&sai=AMfl-YRtLOOGaa2BxRoeKRyVvs-8T4_23DqcPUWG3Wpsc2KHkAs0SeMhmUCFjaduPOtD3FfaYmSmzruTz1mQirVM_FPzZvj8_NqNMRtjlKMuXNdD19Sw5lhcBHf2m-OwYRCfsTQOPMjqFxgC&sig=Cg0ArKJSzL9ZayXb0m6lEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 3F15B17C14723754E846EC3958172B5D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1C40ED71EAB508922837E618F7DF09EA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 498EE6FE8AA7CA61A6C3BF9F2218988F
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgAGL7wipYzFYuBkGlksVy7bbu4RJ7tZv3AEYStVh1q-g_sekH8xjeUZhpNHgHq8yAUrEOaaP8kzQx1P_4QopD7xxaVq6gIajPznD26wK4c1ZZvYmqmLM1qZWV-TPNJ8xfFMJq5wRMi-onELQS-632c85A-a1IEpN8aVFbJlrQSRYOaraC8jRjKhYcptd-qmcreR2EKbBKQWoiWIthiz6QX0xPqIH-NjE677g5sCtPHimM7BfRWYnl4XgorTLyRntEdEdygY65qEn4ovCIqVeuN1PbCynoL0ID--MKnuAVvVFQAcbkNUR9XsV_Y8_T_uCOWf7wXo6WaYefOvQ1IKDeUJCNkzvC1tU4Y_SyJ8_Zapw0S08R9Rwg9ISUcdRS77Yq69X9KR_Nh5dJ2NMngRKFJy-D&sai=AMfl-YSlV6RdcfkT1PewPaLb9zX6HIsgLlmDJ1ZM1iUHtPZZ_qPo5okD_fFARwZfMWZo-e-o5o1N0CvQp4f21SFqoXOi4YI8Tk3N3kzuRbhKBG8HSQkFRmhG-rBxu9A9M-iJs0Hu0PpwS5um&sig=Cg0ArKJSzCf97PO-_LOKEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: B0DDF570521D5E85029C7CE19BA8E918
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0AE9816111522126CD186417E7295EB0
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=39174400042744204444554012532011&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: AE0A1D38C6D9E3E291015F31C9560ECC
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: F948C811EBA7C8E0DD5D1B97BC8828B4
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM-FhN7P_4IDFQ7kOwIdUDQAiw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9665324083260.375
Frame ID: 5B7706D344384301F339C8CF0DF1100F
Requests: 2 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=39174400042744204444554012532011&a=d71f3088
Frame ID: 1FD2642AB996F824BBE4E5E7AD8CA561
Requests: 9 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-06v4?duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&euns=0&s=&version=v2.11.1&
Frame ID: 0060BB298594FF57A6D31299C2997A26
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 443010D8E902CFF1C5FB1F72A1BDF529
Requests: 9 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox.js?mb=1702031043913&lv=1
Frame ID: C625CBE4B173900DC28673329E6407B6
Requests: 2 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox_builder.js?cb=638017198397572777
Frame ID: DF0DA7ADBF93BB75BA91206B1EDB4CCA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TeacherTube Educational Videos for the School Classroom and Home - Including Educational Songs, History Videos, Student Videos and Math Videos

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

169
Requests

91 %
HTTPS

40 %
IPv6

42
Domains

61
Subdomains

49
IPs

11
Countries

3374 kB
Transfer

8227 kB
Size

49
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/fansofteachertube

Search URL Search Domain Scan URL

URL: https://twitter.com/teachertube

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/graphing-quadratic-inequalities-on-desmos-507405
Title: Graphing Quadratic Inequalities on Desmos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/gender-and-number-in-spanish-506259
Title: Gender and Number in Spanish

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/module-4-spanish-grammar-lesson-506176
Title: Module 4-Spanish Grammar Lesson

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/how-to-enter-a-table-into-desmos-calculator-506012
Title: How to Enter a Table into Desmos Calculator

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/spanish-ii-preterite-and-imperfect-505990
Title: Spanish II Preterite and Imperfect

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/how-to-write-perfect-essay-505933
Title: How To Write Perfect Essay

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/swaying-oranges-after-effects-tutorial-505872
Title: Swaying Oranges | After Effects Tutorial

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/sign-language-505730
Title: Sign Language

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/over-in-the-meadow-505433
Title: Over in the Meadow

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/weather-vs-climate-504995
Title: Weather VS Climate

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/college-and-university
Title: College and University

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/householder-teacher-tube-511575

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/technology-demonstration-511501

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/introduction-to-angle-classification-scratch-story-511206

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/website-tour-511204

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/high-school
Title: High School

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/video2-perpendicular-slope-508058

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/perimeter-and-area-using-algebra-508041

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/video4graph-lines-y-910x-508038

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/review-reminder-for-finals-507921

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/middle-school
Title: Middle School

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/french-indian-war-notes-511187

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/pbl-research-lesson-508051

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/pbl-research-lesson-508050

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/creating-your-portfolio-checklist-507421

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/elementary
Title: Elementary

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/parachutes-508044

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/tic-tac-toe-subtraction-game-507946

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/balloons-over-broadway-507940

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/lessons-with-pam-how-to-catch-a-turkey_read-make-do-507936

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/kids-educational-songs
Title: Kids Educational Songs

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/resemble-502048

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/fly-away-501998

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/the-bear-went-over-the-mountain-501163

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/left-right-visual-500835

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/
Title: TeacherTube

Search URL Search Domain Scan URL

URL: https://www.salemwebnetwork.com/
Title: Salem Web Network

Search URL Search Domain Scan URL

URL: http://help.salemwebnetwork.com/support/solutions/161496
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/science
Title: Science Education Videos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/elementary/science/educational-songs
Title: educational songs

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/college-and-university/science/chemical-engineering
Title: chemical engineering

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/math
Title: Math Education Videos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/elementary/math/fractions
Title: fractions

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/elementary/math/measurement
Title: measurements

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/elementary/math/money
Title: money management

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/high-school/math/trigonometry
Title: trigonometry

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/high-school/math/probability-and-statistics
Title: probability and statistics

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/history
Title: History Education Videos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/high-school/history/pre-history
Title: prehistory

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/all/history/ancient-history
Title: ancient history

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/high-school/history/civil-war
Title: civil war

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/middle-school/history/civilizations
Title: world civilizations

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/social-studies
Title: Social Studies Education Videos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/economic-vocabulary-477437
Title: economics terminology

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/high-school/social-studies/cultures
Title: cultures

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/language-arts
Title: Language Arts Education Videos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/elementary/language-arts/speech
Title: videos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/college-and-university/language-arts/communications
Title: general communications

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/circulatory-system-196915
Title: circulatory system

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/polynomial-funk-120024
Title: polynomials

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/st-patricks-day-irish-eyes-261827
Title: St. Patrick's Day

Search URL Search Domain Scan URL

URL: https://salemmedia.com/salem-web-network-privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://salemmedia.com/ccpa-sale-opt-out/
Title: California - Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://salemmedia.com/salem-web-network-ccpa-privacy-notice-for-california-residents/
Title: California - CCPA Notice

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://rp.liadm.com/j?dtstmp=1702031042759&aid=a-06v4&se=e30&duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&tna=v2.11.1&pu=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&wpn=lc-bundle&c=PHRpdGxlPlRlYWNoZXJUdWJlIEVkdWNhdGlvbmFsIFZpZGVvcyBmb3IgdGhlIFNjaG9vbCBDbGFzc3Jvb20gYW5kIEhvbWUgLSBJbmNsdWRpbmcgRWR1Y2F0aW9uYWwgU29uZ3MsIEhpc3RvcnkgVmlkZW9zLCBTdHVkZW50IFZpZGVvcyBhbmQgTWF0aCBWaWRlb3M8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGZyZWUgY29tbXVuaXR5IGZvciBzaGFyaW5nIGluc3RydWN0aW9uYWwgdmlkZW9zLCBFZHVjYXRpb25hbCBTb25ncywgSGlzdG9yeSBWaWRlb3MsIFN0dWRlbnQgVmlkZW9zLCBNYXRoIFZpZGVvcywgYW5kIG90aGVyIGNvbnRlbnQgZm9yIHRlYWNoZXJzIGFuZCBzdHVkZW50cy4gV2UgYXJlIGFuIGVkdWNhdGlvbiBmb2N1c2VkLCBzYWZlIHZlbnVlIGZvciB0ZWFjaGVycywgc2Nob29scywgYW5kIGhvbWUgc2Nob29sZXJzIHRvIGFjY2VzcyBlZHVjYXRpb25hbCBmb3IgdGhlIGNsYXNzcm9vbSBhbmQgaG9tZSBsZWFybmluZy4iPjxoMT5UZWFjaGVydHViZS5jb20sIHlvdXIgRWR1Y2F0aW9uIFZpZGVvIFJlc291cmNlIEZvciBDb2xsZWdlLCBIaWdoIFNjaG9vbCwgTWlkZGxlIFNjaG9vbCBhbmQgRWxlbWVudGFyeSBTY2hvb2w8L2gxPg HTTP 302
https://rp4.liadm.com/j?se=e30&duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&aid=a-06v4&tna=v2.11.1&dtstmp=1702031042759&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOmFlNDg6M2FhZDplOTJh&pu=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&c=PHRpdGxlPlRlYWNoZXJUdWJlIEVkdWNhdGlvbmFsIFZpZGVvcyBmb3IgdGhlIFNjaG9vbCBDbGFzc3Jvb20gYW5kIEhvbWUgLSBJbmNsdWRpbmcgRWR1Y2F0aW9uYWwgU29uZ3MsIEhpc3RvcnkgVmlkZW9zLCBTdHVkZW50IFZpZGVvcyBhbmQgTWF0aCBWaWRlb3M8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGZyZWUgY29tbXVuaXR5IGZvciBzaGFyaW5nIGluc3RydWN0aW9uYWwgdmlkZW9zLCBFZHVjYXRpb25hbCBTb25ncywgSGlzdG9yeSBWaWRlb3MsIFN0dWRlbnQgVmlkZW9zLCBNYXRoIFZpZGVvcywgYW5kIG90aGVyIGNvbnRlbnQgZm9yIHRlYWNoZXJzIGFuZCBzdHVkZW50cy4gV2UgYXJlIGFuIGVkdWNhdGlvbiBmb2N1c2VkLCBzYWZlIHZlbnVlIGZvciB0ZWFjaGVycywgc2Nob29scywgYW5kIGhvbWUgc2Nob29sZXJzIHRvIGFjY2VzcyBlZHVjYXRpb25hbCBmb3IgdGhlIGNsYXNzcm9vbSBhbmQgaG9tZSBsZWFybmluZy4iPjxoMT5UZWFjaGVydHViZS5jb20sIHlvdXIgRWR1Y2F0aW9uIFZpZGVvIFJlc291cmNlIEZvciBDb2xsZWdlLCBIaWdoIFNjaG9vbCwgTWlkZGxlIFNjaG9vbCBhbmQgRWxlbWVudGFyeSBTY2hvb2w8L2gxPg

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF9CzH1TehD_TtUC7CD5Rxk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF9CzH1TehD_TtUC7CD5Rxk&google_cver=1&C=1

Request Chain 82

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXLuw-M9.B28jyb2wg0RNQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECa8Gi8Bn8jx12R_z24oTKI&google_cver=1&google_hm=2

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH4ibyIyGIKjLFIFvqKUN_8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH4ibyIyGIKjLFIFvqKUN_8%26google_cver%3D1

Request Chain 84

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk3NzY4OTY0MzM5NjI0Nzk4NQ%3D%3D

Request Chain 114

https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c058a9516d&subid=&uid=35fb2b36b5da73e5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_99kwu5yZbbrKvf_x_AP9Za36Aem5b2gaa2VnKfJD_AuEAEg0e2gF2CVgoCAuAfIAQmpAjyld3sxFrI-qAMByAObBKoEqAJP0OcMiYdKKSagsjS-IsS-VTw3vdbVi5suteBJwWeLdlGbrh5igaucd61KFgiI9tyAyPEpXMYVhWsHKkXVfWbFuxlRmtM-ANXBFs6lWuyFFFVY1WUNEyGZi1z3I2Q1sQ2sCtEJzDwbOpGnm6H2uHQ6EW303vhWvRw4XUd45H_I_LtASgwXCEcjLRXF-7DoeTky4spmEewRSgYuD4M18TwZKTVqM28gr607mNjMLmXo7fi5JqXf5W_G7d0V_A7J-PzTBXXN1lqSnO1wHpmwZ8nOpe0jbimDaSvGDXsWK-2yK-YUTQytCnagA8LEnSHSZPcgt1CMlIIvmoHliphLmRmuRKF0bz4vUCqu3CdLfsFQMvz4RdhfKxfwQqI4cTXlFtju14s4ZNGlosAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj1j8jdz_-CA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJEReINEwigwsjdz_-CAxX3_xEIHXXLDX2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNhmUKK4BPOIipnszoP0ouvv3sb1kqUU4wftWWMRK1TQi2KMRtcbLcKOqXli9z09fZGSzrBU-8kBgB%26sig%3DAOD64_1JYgKikvrNfFwZKYtNT91wywgUvQ%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-B2glVPr6ZEm6P9YJGzlcp6BSOwd84kuOfsRcKzrqoevor38D8dQq1onVapDGfab6DZJl6DOgQDr4dYUbG0Clr4rNqFMZjUnhlmIAu8M0KK8EoH8CF10f0K5cEJd1Butr5vyt7KCWAT_XfzXZzwm2KsNSZ3AflOSoVsTmQZkTeBx8ZlaaI%26cry%3D1%26dbm_d%3DAKAmf-Ci6w843Z6rwZVT_hgMX6dyilaIbmUbImo8uekIJnVKB8PqeW_84YvlMzW3qzacqFFJnwGMri8AwBDImqB6Fqr8AVBurxOSVPXVLsRteh3Tx80Kmuq-1w2mdZ_c8KRy_SV_cMZo7pEn0Uxm8n6lAPOpgemNf2drtUXtoRZ6ZME3AYM6lRPITiZ77kJ21qhlVIl1aaHYzisCO6QFsh110JTjKckP54Lca60Hi4Bf0TYCd_WzznRtjGKot5ofv72CCnzxerk7tsBedgUfL6zILJvKDqoJt2O8_W8uSViQcLiHVADQz_yj8QTuAYmKHIYEXW7uuOPW3DfHAYzo6LzvYOk1uNbVjFuGwYZ3iqGpfxfb10OknSJRnC94VVDSBkqZrT0OL_RVE_damcTgIT_N1dOmXtgHrSx_uA_EloZMqDgoSoQrA81zGZGJzZ-T0qxE1VWeSdM32Yo5-UqGQ_bnJFmfcVwOiewfaR-zkh-LnTrlh1VD_79Pvq3-e867wffCVEXBAF8iHd0mH1GUh0GGWe1aV6zdrw%26adurl%3D&documentReferer=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&ancestorOrigins=https%3A%2F%2Fpanel.poco-for-turkgsm.website&random=9495311154886&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c058a9516d&subid=&uid=35fb2b36b5da73e5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_99kwu5yZbbrKvf_x_AP9Za36Aem5b2gaa2VnKfJD_AuEAEg0e2gF2CVgoCAuAfIAQmpAjyld3sxFrI-qAMByAObBKoEqAJP0OcMiYdKKSagsjS-IsS-VTw3vdbVi5suteBJwWeLdlGbrh5igaucd61KFgiI9tyAyPEpXMYVhWsHKkXVfWbFuxlRmtM-ANXBFs6lWuyFFFVY1WUNEyGZi1z3I2Q1sQ2sCtEJzDwbOpGnm6H2uHQ6EW303vhWvRw4XUd45H_I_LtASgwXCEcjLRXF-7DoeTky4spmEewRSgYuD4M18TwZKTVqM28gr607mNjMLmXo7fi5JqXf5W_G7d0V_A7J-PzTBXXN1lqSnO1wHpmwZ8nOpe0jbimDaSvGDXsWK-2yK-YUTQytCnagA8LEnSHSZPcgt1CMlIIvmoHliphLmRmuRKF0bz4vUCqu3CdLfsFQMvz4RdhfKxfwQqI4cTXlFtju14s4ZNGlosAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj1j8jdz_-CA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJEReINEwigwsjdz_-CAxX3_xEIHXXLDX2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNhmUKK4BPOIipnszoP0ouvv3sb1kqUU4wftWWMRK1TQi2KMRtcbLcKOqXli9z09fZGSzrBU-8kBgB%26sig%3DAOD64_1JYgKikvrNfFwZKYtNT91wywgUvQ%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-B2glVPr6ZEm6P9YJGzlcp6BSOwd84kuOfsRcKzrqoevor38D8dQq1onVapDGfab6DZJl6DOgQDr4dYUbG0Clr4rNqFMZjUnhlmIAu8M0KK8EoH8CF10f0K5cEJd1Butr5vyt7KCWAT_XfzXZzwm2KsNSZ3AflOSoVsTmQZkTeBx8ZlaaI%26cry%3D1%26dbm_d%3DAKAmf-Ci6w843Z6rwZVT_hgMX6dyilaIbmUbImo8uekIJnVKB8PqeW_84YvlMzW3qzacqFFJnwGMri8AwBDImqB6Fqr8AVBurxOSVPXVLsRteh3Tx80Kmuq-1w2mdZ_c8KRy_SV_cMZo7pEn0Uxm8n6lAPOpgemNf2drtUXtoRZ6ZME3AYM6lRPITiZ77kJ21qhlVIl1aaHYzisCO6QFsh110JTjKckP54Lca60Hi4Bf0TYCd_WzznRtjGKot5ofv72CCnzxerk7tsBedgUfL6zILJvKDqoJt2O8_W8uSViQcLiHVADQz_yj8QTuAYmKHIYEXW7uuOPW3DfHAYzo6LzvYOk1uNbVjFuGwYZ3iqGpfxfb10OknSJRnC94VVDSBkqZrT0OL_RVE_damcTgIT_N1dOmXtgHrSx_uA_EloZMqDgoSoQrA81zGZGJzZ-T0qxE1VWeSdM32Yo5-UqGQ_bnJFmfcVwOiewfaR-zkh-LnTrlh1VD_79Pvq3-e867wffCVEXBAF8iHd0mH1GUh0GGWe1aV6zdrw%26adurl%3D&documentReferer=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&ancestorOrigins=https%3A%2F%2Fpanel.poco-for-turkgsm.website&random=9495311154886&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 120

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9665324083260.375 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CM-FhN7P_4IDFQ7kOwIdUDQAiw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9665324083260.375

Request Chain 122

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39174400042744204444554012532011&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39174400042744204444554012532011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 127

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAjavHOgxuiLxHm7VX-uYjw&google_cver=1&google_push=AXcoOmSLRDAW2NBy7fKtBoO200q_wVC5w1RcvPEZA2ErHY8h1A0JBVMACKkxPjxPOddGtONIV9hxMC21m3LHWFSB9FWUulyl05iR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI4MTYyOTgyMTU5NTI0MDE5OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENAJXM5JG45-hATb66MeNtE&google_cver=1

Request Chain 130

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFnk-TH7TeoQBynqOv1x-Js&google_cver=1&google_push=AXcoOmTS76hVeb1_bNA5C_GZS8L9MHmVIqzofIJUd-Ln8crIgT9VTZUIssSNO4hMe9CRRRAH1hp1GOAFE203D8IoyCenlBDxY6kZ_A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTS76hVeb1_bNA5C_GZS8L9MHmVIqzofIJUd-Ln8crIgT9VTZUIssSNO4hMe9CRRRAH1hp1GOAFE203D8IoyCenlBDxY6kZ_A&google_hm=OrUOywDwTHOm9e0_iqt5T6U

Request Chain 132

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOyOp9-UmE3Hbj9iWj6aRrw&google_cver=1&google_push=AXcoOmSsH7dRRNNXIfN52lwcpIy7f5l5x2a8PYNoDeBpXttPQ-ntd43JcI5Uuw5L19aJuAkZ-Wsny8zN95Mid28jGFGnVWqTp5OftA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDE2NzY2NjQ3NzgyNDE0NQ%3D%3D&google_push=AXcoOmSsH7dRRNNXIfN52lwcpIy7f5l5x2a8PYNoDeBpXttPQ-ntd43JcI5Uuw5L19aJuAkZ-Wsny8zN95Mid28jGFGnVWqTp5OftA

Request Chain 133

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKnqPRuUNi93tb-_ai1Q22c&google_cver=1&google_push=AXcoOmSBPQ3VXBMFJOG2Oxi4WjA_Lsfkpui-FKKx0xjsXJB_yCBWqUqy4KB-LSpFJVMYVYJaBQyJmMFLrd0p12ltRqpZ0Tky2SodfQ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSBPQ3VXBMFJOG2Oxi4WjA_Lsfkpui-FKKx0xjsXJB_yCBWqUqy4KB-LSpFJVMYVYJaBQyJmMFLrd0p12ltRqpZ0Tky2SodfQ&google_gid=CAESEKnqPRuUNi93tb-_ai1Q22c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE4MDM5NTExNDA2MTk3OTQyMDc1Mg%3D%3D&google_push=AXcoOmSBPQ3VXBMFJOG2Oxi4WjA_Lsfkpui-FKKx0xjsXJB_yCBWqUqy4KB-LSpFJVMYVYJaBQyJmMFLrd0p12ltRqpZ0Tky2SodfQ

Request Chain 149

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=49f09ede-b79b-402f-8b08-dc366cb9106c HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=81a3ac32-b164-4ef2-8ca8-a4ccd692fb7a%3A1702031044.1539083&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D81a3ac32-b164-4ef2-8ca8-a4ccd692fb7a%253A1702031044.1539083%26_%3D1702031044.1569483&cb=1702031044.1570053 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336726786764456&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D81a3ac32-b164-4ef2-8ca8-a4ccd692fb7a%253A1702031044.1539083%26_%3D1702031044.1569483 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=81a3ac32-b164-4ef2-8ca8-a4ccd692fb7a%3A1702031044.1539083&_=1702031044.1569483

Request Chain 151

https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7281629821595240199 HTTP 303
https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=49f09ede-b79b-402f-8b08-dc366cb9106c&liid=&_ct=im HTTP 302
https://mid.rkdms.com/restricted

Request Chain 152

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=49f09ede-b79b-402f-8b08-dc366cb9106c HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=49f09ede-b79b-402f-8b08-dc366cb9106c&rd=Y

Request Chain 155

https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=49f09ede-b79b-402f-8b08-dc366cb9106c HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=49f09ede-b79b-402f-8b08-dc366cb9106c

169 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
panel.poco-for-turkgsm.website/ 51 KB
12 KB 806ms
578ms Document
text/html 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

b865f9707cedd8abe92543866d157f11c7580aec7526678edffe39ab1c454672

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.teachertube.com
cf-cache-status: DYNAMIC
cf-ray: 83244bd6c8e972a7-EWR
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Fri, 08 Dec 2023 10:24:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWHVNTUXhjfXJKwAHcANyejGPRks1ApECg5%2BgTGlns8t457oUZzuM1AFkkLpjpFCpl2kYx%2FRLrTkLQliVBuzALYEK7C9ECRJWn%2B7u%2BgD2EAicKljWN1KsEqnbcXrvbf4FPsCzvs%3D"}],"group":"cf-nel","max_age":604800}
server: ArvanCloud
server-timing: total;dur=495
vary: Accept-Encoding
x-cache: BYPASS
x-request-id: e196d730f508c10d605fc526ecaf5c3c
x-sid: 4101
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
panel.poco-for-turkgsm.website/dist/ 213 KB
34 KB 541ms
534ms Stylesheet
text/css 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://panel.poco-for-turkgsm.website/dist/styles.css?v=MOzEbqwFov7lBiFAh6_d3FpFMFuHWyrlMYhDjDB5cvI

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

30ecc46eac05a2fee506214087afdddc5a45305b875b2ae53188438c307972f2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 356
x-cache: BYPASS
server-timing: total;dur=452
x-xss-protection: 1; mode=block
x-request-id: aac18d736995287c6af6d2fce2172cfe
x-sid: 4101
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: ArvanCloud
etag: W/"1d99dfd8651999d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMIivZjwp6aKkX1I%2FRB%2Frg%2F4r9MYTdYLLPgGT1qKxO1qBShbP%2FJi8ux8JT5zoDeRlmzJ%2BAEDFq10sjf6%2BO%2BPjBOZGhYH4y3NJ%2FujmPepoDbpOtVNb54TxBrEKce1KJqDSkoi9oc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 83244bdaabbb43be-EWR
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/ 55 KB
10 KB 78ms
29ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 808674
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9939
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-da9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T50pmzCqf%2FfbK2HaurtZJkzH%2BBZ%2Bmf0C424abYEQYH8YeFOgfXfJEu2Ex9wOnfQeYdWN%2FQ65NV3J2hP1hyQG8%2BSl3FV%2Bf4Or0qLNUWx4KOKzdO7IA5MwA2M%2FGMhAKT7hcqfDZVjh6NePpar0P4OC6Jxk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83244bd89cd3372e-FRA
expires: Wed, 27 Nov 2024 10:24:01 GMT

GET
H2 200 science.svg
content.swncdn.com/teachertube/ 674 B
1 KB 334ms
26ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.swncdn.com/teachertube/science.svg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: af3a6ad1716cb90c3c3391eec1ca45bf595644de5a6e9112f4440a5298467eec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1699987720
x-cf3: H
content-md5: 9Y1yxi4DrmwNYMOw5ZQSdA==
cf4ttl: 2592000.000
x-cf1: 34157:fF.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: 5f7195b6f9a472b9a3d3cda84b1355e2
content-length: 674
x-cf2: H
last-modified: Thu, 14 Jan 2021 20:26:31 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8B8CAAE3C2CB7
content-type: image/svg+xml
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 math.svg
content.swncdn.com/teachertube/ 546 B
899 B 335ms
27ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.swncdn.com/teachertube/math.svg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 58db6e642a5c93a30ac885003bc145ba1350a8c38a4a200b7a6b113ab51f8c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1699987720
x-cf3: H
content-md5: UwFbr6h2P2Y09xD0Jc852w==
cf4ttl: 2591278.500
x-cf1: 34157:fF.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: 713547d9d902ab07d0b8884acb4a1cfb
content-length: 546
x-cf2: H
last-modified: Thu, 14 Jan 2021 20:26:31 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8B8CAAE3C05A7
content-type: image/svg+xml
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 721
accept-ranges: bytes

GET
H2 200 history.svg
content.swncdn.com/teachertube/ 632 B
986 B 334ms
28ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.swncdn.com/teachertube/history.svg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 08db8744e1e40d0dea90de30c0019e235218d99ced1629cfea8a90e2a5a419a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1699987720
x-cf3: H
content-md5: Ce+K1bpmjSwACNJOWKk8ow==
cf4ttl: 2591278.250
x-cf1: 34157:fF.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: e2478110f12d95b23b3c20ae878f1bf9
content-length: 632
x-cf2: H
last-modified: Thu, 14 Jan 2021 20:26:31 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8B8CAAE37BF2F
content-type: image/svg+xml
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 721
accept-ranges: bytes

GET
H2 200 social.svg
content.swncdn.com/teachertube/ 1 KB
2 KB 335ms
29ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.swncdn.com/teachertube/social.svg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: af74e1a011da94fd4b962c03b77c284344511432ecf9154845f058c96bd02cd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1699987721
x-cf3: H
content-md5: l0+Z8t13j5zL92t13x0Cbw==
cf4ttl: 2591278.000
x-cf1: 34157:fF.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: e2e9ed671c10465f012303b48fd14358
content-length: 1238
x-cf2: H
last-modified: Fri, 15 Jan 2021 17:04:46 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8B977A9392CE9
content-type: image/svg+xml
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 721
accept-ranges: bytes

GET
H2 200 language.svg
content.swncdn.com/teachertube/ 553 B
906 B 330ms
25ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.swncdn.com/teachertube/language.svg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 56d534d2c384bd82d8e92a7c9b9ab3f2e3f5581f231510c627b38f101c3b3502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1699987721
x-cf3: H
content-md5: omjwsGsWn6e1TK/zE5uFAA==
cf4ttl: 2591277.750
x-cf1: 34157:fF.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: f53ad349c19ad3ff3a53f3236b2148b0
content-length: 553
x-cf2: H
last-modified: Thu, 14 Jan 2021 21:14:14 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8B8D158BCAE1F
content-type: image/svg+xml
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 722
accept-ranges: bytes

GET
H2 200 song.svg
content.swncdn.com/teachertube/ 499 B
853 B 332ms
28ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.swncdn.com/teachertube/song.svg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5db2e80e3f29328a362c9753db36f09f118635b697e29e45987bdc97a7f7bbc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1699987721
x-cf3: H
content-md5: OEWkvAcWsMDrphnS2H4Eqg==
cf4ttl: 2591277.500
x-cf1: 34157:fF.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: 176b7cb5bd41ae74d3d8776ea519074e
content-length: 499
x-cf2: H
last-modified: Thu, 14 Jan 2021 20:26:31 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8B8CAAE3770F9
content-type: image/svg+xml
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 722
accept-ranges: bytes

GET
H2 200 desmos-_-graphing-calculator000.jpg
cdn.teachertube.com/uploads/videos/2021/10/04/507405/ 46 KB
46 KB 335ms
30ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/10/04/507405/desmos-_-graphing-calculator000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: ed7d9336de582248857dbf01b186a480a5c57337b5516e3e01dff1a26005c7b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 07979fac273207935b9e55598d5424bc
content-length: 46667
x-cf2: H
last-modified: Mon, 04 Oct 2021 21:35:21 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9877EDE5F7906
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 module-5_-screencastify-project-google-slides000.jpg
cdn.teachertube.com/uploads/videos/2021/06/14/506259/ 40 KB
40 KB 337ms
32ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/06/14/506259/module-5_-screencastify-project-google-slides000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: a5d7fef8fe761435ea4a85dc28fda75e42a782187bf9289a53cd6d2f49507966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 4e32f1a2fd49258054751b9ba6015613
content-length: 40751
x-cf2: H
last-modified: Mon, 14 Jun 2021 01:05:12 GMT
server: CFS 0215
x-cff: B
etag: 0x8D92ED0767C6973
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 module-4-spanish-grammar-video000.jpg
cdn.teachertube.com/uploads/videos/2021/06/05/506176/ 27 KB
28 KB 336ms
32ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/06/05/506176/module-4-spanish-grammar-video000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: e0f23fa5ba218f00f5039678455f7be32b113009048a71802bc7bb6f7e6f3606

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: c3b0a2ad51e548930672248a7ddf5d10
content-length: 27861
x-cf2: H
last-modified: Sat, 05 Jun 2021 19:47:29 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9285AC0E7BE21
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 how-to-enter-a-table-in-desmos-calculator000.jpg
cdn.teachertube.com/uploads/videos/2021/05/19/506012/ 60 KB
60 KB 360ms
56ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/05/19/506012/how-to-enter-a-table-in-desmos-calculator000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 882131fea024d9277f69936dce728fdf9376589f7dcb51c81794ccab173dbd10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 38f2b1cc42c642fdede264a1a8956db2
content-length: 60982
x-cf2: H
last-modified: Wed, 19 May 2021 00:43:32 GMT
server: CFS 0215
x-cff: B
etag: 0x8D91A5F20ECCCCA
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 win_20210514_16_34_55_pro000.jpg
cdn.teachertube.com/uploads/videos/2021/05/14/505990/ 34 KB
35 KB 52ms
49ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/05/14/505990/win_20210514_16_34_55_pro000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: b6063f4c908efee944c87b02f8ddd54e55d60fb495fe2d95fad3c964fa8d0d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 0c55498ed0230f9289c6c2c8b4771cfb
content-length: 34886
x-cf2: H
last-modified: Fri, 14 May 2021 22:58:22 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9172BC623DF7E
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 how-to-write-the-perfect-essay-exams-and-assignments000.jpg
cdn.teachertube.com/uploads/videos/2021/05/09/505933/ 32 KB
32 KB 59ms
56ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/05/09/505933/how-to-write-the-perfect-essay-exams-and-assignments000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 590b1c85090cd7d76f56b31adb1ff050ef8aabf6ad535e603cc7a8e0454eaac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: dc2c8593b02579a6db0a1bb1b604be43
content-length: 32719
x-cf2: H
last-modified: Sun, 09 May 2021 18:17:48 GMT
server: CFS 0215
x-cff: B
etag: 0x8D91316C080B243
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 after-effects-oranges-tutorial000.jpg
cdn.teachertube.com/uploads/videos/2021/05/04/505872/ 56 KB
56 KB 61ms
58ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/05/04/505872/after-effects-oranges-tutorial000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 71dd5d9c9b1daecd546edf5fc5634e48201cfa411c4386cedfd94329c69d32b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 5856d02b027b95563353ee64e86949ab
content-length: 57050
x-cf2: H
last-modified: Tue, 04 May 2021 02:39:50 GMT
server: CFS 0215
x-cff: B
etag: 0x8D90EA5E3CD3CAB
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 20210401_095735000.jpg
cdn.teachertube.com/uploads/videos/2021/04/21/505730/ 32 KB
32 KB 56ms
53ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/04/21/505730/20210401_095735000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d932243e46a23ec66e87cfaa3390f5426459bdb89f6920d25e78f4e0a0387eef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 074a6a7f787a602500c367c9673dab9e
content-length: 32536
x-cf2: H
last-modified: Wed, 21 Apr 2021 02:23:52 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9046C814E7A93
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 yt1scom-over-in-the-meadow-kinder-1st-grade-elementary-music-lesson-counting-animals_360p000.jpg
cdn.teachertube.com/uploads/videos/2021/03/31/505433/ 10 KB
11 KB 70ms
68ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/03/31/505433/yt1scom-over-in-the-meadow-kinder-1st-grade-elementary-music-lesson-counting-animals_360p000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: b885e9ca55ffd164b37ed4e3316f8a88f7b5c5fdc6920b8a2c5fdd0e89ca0eaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 48b45997460e54a12dd939b264093d24
content-length: 10498
x-cf2: H
last-modified: Wed, 31 Mar 2021 21:46:42 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8F48E78DC0871
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 weather-vs-climate-video-for-kids-_-3rd-4th-5th-grade000.jpg
cdn.teachertube.com/uploads/videos/2021/03/05/504995/ 55 KB
56 KB 78ms
75ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/03/05/504995/weather-vs-climate-video-for-kids-_-3rd-4th-5th-grade000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 583edc8fb897ec5ebc6dd3c54679ce9f8d3d4454e2c8d00561e88897ddd21839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 22e3dfc882158ebe2a684212e5de28d6
content-length: 56488
x-cf2: H
last-modified: Fri, 05 Mar 2021 01:08:14 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8DF7326EA2554
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 my-movie-11002.jpg
cdn.teachertube.com/uploads/videos/2022/10/08/511575/ 37 KB
37 KB 83ms
81ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2022/10/08/511575/my-movie-11002.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: e909e1c0b2634f8f16c9a9c2cbd515667f22b98470ece970f85bc75886a9ec38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701461520
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 431989f122bbca12a76e7821a46d5f5d
content-length: 37425
x-cf2: H
last-modified: Sat, 08 Oct 2022 20:02:30 GMT
server: CFS 0215
x-cff: B
etag: 0x8DAA9680875C675
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 img_0550000.jpg
cdn.teachertube.com/uploads/videos/2022/10/02/511501/ 35 KB
36 KB 114ms
112ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2022/10/02/511501/img_0550000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1ed2aff5bb5a2b032a6f5ab8afae851104d7166724987a631651c1f4d882f308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701461520
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 54959da61fc98549348d349f06b6b1ef
content-length: 35871
x-cf2: H
last-modified: Sun, 02 Oct 2022 16:28:59 GMT
server: CFS 0215
x-cff: B
etag: 0x8DAA49335A0D3EB
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 recording__4000.jpg
cdn.teachertube.com/uploads/videos/2022/09/11/511206/ 63 KB
64 KB 76ms
74ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2022/09/11/511206/recording__4000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: feb66f83bae1b5d508dcf05686ca73d3fd178a3d32216bd134bc26156fbdfed7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701461520
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: e8be31db1b57f60cff8a84331361f2e5
content-length: 64806
x-cf2: H
last-modified: Sun, 11 Sep 2022 22:52:26 GMT
server: CFS 0215
x-cff: B
etag: 0x8DA94484C1806E7
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 website-tour000.jpg
cdn.teachertube.com/uploads/videos/2022/09/11/511204/ 49 KB
49 KB 73ms
70ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2022/09/11/511204/website-tour000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fdca94b5eb3df5cec885dc4fa966adf60d065e4a8f296db5124d731c0210d7c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701461520
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: a1e913ed7399efd7b44849ac321bea36
content-length: 50023
x-cf2: H
last-modified: Sun, 11 Sep 2022 22:02:40 GMT
server: CFS 0215
x-cff: B
etag: 0x8DA944158BEE891
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 Default-Media-Video.png
www.teachertube.com/dist/images/ 940 B
2 KB 98ms
41ms Image
image/webp 2606:4700:20::ac43:4097
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.teachertube.com/dist/images/Default-Media-Video.png
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceeada33b44bd66a03c22c5bd457f7a6bcc9ab1f5e451bd70ed4653662702d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2466
cf-polished: origFmt=png, origSize=3244
content-disposition: inline; filename="Default-Media-Video.webp"
alt-svc: h3=":443"; ma=86400
content-length: 940
cf-bgj: imgq:100,h2pri
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: cloudflare
etag: "1d99dfd8652c72c"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMrIw8TswORNORM8%2BEj8D8zuLt1RiLXlh2rek9T4QrTsXdYwRBcLLZtLka%2Bo8i5oubl%2FwA501UlJq0dcGf4KUtgCjze99a4tsii5fDhq%2Bcf8dwvsHhNUpF%2BlVyETdRZNz3avrh9LSJqIwyISLnNWFR0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83244bdaca2b9b7d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 review-reminder-for-finals000.jpg
cdn.teachertube.com/uploads/videos/2021/11/21/507921/ 20 KB
20 KB 76ms
74ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/11/21/507921/review-reminder-for-finals000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c77b1cc2439c34f343e09b29a5dc3a76934660b72eaed4406bd5b31d409f04b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 9b0cde52b75a52cb3c03cfa8ebe7bf5d
content-length: 20443
x-cf2: H
last-modified: Sun, 21 Nov 2021 21:37:45 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9AD3727B9C9AB
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 my-video-3000.jpg
cdn.teachertube.com/uploads/videos/2021/12/03/508051/ 27 KB
28 KB 99ms
96ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/12/03/508051/my-video-3000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: ddd55c5756a4ea1e42ab58e2af23d55431b9f808c61a2e5837e61c488c317718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 1ac820948d3960ab06efaca90707c205
content-length: 28011
x-cf2: H
last-modified: Fri, 03 Dec 2021 20:41:28 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9B69D48167F97
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 my-video-3000.jpg
cdn.teachertube.com/uploads/videos/2021/12/03/508050/ 27 KB
28 KB 93ms
91ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/12/03/508050/my-video-3000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: ddd55c5756a4ea1e42ab58e2af23d55431b9f808c61a2e5837e61c488c317718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 274fe0c63f126aaf13224e7179648270
content-length: 28011
x-cf2: H
last-modified: Fri, 03 Dec 2021 20:04:49 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9B6982959E736
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 zoom_0001.jpg
cdn.teachertube.com/uploads/videos/2021/10/06/507421/ 77 KB
78 KB 104ms
101ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/10/06/507421/zoom_0001.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 47ba748628cb1e3b9cea86533cb091c48acf7af5651f55b1c54459719a423d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 3cd3f1d1fc514bfc95d09e6dde3da86a
content-length: 79348
x-cf2: H
last-modified: Wed, 06 Oct 2021 16:38:06 GMT
server: CFS 0215
x-cff: B
etag: 0x8D988E7AC6C2BFF
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 tic-tac-toe-subtraction000.jpg
cdn.teachertube.com/uploads/videos/2021/11/24/507946/ 54 KB
55 KB 90ms
88ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/11/24/507946/tic-tac-toe-subtraction000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 618deeee95ada2869cbc7402b889ea71fa6366fe8ec232bfebbfd3043163f712

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: H
cf4ttl: 2591699.500
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 719b0a8ae1ae7ff4727cb59292802251
content-length: 55274
x-cf2: H
last-modified: Wed, 24 Nov 2021 03:08:12 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9AEF7A6E6EA3F
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 300
accept-ranges: bytes

GET
H2 200 trimbf6cb303-5cc8-4830-97ec-3bfe1d5f91b1000.jpg
cdn.teachertube.com/uploads/videos/2021/11/23/507940/ 60 KB
60 KB 104ms
102ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/11/23/507940/trimbf6cb303-5cc8-4830-97ec-3bfe1d5f91b1000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 67fe60348920ae0cf01fdd81b9e36ffa7254eabef360848b0d8dc1ee9f9fa7ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: H
cf4ttl: 2591699.500
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 42f1f28c2837a7ad3e3afa832a5635b9
content-length: 61243
x-cf2: H
last-modified: Tue, 23 Nov 2021 14:35:27 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9AE8E7E102A91
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 300
accept-ranges: bytes

GET
H2 200 lessons-with-pam-how-to-catch-a-turkey_read-make-do-reduced000.jpg
cdn.teachertube.com/uploads/videos/2021/11/22/507936/ 32 KB
32 KB 101ms
99ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/11/22/507936/lessons-with-pam-how-to-catch-a-turkey_read-make-do-reduced000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 65d54d8b3da05b0470472de1b1837eb008522496f9a0b5819aa9ebb03b006606

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: H
cf4ttl: 2591699.500
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 38eff5caf0739a91ed94a5c76661c63a
content-length: 32463
x-cf2: H
last-modified: Mon, 22 Nov 2021 18:18:04 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9ADE46D0D8D76
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 300
accept-ranges: bytes

GET
H2 200 trimd9e3454f-df2c-441d-bcb2-cb70fe6bd461000.jpg
cdn.teachertube.com/uploads/videos/2020/09/25/502048/ 28 KB
29 KB 104ms
101ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2020/09/25/502048/trimd9e3454f-df2c-441d-bcb2-cb70fe6bd461000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c3e02a868d3bee66ff08eb2b74a5db6224af1185a0b614e240d49b46cfa52ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 32bda4e263899b586a29d9aeef6a60a4
content-length: 28792
x-cf2: H
last-modified: Fri, 25 Sep 2020 05:49:40 GMT
server: CFS 0215
x-cff: B
etag: 0x8D86116CB7CE320
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 flyawaysani001.jpg
cdn.teachertube.com/uploads/videos/2020/09/23/501998/ 75 KB
76 KB 95ms
92ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2020/09/23/501998/flyawaysani001.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: b331bd2fad59d5e70a6628f16130ce4fff5cfef99a11beb0a80e1e75816a1b84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701461520
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 5f157cc33b154078c8dddc554112a607
content-length: 76777
x-cf2: H
last-modified: Wed, 23 Sep 2020 19:16:08 GMT
server: CFS 0215
x-cff: B
etag: 0x8D85FF5203E5350
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 bear-over-the-mountain-hd-720p001.jpg
cdn.teachertube.com/uploads/videos/2020/08/17/501163/ 51 KB
51 KB 99ms
97ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2020/08/17/501163/bear-over-the-mountain-hd-720p001.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 89829b7409391803bc3d3eb9b9ace1c4ded110b3e70da7c07c36f4907bce1562

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701462451
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: f961f787f1b53c025e5a7a60e186c221
content-length: 52047
x-cf2: H
last-modified: Mon, 17 Aug 2020 20:12:03 GMT
server: CFS 0215
x-cff: B
etag: 0x8D842E9CE76CD13
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 left-right-visual000.jpg
cdn.teachertube.com/uploads/videos/2020/07/31/500835/ 24 KB
24 KB 102ms
100ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2020/07/31/500835/left-right-visual000.jpg
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 06e3436fda51c8e8eb41bb2569c2f3fe308f3ce2be168b56fdc15d29df05d000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1701461520
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: daeceff8a1d56b85c0f4c55906183b3e
content-length: 24147
x-cf2: H
last-modified: Fri, 31 Jul 2020 19:50:21 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8358AF5CD86EF
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 Airplane.gif
panel.poco-for-turkgsm.website/dist/images/ 4 KB
5 KB 491ms
490ms Image
image/webp 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panel.poco-for-turkgsm.website/dist/images/Airplane.gif

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

ae0a4dd3f4c0bbee8fdd3a70f8058cddb1612cf21bb1bdff572f2ed5b1e39d66

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2798
cf-polished: origFmt=gif, origSize=6199
x-cache: BYPASS
content-disposition: inline; filename="Airplane.webp"
server-timing: total;dur=424
content-length: 3896
x-xss-protection: 1; mode=block
x-request-id: c0a9f9cdec1ae5c8b56f4e98c56abd11
x-sid: 4101
cf-bgj: imgq:100,h2pri
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: ArvanCloud
etag: "1d99dfd8652d3b7"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXNHd61CIn3EC35UjFvAxYHnXQhYBcC2JA7ENWYm2%2FPKnoQaUlnlfyzYuykupvuhUJgT8s%2B71kXiOAZnavBrlCKh%2BjGkMJPosuNtPybwyAXUxaKfBX26%2F%2FYQjb%2BS8ahPy4IVox0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83244bdaaead4232-EWR
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 404 email-decode.min.js
panel.poco-for-turkgsm.website/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 0
0 67ms
63ms Script
text/html 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://panel.poco-for-turkgsm.website/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
server: ArvanCloud
vary: Accept-Encoding
content-type: text/html
server-timing: total;dur=0
x-request-id: fac8a2b313fcb0f17a5a23683f5dd131
x-sid: 4101

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 84ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2624863-1

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b77540afcb287df890ee3f702456961bb5f347c9fc8a1dc4b701c136e36bbc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51629
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 10:24:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 126ms
75ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10089e9ea026980ec586a85660e8e7c47c7a2e0ba884863a74ebe606b9355f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29081
x-xss-protection: 0
server: cafe
etag: 236 / 19699 / 31079992 / config-hash: 18357547353528918854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 10:24:01 GMT

GET
H2 200 prebid3.js Show response
media.swncdn.com/js/prebid/ 170 KB
55 KB 190ms
25ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.swncdn.com/js/prebid/prebid3.js
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 9efb0fa8b6eb17ef69b3c4a0bc131d5b890feb43aef54da5e00ccb9111013a4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1699994337
content-encoding: gzip
x-cf3: H
cf4ttl: 2592000.000
x-cf1: 34163:fF.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: 00b56257951597bb96fad7ed4f6c0b62
content-length: 55920
x-cf2: H
last-modified: Tue, 25 Feb 2020 16:16:48 GMT
server: CFS 0215
x-cff: B
etag: W/"36e160fbf6ebd51:0"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 advscript.js Show response
media.swncdn.com/salemads/teachertube/ 31 KB
6 KB 195ms
30ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.swncdn.com/salemads/teachertube/advscript.js
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 61aa1bff6855b179c44f7e3bf952a0dc9913e0b2041929a020591ff831920f5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
x-cf-tsc: 1702029658
content-encoding: gzip
x-cf3: H
cf4ttl: 3489.702
x-cf1: 34163:fF.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: c71b20b8da7038c818f2eae33fbd60a6
content-length: 5654
x-cf2: H
server: CFS 0215
x-cff: B
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=3600, max-age=86400
cf4age: 110
accept-ranges: bytes

GET
H2 200 scripts.js Show response
panel.poco-for-turkgsm.website/dist/ 5 KB
3 KB 502ms
498ms Script
application/javascript 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://panel.poco-for-turkgsm.website/dist/scripts.js?v=l2a5PQAltTja_55rPxRYQHJqG_4GOqgPyTIwg3M8vYQ

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

9766b93d0025b538daff9e6b3f145840726a1bfe063aa80fc9323083733cbd84

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2798
x-cache: BYPASS
server-timing: total;dur=432
x-xss-protection: 1; mode=block
x-request-id: de8337b1b2a94c6751f8f2bf3f6cd72c
x-sid: 4101
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: ArvanCloud
etag: W/"1d99dfd8652d91a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6drIAuu9wlcPXUkBE3w%2FD%2BgChFxwI5UJ78N1366jhml7YhlLT%2BLepOkIbMRP17IZFKjLqv2868hHPal%2F%2BtzH7q9l%2BOSPsGuUHlwAwUNP4YPzDpSn9CjCnUWPbp6mTn6sycMMBOc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 83244bdabd7942cc-EWR
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 vendors.js Show response
panel.poco-for-turkgsm.website/dist/ 2 MB
587 KB 642ms
639ms Script
application/javascript 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://panel.poco-for-turkgsm.website/dist/vendors.js?v=SHSeS3-Yx_RfQAdnl9vIAFwViUdg47GKtV82VSB8huk

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

48749e4b7f98c7f45f40076797dbc8005c15894760e3b18ab55f3655207c86e9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: BYPASS
server-timing: total;dur=553
x-xss-protection: 1; mode=block
x-request-id: 5f4cdefa97776677adf9fe2223e78819
x-sid: 4101
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: ArvanCloud
etag: W/"1d99dfd86735001"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyP3PQBzhi%2Br83zViQYJrojbDWvPoK0RtCQACreyRoScvIt1mSCrX2jdFbCkWNU2ngtc7532t5VCYuy4jJYjc43ArpP4C7zBSN83fjBHpHCrfGtE%2BsbDgjUgUJhaRjqX%2Bgb%2Ff5U%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 83244bdab86e191b-EWR
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 a-06v4.min.js Show response
b-code.liadm.com/ 47 KB
15 KB 114ms
33ms Script
application/javascript 2600:9000:225e:3600:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-06v4.min.js
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3be64a1287eecb4df5d34f64044039633f2346bf787a724cf5b2f7f7c7ce6e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:13:04 GMT
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 40257
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: YZtdb0tVNzl35GmUkYPs2FBIgGj5sT8BVL_yPm6RrHrImST3ZSx_pw==

GET
H2 200 Logo-Color.svg
panel.poco-for-turkgsm.website/dist/images/ 6 KB
3 KB 548ms
548ms Image
image/svg+xml 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panel.poco-for-turkgsm.website/dist/images/Logo-Color.svg

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/dist/styles.css?v=MOzEbqwFov7lBiFAh6_d3FpFMFuHWyrlMYhDjDB5cvI

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

e9f4d0009dd384954901125db9e7c1375a604a102516aaed6bdd7113113817d3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/dist/styles.css?v=MOzEbqwFov7lBiFAh6_d3FpFMFuHWyrlMYhDjDB5cvI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: BYPASS
server-timing: total;dur=486
x-xss-protection: 1; mode=block
x-request-id: 7f75b6806a336a35ad16a4e20b3e26dd
x-sid: 4101
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: ArvanCloud
etag: W/"1d99dfd8652dc82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tl9j7weoVv6VCadSXPaeenkjVaxsL1nlpwpuoXAbKMR6AvwOzUgDJXw80scVwQQ7qLDs6mBdFK5jFwS%2FPCnSU0hRp2HKVoxpGsfiZhv31uXo5Rm7hc94IMws%2BJeYUg%2BKILPuW%2Bk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 83244bdec8870f71-EWR
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 Pattern-Background.png
panel.poco-for-turkgsm.website/dist/images/ 39 KB
40 KB 563ms
563ms Image
image/webp 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panel.poco-for-turkgsm.website/dist/images/Pattern-Background.png

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/dist/styles.css?v=MOzEbqwFov7lBiFAh6_d3FpFMFuHWyrlMYhDjDB5cvI

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

c7fa3b11a11e8b5d3379e8563d5afc091761044a085bad4789792e0a9c9ce753

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/dist/styles.css?v=MOzEbqwFov7lBiFAh6_d3FpFMFuHWyrlMYhDjDB5cvI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:02 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=81009
x-cache: BYPASS
content-disposition: inline; filename="Pattern-Background.webp"
server-timing: total;dur=497
content-length: 40422
x-xss-protection: 1; mode=block
x-request-id: bf7623971966dc99c7a3233cc7c0459c
x-sid: 4101
cf-bgj: imgq:100,h2pri
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: ArvanCloud
etag: "1d99dfd8653f7f1"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Qjp6aw8F6jk5OshXH76SHOn8M4Y719i%2BKFaM5QfFE%2FDg9luAEGV2o7GPTRgFDnse%2F8iZr8cDF%2F5%2FUM6JnNXhKgLFluHX2j0eDgVl767aOZJTdxEQdoBBZERyTbGd5fYqoRgJbw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83244bdebedbc3ee-EWR
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
DATA 200
OK truncated
/ 156 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/ 74 KB
74 KB 95ms
48ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css
Origin: https://panel.poco-for-turkgsm.website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:02 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2269994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 75440
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-126b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djzVanJ%2BmyoDLlldhtbkY4AtbzW7Zrbfk%2FMtjuQXflvaF%2FNyYQks6ofPOM%2F6TR%2B7NEgjiR5fMesHDvsaowuGQv5mQBk2O%2BvXVMoH%2B%2BFKOMbSIKMW4hytiA9eT0xZyJ9LhF1zAMaPZUh5k%2FDMuRK1oCT9"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83244bdce9cb9b3f-FRA
expires: Wed, 27 Nov 2024 10:24:02 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ 431 KB
135 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53471
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138171
x-xss-protection: 0
server: cafe
etag: 7807444821274263820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:32:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 75 B
80 B 103ms
56ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=panel.poco-for-turkgsm.website

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9290e14631b4aec5fc53dedb69839741e11090fadb6f0c876044d1992be1245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
x-xss-protection: 0
expires: Fri, 08 Dec 2023 10:24:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
91 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6CLCKX16XJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2624863-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4314c6f9c17827a211d8da915c0f04396121296b04d09ede372653a71be24216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92889
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 10:24:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 190ms
21ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2624863-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 09:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2533
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 08 Dec 2023 11:41:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11021558786&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2624863-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e5deb36c92a30bfd5c5232d1bdfabdcf842ee858dce2da017a48ec922ba9c397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72521
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Dec 2023 10:24:02 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11021558786/ 3 KB
2 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11021558786/?random=1702031042208&cv=11&fst=1702031042208&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&hn=www.googleadservices.com&frm=0&tiba=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&auid=1368106093.1702031042&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11021558786&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c63d0e0fb350b811afa33bf2356af9020ce8f612332c39c7961eafe933723210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1340
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
264 B 79ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6CLCKX16XJ&_ono=1&gtm=45je3bt0v889608820&_p=1702031042000&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=829349977.1702031042&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702031042&sct=1&seg=0&dl=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&dt=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1728
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6CLCKX16XJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://panel.poco-for-turkgsm.website
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 82ms
28ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-6CLCKX16XJ&cid=829349977.1702031042&gtm=45je3bt0v889608820&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6CLCKX16XJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://panel.poco-for-turkgsm.website
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 101ms
51ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-6CLCKX16XJ&cid=829349977.1702031042&gtm=45je3bt0v889608820&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1166847659

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
217 B 29ms
28ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=605939082&t=pageview&_s=1&dl=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&ul=en-us&de=UTF-8&dt=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1518267588&gjid=1676070714&cid=829349977.1702031042&tid=UA-2624863-1&_gid=305739312.1702031042&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1939788205

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://panel.poco-for-turkgsm.website/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://panel.poco-for-turkgsm.website
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
359 B 37ms
28ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2624863-1&cid=829349977.1702031042&jid=1518267588&gjid=1676070714&_gid=305739312.1702031042&_u=YADAAUAAAAAAACAAI~&z=1896989328

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://panel.poco-for-turkgsm.website/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 08 Dec 2023 10:24:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://panel.poco-for-turkgsm.website
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11021558786/ 42 B
455 B 81ms
33ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11021558786/?random=1702031042208&cv=11&fst=1702029600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&frm=0&tiba=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNs-Qp_gm957vlFoiCUlvPA7Q05kkCmQ&random=2793677923&rmt_tld=0&ipr=y

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11021558786/ 42 B
455 B 43ms
37ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11021558786/?random=1702031042208&cv=11&fst=1702029600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&frm=0&tiba=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNs-Qp_gm957vlFoiCUlvPA7Q05kkCmQ&random=2793677923&rmt_tld=1&ipr=y

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 56ms
46ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2624863-1&cid=829349977.1702031042&jid=1518267588&_u=YADAAUAAAAAAACAAI~&z=317836032

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
46ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2624863-1&cid=829349977.1702031042&jid=1518267588&_u=YADAAUAAAAAAACAAI~&z=317836032

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 270 KB
66 KB 73ms
23ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: media.swncdn.com
URL: https://media.swncdn.com/salemads/teachertube/advscript.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 09:50:29 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 22:47:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2014
x-amz-server-side-encryption: AES256
etag: W/"aaba284d2b2910b9a4f56befae1e2e69"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 1CebFJX-7fVJ9_pVRqOQrM8iNdnxgudmgcXFhpYSlG-RxWUiNSzpyA==

GET
H2 404 main.js
panel.poco-for-turkgsm.website/cdn-cgi/challenge-platform/scripts/jsd/ Frame C44B 0
0 63ms
62ms Script
text/html 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://panel.poco-for-turkgsm.website/cdn-cgi/challenge-platform/scripts/jsd/main.js

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:02 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
server: ArvanCloud
vary: Accept-Encoding
content-type: text/html
server-timing: total;dur=0
x-request-id: 8a5b7b8ca2447a9e9b1f8868b98f31b0
x-sid: 4101

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 198ms
197ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2614302699020528&correlator=3422816668096769&eid=31077976%2C31079992%2C44807746%2C31078660&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fif&iu_parts=6177%2Cteachertube%2Chome%2Cdesktop_right_300x250-1&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702031042651&lmt=1702031042&adxs=995&adys=194&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&vis=1&psz=360x315&msz=330x0&fws=4&ohw=1140&ga_vid=829349977.1702031042&ga_sid=1702031043&ga_hid=605939082&ga_fc=true&dlt=1702031041316&idt=923&prev_scp=pos%3Ddesktop_right_300x250-1&cust_params=device%3Ddesktop&adks=2495303898&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a379b2cb7f16bdb34683c426e25a7be1ba77c0462b863933a464fbb953d079f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12852
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://panel.poco-for-turkgsm.website
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6CCE 6 KB
3 KB 123ms
58ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://panel.poco-for-turkgsm.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 10:24:02 GMT
expires: Sat, 07 Dec 2024 10:24:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
25 KB 293ms
293ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2614302699020528&correlator=3422816668096769&eid=31077976%2C31079992%2C44807746%2C31078660&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fif&iu_parts=6177%2Cteachertube%2Chome%2Cdesktop_middle_728x90-1&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702031042659&lmt=1702031042&adxs=245&adys=566&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&vis=1&psz=1110x3952&msz=1110x0&fws=4&ohw=1140&ga_vid=829349977.1702031042&ga_sid=1702031043&ga_hid=605939082&ga_fc=true&dlt=1702031041316&idt=923&prev_scp=pos%3Ddesktop_middle_728x90-1&cust_params=device%3Ddesktop&adks=518484386&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

819d20449e143e272691df9f11b130a75f076c3089cbae5224544518efcd849d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25629
x-xss-protection: 0
google-lineitem-id: 4546022846
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232812072
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://panel.poco-for-turkgsm.website
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
25 KB 459ms
459ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2614302699020528&correlator=3422816668096769&eid=31077976%2C31079992%2C44807746%2C31078660&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fif&iu_parts=6177%2Cteachertube%2Chome%2Cdesktop_right_300x250-2&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702031042661&lmt=1702031042&adxs=245&adys=2132&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&vis=1&psz=380x240&msz=350x0&fws=4&ohw=1140&ga_vid=829349977.1702031042&ga_sid=1702031043&ga_hid=605939082&ga_fc=true&dlt=1702031041316&idt=923&prev_scp=pos%3Ddesktop_right_300x250-2&cust_params=device%3Ddesktop&adks=2512555841&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa877c4fad9a99e929c0a132863cff2c69bd16f0869c93750a3ce447ee4a2a86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25759
x-xss-protection: 0
google-lineitem-id: 5102750100
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138274207196
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://panel.poco-for-turkgsm.website
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 164ms
123ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 6j3B_pQVFb39v9lZ8iXQ1lzOKN3NoIjDEmh168vhnYM7FMQ-fEKLUg==

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1702031042759&aid=a-06v4&se=e30&duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&tna=v2.11.1&pu=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&wpn=lc-bundle&c=PHRpdGxlPl...
https://rp4.liadm.com/j?se=e30&duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&aid=a-06v4&tna=v2.11.1&dtstmp=1702031042759&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOmFlNDg6M2FhZDplOTJh&...

13 B
318 B

371ms
116ms

XHR
application/json

34.225.218.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=e30&duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&aid=a-06v4&tna=v2.11.1&dtstmp=1702031042759&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOmFlNDg6M2FhZDplOTJh&pu=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&c=PHRpdGxlPlRlYWNoZXJUdWJlIEVkdWNhdGlvbmFsIFZpZGVvcyBmb3IgdGhlIFNjaG9vbCBDbGFzc3Jvb20gYW5kIEhvbWUgLSBJbmNsdWRpbmcgRWR1Y2F0aW9uYWwgU29uZ3MsIEhpc3RvcnkgVmlkZW9zLCBTdHVkZW50IFZpZGVvcyBhbmQgTWF0aCBWaWRlb3M8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGZyZWUgY29tbXVuaXR5IGZvciBzaGFyaW5nIGluc3RydWN0aW9uYWwgdmlkZW9zLCBFZHVjYXRpb25hbCBTb25ncywgSGlzdG9yeSBWaWRlb3MsIFN0dWRlbnQgVmlkZW9zLCBNYXRoIFZpZGVvcywgYW5kIG90aGVyIGNvbnRlbnQgZm9yIHRlYWNoZXJzIGFuZCBzdHVkZW50cy4gV2UgYXJlIGFuIGVkdWNhdGlvbiBmb2N1c2VkLCBzYWZlIHZlbnVlIGZvciB0ZWFjaGVycywgc2Nob29scywgYW5kIGhvbWUgc2Nob29sZXJzIHRvIGFjY2VzcyBlZHVjYXRpb25hbCBmb3IgdGhlIGNsYXNzcm9vbSBhbmQgaG9tZSBsZWFybmluZy4iPjxoMT5UZWFjaGVydHViZS5jb20sIHlvdXIgRWR1Y2F0aW9uIFZpZGVvIFJlc291cmNlIEZvciBDb2xsZWdlLCBIaWdoIFNjaG9vbCwgTWlkZGxlIFNjaG9vbCBhbmQgRWxlbWVudGFyeSBTY2hvb2w8L2gxPg
Protocol: H2
Server: 34.225.218.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-218-210.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
x-pixel-event-id: 152d133e-d8de-454a-8c14-4faeacd9650c
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=e30&duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&aid=a-06v4&tna=v2.11.1&dtstmp=1702031042759&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOmFlNDg6M2FhZDplOTJh&pu=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&c=PHRpdGxlPlRlYWNoZXJUdWJlIEVkdWNhdGlvbmFsIFZpZGVvcyBmb3IgdGhlIFNjaG9vbCBDbGFzc3Jvb20gYW5kIEhvbWUgLSBJbmNsdWRpbmcgRWR1Y2F0aW9uYWwgU29uZ3MsIEhpc3RvcnkgVmlkZW9zLCBTdHVkZW50IFZpZGVvcyBhbmQgTWF0aCBWaWRlb3M8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGZyZWUgY29tbXVuaXR5IGZvciBzaGFyaW5nIGluc3RydWN0aW9uYWwgdmlkZW9zLCBFZHVjYXRpb25hbCBTb25ncywgSGlzdG9yeSBWaWRlb3MsIFN0dWRlbnQgVmlkZW9zLCBNYXRoIFZpZGVvcywgYW5kIG90aGVyIGNvbnRlbnQgZm9yIHRlYWNoZXJzIGFuZCBzdHVkZW50cy4gV2UgYXJlIGFuIGVkdWNhdGlvbiBmb2N1c2VkLCBzYWZlIHZlbnVlIGZvciB0ZWFjaGVycywgc2Nob29scywgYW5kIGhvbWUgc2Nob29sZXJzIHRvIGFjY2VzcyBlZHVjYXRpb25hbCBmb3IgdGhlIGNsYXNzcm9vbSBhbmQgaG9tZSBsZWFybmluZy4iPjxoMT5UZWFjaGVydHViZS5jb20sIHlvdXIgRWR1Y2F0aW9uIFZpZGVvIFJlc291cmNlIEZvciBDb2xsZWdlLCBIaWdoIFNjaG9vbCwgTWlkZGxlIFNjaG9vbCBhbmQgRWxlbWVudGFyeSBTY2hvb2w8L2gxPg
access-control-allow-origin: https://panel.poco-for-turkgsm.website
date: Fri, 08 Dec 2023 10:24:03 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 121ms
71ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f1eb3019a07280fe1ba8a67fcedcb4eea11ee651f0202c131abce36bf402db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12106
x-xss-protection: 0

GET
H2 200 container.html Show response
86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6102 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://panel.poco-for-turkgsm.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 10:24:02 GMT
expires: Sat, 07 Dec 2024 10:24:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4E50 624 B
242 B 67ms
65ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXI12OSbHIw9cNGPjDhfVSjIj4X9fOJBcA5LZN7wh2hmtykkjMcJmWqGI8QxxscAhy6PlvrrlhkThZ68mBp9iWh9FpHOml5GMcjkuA-Dz3TdxWRovzt5sQfU_2iwuhk_vF9UNwj5Gr7FSxlGPon6gIAwYsBBIfxXBMAyXixaC1ALy_jazc

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 10:24:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6102 89 KB
31 KB 142ms
92ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 10:24:03 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6102 42 B
401 B 106ms
57ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AByXQ3_EMBU0tRJJORYCgateoSLGCYBbfjzhIzExiqLEbQFU0a-Hii5KX8mWDY9Ked6x0t-Bdx2TEt2b-uIY7KpLpJG05ciYMBxSEiC3fa8zR6K1U

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6102 3 KB
1 KB 73ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 09:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 09:15:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6102 20 KB
9 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:55:12 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6102 0
0 31ms
28ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCq9TtvoTk1WLsNxpuMQ8jTuc0xB6IwTQSRGMgAKi96qbmHWth5H5giHX2_irmT1bcBaT-OpXDiKUzV7AtF561xAnyCw
Requested by: Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6102 202 KB
64 KB 133ms
84ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 10:24:02 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 79ms
47ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 10:24:02 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 4E50
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF9CzH1TehD_TtUC7CD5Rxk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF9CzH1TehD_TtUC7CD5Rxk&google_cver=1&C=1

43 B
339 B

59ms
59ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF9CzH1TehD_TtUC7CD5Rxk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXI12OSbHIw9cNGPjDhfVSjIj4X9fOJBcA5LZN7wh2hmtykkjMcJmWqGI8QxxscAhy6PlvrrlhkThZ68mBp9iWh9FpHOml5GMcjkuA-Dz3TdxWRovzt5sQfU_2iwuhk_vF9UNwj5Gr7FSxlGPon6gIAwYsBBIfxXBMAyXixaC1ALy_jazc
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2lcKRUSJ8xRGMelmCNVI%2F1M7f9RN23C%2BBoDriMMbg8xrnJ9fHe7%2BBNDnx2npUamhLoiyi36IoLNk4zHvkyN2idyDVLM2Qm5ihyy9MytU4twAaX%2FbOF54pUhea07cj%2BX5R160rc%2BzYc4BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83244be399f8452e-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6XePOanH7g7gUZGesG32UOozSaLQ4m5Xhbx4OaUWbqCC9nn5GZXmhg2cvYVgo%2BuQJf0%2F1d05YwuiwXISgdbCS1kDZKZC8TA2QYtKNlGI51iUzgZmhFuzir7koW%2BuLXcP4R5CgcJ8zcITQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEF9CzH1TehD_TtUC7CD5Rxk&google_cver=1&C=1
cache-control: no-cache
cf-ray: 83244be328e4452e-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4E50
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXLuw-M9.B28jyb2wg0RNQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECa8Gi8Bn8jx12R_z24oTKI&google_cver=1&google_hm=2

43 B
767 B

68ms
68ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECa8Gi8Bn8jx12R_z24oTKI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXI12OSbHIw9cNGPjDhfVSjIj4X9fOJBcA5LZN7wh2hmtykkjMcJmWqGI8QxxscAhy6PlvrrlhkThZ68mBp9iWh9FpHOml5GMcjkuA-Dz3TdxWRovzt5sQfU_2iwuhk_vF9UNwj5Gr7FSxlGPon6gIAwYsBBIfxXBMAyXixaC1ALy_jazc
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtuECfzwapp0oMzdhMP1BXpjwqBHRsGCvb4NVpojq%2FCdDNtOvinOj4SJqtjDmXLQcaCmHztQy5isAM8GuMCci%2BDUpeiiNXPmysY2idjdL3B2nwfEczAsU30f4rTDYkZK%2B6Htiy2SiKevOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83244be42ce344f8-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECa8Gi8Bn8jx12R_z24oTKI&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 4E50
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH4ibyIyGIKjLFIFvqKUN_8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH4ibyIyGIKjLFIFvqKUN_8%26google_cver%3D1

43 B
894 B

31ms
31ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH4ibyIyGIKjLFIFvqKUN_8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXI12OSbHIw9cNGPjDhfVSjIj4X9fOJBcA5LZN7wh2hmtykkjMcJmWqGI8QxxscAhy6PlvrrlhkThZ68mBp9iWh9FpHOml5GMcjkuA-Dz3TdxWRovzt5sQfU_2iwuhk_vF9UNwj5Gr7FSxlGPon6gIAwYsBBIfxXBMAyXixaC1ALy_jazc

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
an-x-request-uuid: aafb3fba-4c61-4136-84c7-f6255b8fbd32
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.165; 84.19.175.165; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
an-x-request-uuid: 1c4620a1-4a13-4f55-9300-ec824ecd4433
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH4ibyIyGIKjLFIFvqKUN_8%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.165; 84.19.175.165; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4E50
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk3NzY4OTY0MzM5NjI0Nzk4NQ%3D%3D

170 B
243 B

30ms
30ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk3NzY4OTY0MzM5NjI0Nzk4NQ%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
an-x-request-uuid: fd934ae1-429b-4715-b366-de2f2dbde654
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk3NzY4OTY0MzM5NjI0Nzk4NQ%3D%3D
x-proxy-origin: 84.19.175.165; 84.19.175.165; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F15 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgpae6RggZI0SRGzJin8QfEDF_84ZYqHnM_ieMSpcHNIpUdxtI9URIdBZ_m3WqY8knuggQLA4fBkzlfoZ7P_nU0xMgqkOyYfXwXYi1ipgKnxh5z7-y0WGze_ifEfFVQmCFRst2QcnjjLNWB3hE6ueb1tmuDSOtzW9xPEbJqTzYMuGSdWbdK4oAfx7oPgZfmUjZarfJ25ZGpbmblz_B_8RuZ1Ft3CFBBvRqMaC8LyAcXzhrn56iCIs1sBhkOoeVywsBGgM6_ie8zWfsTb9L9LbkPg4RroFoN9SiK21vPV1SRG-rMpylErXQMmVDnGppjFGbRXrc6LDeOWWMAmlPNcv8ftHSi-2YQXLT5v9ku6YRiqwcYz5dsjml8jztzW7E07TnrE9zU0wz7hmEg2anHcybfxOC&sai=AMfl-YRtLOOGaa2BxRoeKRyVvs-8T4_23DqcPUWG3Wpsc2KHkAs0SeMhmUCFjaduPOtD3FfaYmSmzruTz1mQirVM_FPzZvj8_NqNMRtjlKMuXNdD19Sw5lhcBHf2m-OwYRCfsTQOPMjqFxgC&sig=Cg0ArKJSzL9ZayXb0m6lEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 3F15 24 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:54:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 3F15 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 09:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 09:15:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F15 202 KB
64 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 10:24:03 GMT

GET
H2 200 9270025471517354067
tpc.googlesyndication.com/simgad/ Frame 3F15 67 KB
67 KB 24ms
23ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9270025471517354067

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04c57d77b2da86500623ecf0d1e148d73c2b1f7832c0dfbe5fa7fef20148041b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:15:16 GMT
x-content-type-options: nosniff
age: 54526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68629
x-xss-protection: 0
last-modified: Fri, 20 Apr 2018 13:48:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 19:15:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3F15 0
0 29ms
29ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTT9WB4ZFkYWSlEODhK7pQaGGYeHqDOr021i7KPIYIUo0m9U49RgA2lqyjLFc39Khqsz2ZxbTF06kgwdTRgKKH6MODCSA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3F15 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c932399fb9f897daef0e655f7f931a4b6bede22fe1fc387c1a3f0a7c81b6f519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1C40 13 KB
5 KB 33ms
33ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://panel.poco-for-turkgsm.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 09:15:41 GMT
expires: Sat, 07 Dec 2024 09:15:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 498E 829 B
558 B 31ms
31ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e0b49eb2c63baa28b13d65ccdc89ba30a9b27cf3cc65a91d965cb9b527a083b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F1rv1XMjkposuVJU3aKy1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://panel.poco-for-turkgsm.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-F1rv1XMjkposuVJU3aKy1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 10:24:03 GMT
expires: Fri, 08 Dec 2023 10:24:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 498E 0
0 55ms
55ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312050101&jk=2614302699020528&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C40 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 09:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 09:15:42 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6102 0
56 B 57ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=585860331331&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6102 0
56 B 56ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=585860331331&version=m202309260101&ct=77&x=1&cor=4160623359467769000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6102 20 KB
14 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AO0A00l5l-SQMpIdUKq2VGj1SFoHK8mHlIaJASARdgeJXFSBqQPoMJOKYYGAnz4yiMKsmqIIPQ7GXrnMYOvRfFe_Zu5Qz9Y_QJiQiHEY3w4IxiDzOEwm-ehMma63-P8iE3rPh6zmDXlLbP0acsjqnCf27o7kjqoGu4al3bVHKPX4M69DA&cry=1&dbm_d=AKAmf-B1S7wjtdh_SMVEJtOB6Npd9_M91vL1ONJcZ2JRj8jKc_6Dc4b3Im1OU7uak_uYKiBYsfRuOvWlb-A5ORLNnM1PoX_YX8UQnQaZ1Dd9hS0HMlRZN1JfseqaRTbZwnEIS2QYwLNQkPya1amwduWbE5Lqx3zO8F9B07ipXGBGAwq4MOawC-eHJNPcCoP8USP2wX5IlQ0HokAte-RMZHjoFxF-YIZzSn2trtUEcoyavfHc8OEhSOAZC2qQTKRQ5nEzlgosvNndFzGywjZV-9q_s8kat-pFUX-3o-ywB7AeDRlZIVe70gKYqlEVzTVxz3CjOrTfATX80yVr15iMV3MgyDd1h8vzAbc9F1bxtsQKruPnvZYy4fXzEw-snUkFgZ0Meyos15sferJQKUNC5JKjEvtlPNaWOUF9mW-DRYgfrSbJs3tXbpDeoWg2oYpbidI-A9ejwz1ep-HHDiMZifLkxgb8mW6ZV6ki3Kmi_UvSQcubdsCPtH7BR4Snj8ZuG3SrEpNOMejJqDUIwLROCt3xVPvan0wKpaDOv4N7KCLjd4e_0E4ZG3K_lIiu_IoomRU497vsaKukyd1XWUzZuXzQU07Br73djaRslUub67fin4E2rNkVKj3GQARaBn6JC-sSqODbkJer979CGFMhHA6TRuuaWl8wgw4TWkuAK8mvFK_azrRWZpIP6uoNAylBhwJnhEdUKcoTiOiKrNVKq-Iuy5E7y8yCoQE9eQMb6R8RpRyxfLwtyNFKO6cj6deXmqiw5C9yk8PH36AeUFt5PJ0PGrDlbcEMW30rf3ZO-XPBtRvRMgJOMe3clk85bBYVV8WN7KFh7K9XEsy65y1Sla9ODW664rx5CQPVUVnn4GbLo4ryTY5whe0u0_npSOviQDy1hImfltM5UD6W-Qpoz31l1zniqZBIKQfQtZ3wyLsCRsp_3Vk60D2-vEka9DAQy-t27vsGX_O6MCC-7_Oja_kLCJxw1ozcsq67jixW8WB2m-d4tk2BtQfR71dA94wl_b--V5xI8VZNj0f0mu4lrAgnZv8TpTXZHCxZQiX7HxG4LsGHTmNJwyObZBxf5nvfHVzqNbWNS5WMWlDMJcJUhP5Q-_M-bVMHLtY3Dfd7mKUxyZKXCqpHjtGW1Q_fm7Xa5Jh5wDYBsTfFFRXOaGfRNvY2N6KdtwWrG_8XXUDk-Puak9GIgujmL6XpbeBP51o8TcFTQE4KNXCl2S0fGGzCYNEP11ahG6JKiuotLaE1LPpgVY3gwyunzBkQAGl5dO1Zd7wc73AGYNE6DLth-EgXgMND01BmQM1Q27ahUQjJ7ZOzLaP2To8oadRHprUOz_z4xuTDjNG-ffdjYV8xWmlbf644nNFLGIW4l1fCk59-mAVEeEPzd1CotWusmF_y0k8x_3je-yxeA7KvmAf1gnHOZHuzavk0QBrLf3Q-VVpXhvsde4a4vJ7iIAlAHyxCV30-fvpQC7xwRlJ7DJvqg7GHNquUGvdvCEngxsWREOLpsYnWtMlsqrJCHdLMgHSDvWicYDRgN98-hvHPo-8l6-FRvOtPw0U5eWoUP16YpekbTMMifMNhKAF0WfidaLQAcUFfnPHsm9etLaFkmK9rJ1Vn3xta2zeJgtZjwnW3oOSFNZoZYt88hhk7uh20xrdL_x012Q6Gf6kLBK9AYhDe2-_X8tn6vtpifVFC_RVzlNzJ_IoXYYigIsXmJUPKXF55-mbQUXyE7pwsR1rS9qh9bwCLj37tahDEXOfEWoeGJ4_9L_lOxI8eLVs6cwKkPnhCjUZu-GJLbnvLgCkFC4R1vg7D_ShTGzo-wFqHVGrYiFdRvfx-XDGmxBER8HZgptoNPVc5r3iC0CsJyjzZYHVM95TOVdSR7MdxiEochq0zKBwLQ-jVLwiF7tArolzmcxXKvaiFPI5sCCGptr84Xz1H_Mf9lgP5xPQdUOnvkWGuFiwyAbjcSYnNUx-GdRo0M4D9311GcNIjjs18nd0OhOiCdVkxNGVMh87j172hJk98VPoYX7rUTkd7gDKvjAeYpHgJNCcKVuSNZtMSrQdugiDG_Z9c5uSyrdqwwlAXvqEI_6eHkM8pSsbjxopw1F-jd-Bu0RTcOfJkL85_BP89AwqqXI09Nu1gE4bFYibbGooHNJn0cvtkBuA_RMEOuDEsgzXH5ZcLz8MNmXXc0Rn3htEBEMbMWrxap6fS_Z1xwcIEGUc1efAo3iAVTEK6H_9sylJ-TuaUzwxS9AHGymUkrGLd6Yoduzp85s5WCphI1It-w-Xu1-UXfTJ820vP0fBhntVSYzSWJv6FMZb7LOn0WtmB72I-zPEHEaF3tYMcDX0gEpxC6Pam10FRoPbdLw2S9ma9gW7t6ABpYr2HJSQ16RMzcMV7w8wb-AZREXF3oHNbL9cyRbBmM0ponWy5-ZKMN091ir8k03_ar9nbtSDsIKF7l2pE3kpS3IO89GjfxjAdx12WtwrZvN8U2i3l-EjZZTXsF9OO_WJqsvDcmkM1r1A68RveALGq65U1zmr7TDyfb4sFcMHXfXfzQxWCXkXSZ54whfA_HAPv68qsUapgJqvKb8-f08XIpi0T6PPcVxHVMF4AZQcJowTkIIWLKoyHQvXxW629ATm1cwG0yjYxvHi2j3hiEAtFS0vjd8DhiqrOa7RMs0qjc6cP2qcgOs4_TVOmlwaHwgFrKQWHOzk0uCIQ_j2h_j5bVHu4jYg77FdYGon54rIxtWsOGlfWYTsXy8fRJ0womHFwijIRadq1ZFxw84A5EGMVSiuzvRoM4mZobJiNGUXmhhOb1nW7z4JX1l9LfmX0L-UehNb1vJJlAp8NKyhdFc14xWD0mWkbeeOjXqBsZhernOGb9ZZFNcN-o8ub057E6qbnUNI3P6jczkY9xMU1cnEz7VWoTg30XgTd4hJSG-A23PlFitHSucL7596Z5El9y8kJ54e6DuGTfOyf-A0-st1MZwhCHb1JMerv_2h3i85Jk2GakDynb4g3ncwdGgeGNE7tn3oW4yfWwETLMV7uoe1SsfB4QVhfsUZ_1y-iH3pAKomzk9idG7o8b4tqU9UkfmRSrFgiGErfhsI45lqpcXxhsym3FWNtK_RyElbVBEg-2I0BtlliAynPpHxKVbEubvkh1qSuEX7vttr8GQ2Epw8WsAoieqBn0nWWhRk_86O950kybs3noI2z9E0rFb6m1j9WOrR1e_j-VVY_zgHVEDXeJdKdA_ISPzF81Z0wxerGoIvmfFODV35pD6mdenBRJQLWWcrFqntUIMNNY35pchlx3VQTyufR1N87IH3mEbI0TyTQZSepv8Fcz6Qg14NJxkS4vy4od9YzeRGJYT-eNxThbLQcRyT7pFtvvkWq3fpk6oXEX00cTnMRZOcZy1EFkvQm_8mZjgWZTvagH3hQug3bAqghQUGZ6_t29lmr_eu7NUR6RoiAegxho3wMdTSajzeCjdR3TQrvKB3l5sGwL-o79gRsjPO8rRVoQZKf1NgVJFjGW67JlB6yzSyzkkCEMVMoUoKLsg-DS04tbAeXTId6BsojHGhgbarVYZ6YhdZZQevTixtpLOKncbK2M3W4o8BgYj8vZfC-WDdwEDNtrRMrfAzA6-Q9XBG_bOk7Pd-63qLdo5L7xO_hkKu7mZQg8pQz67GrLdQDmc7BomNwcwbNq1gFu1xQjt3jlHhYwyZx9XJIbKVWpv2YL9Q70yCd5UBSEU5xUUDvF35AWZuUvqdY6V4Ufi787iyphg2RPOTmMX1mVXFQeS3V1BzgzyRY4gTnTFZbQXxrHcJbyfiO-RKGHS02L7CHxtRpiaKj8L23l1gUaSCtBnMPZhpo-MlR-YzABIgfCQ9Or2gjVxluQ6KZRiQF9yjfM8armbanUf2R8tgorq6Zgb55VvtY7gZ4SlRe-c5AunsIO5yRPzsMzP3nmltnC88HJtP2fYWI-CUoM4PBV36xko5YhzEOv3v6eh_XokvDkRGigipiOMIrOgIe-CWyZjZPjOOGJMckJrWrskHc3NhdQGE&cid=CAQSPADICaaNhmUKK4BPOIipnszoP0ouvv3sb1kqUU4wftWWMRK1TQi2KMRtcbLcKOqXli9z09fZGSzrBU-8kBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&ds=l&xdt=1&iif=1&cor=4160623359467769000&adk=2923430906&idt=162&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30358ae781659e2bc770aac143016854b076556751ee5812c04add6a99510510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13992
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1C40 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OmaquQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6102 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AO0A00l5l-SQMpIdUKq2VGj1SFoHK8mHlIaJASARdgeJXFSBqQPoMJOKYYGAnz4yiMKsmqIIPQ7GXrnMYOvRfFe_Zu5Qz9Y_QJiQiHEY3w4IxiDzOEwm-ehMma63-P8iE3rPh6zmDXlLbP0acsjqnCf27o7kjqoGu4al3bVHKPX4M69DA&cry=1&dbm_d=AKAmf-B1S7wjtdh_SMVEJtOB6Npd9_M91vL1ONJcZ2JRj8jKc_6Dc4b3Im1OU7uak_uYKiBYsfRuOvWlb-A5ORLNnM1PoX_YX8UQnQaZ1Dd9hS0HMlRZN1JfseqaRTbZwnEIS2QYwLNQkPya1amwduWbE5Lqx3zO8F9B07ipXGBGAwq4MOawC-eHJNPcCoP8USP2wX5IlQ0HokAte-RMZHjoFxF-YIZzSn2trtUEcoyavfHc8OEhSOAZC2qQTKRQ5nEzlgosvNndFzGywjZV-9q_s8kat-pFUX-3o-ywB7AeDRlZIVe70gKYqlEVzTVxz3CjOrTfATX80yVr15iMV3MgyDd1h8vzAbc9F1bxtsQKruPnvZYy4fXzEw-snUkFgZ0Meyos15sferJQKUNC5JKjEvtlPNaWOUF9mW-DRYgfrSbJs3tXbpDeoWg2oYpbidI-A9ejwz1ep-HHDiMZifLkxgb8mW6ZV6ki3Kmi_UvSQcubdsCPtH7BR4Snj8ZuG3SrEpNOMejJqDUIwLROCt3xVPvan0wKpaDOv4N7KCLjd4e_0E4ZG3K_lIiu_IoomRU497vsaKukyd1XWUzZuXzQU07Br73djaRslUub67fin4E2rNkVKj3GQARaBn6JC-sSqODbkJer979CGFMhHA6TRuuaWl8wgw4TWkuAK8mvFK_azrRWZpIP6uoNAylBhwJnhEdUKcoTiOiKrNVKq-Iuy5E7y8yCoQE9eQMb6R8RpRyxfLwtyNFKO6cj6deXmqiw5C9yk8PH36AeUFt5PJ0PGrDlbcEMW30rf3ZO-XPBtRvRMgJOMe3clk85bBYVV8WN7KFh7K9XEsy65y1Sla9ODW664rx5CQPVUVnn4GbLo4ryTY5whe0u0_npSOviQDy1hImfltM5UD6W-Qpoz31l1zniqZBIKQfQtZ3wyLsCRsp_3Vk60D2-vEka9DAQy-t27vsGX_O6MCC-7_Oja_kLCJxw1ozcsq67jixW8WB2m-d4tk2BtQfR71dA94wl_b--V5xI8VZNj0f0mu4lrAgnZv8TpTXZHCxZQiX7HxG4LsGHTmNJwyObZBxf5nvfHVzqNbWNS5WMWlDMJcJUhP5Q-_M-bVMHLtY3Dfd7mKUxyZKXCqpHjtGW1Q_fm7Xa5Jh5wDYBsTfFFRXOaGfRNvY2N6KdtwWrG_8XXUDk-Puak9GIgujmL6XpbeBP51o8TcFTQE4KNXCl2S0fGGzCYNEP11ahG6JKiuotLaE1LPpgVY3gwyunzBkQAGl5dO1Zd7wc73AGYNE6DLth-EgXgMND01BmQM1Q27ahUQjJ7ZOzLaP2To8oadRHprUOz_z4xuTDjNG-ffdjYV8xWmlbf644nNFLGIW4l1fCk59-mAVEeEPzd1CotWusmF_y0k8x_3je-yxeA7KvmAf1gnHOZHuzavk0QBrLf3Q-VVpXhvsde4a4vJ7iIAlAHyxCV30-fvpQC7xwRlJ7DJvqg7GHNquUGvdvCEngxsWREOLpsYnWtMlsqrJCHdLMgHSDvWicYDRgN98-hvHPo-8l6-FRvOtPw0U5eWoUP16YpekbTMMifMNhKAF0WfidaLQAcUFfnPHsm9etLaFkmK9rJ1Vn3xta2zeJgtZjwnW3oOSFNZoZYt88hhk7uh20xrdL_x012Q6Gf6kLBK9AYhDe2-_X8tn6vtpifVFC_RVzlNzJ_IoXYYigIsXmJUPKXF55-mbQUXyE7pwsR1rS9qh9bwCLj37tahDEXOfEWoeGJ4_9L_lOxI8eLVs6cwKkPnhCjUZu-GJLbnvLgCkFC4R1vg7D_ShTGzo-wFqHVGrYiFdRvfx-XDGmxBER8HZgptoNPVc5r3iC0CsJyjzZYHVM95TOVdSR7MdxiEochq0zKBwLQ-jVLwiF7tArolzmcxXKvaiFPI5sCCGptr84Xz1H_Mf9lgP5xPQdUOnvkWGuFiwyAbjcSYnNUx-GdRo0M4D9311GcNIjjs18nd0OhOiCdVkxNGVMh87j172hJk98VPoYX7rUTkd7gDKvjAeYpHgJNCcKVuSNZtMSrQdugiDG_Z9c5uSyrdqwwlAXvqEI_6eHkM8pSsbjxopw1F-jd-Bu0RTcOfJkL85_BP89AwqqXI09Nu1gE4bFYibbGooHNJn0cvtkBuA_RMEOuDEsgzXH5ZcLz8MNmXXc0Rn3htEBEMbMWrxap6fS_Z1xwcIEGUc1efAo3iAVTEK6H_9sylJ-TuaUzwxS9AHGymUkrGLd6Yoduzp85s5WCphI1It-w-Xu1-UXfTJ820vP0fBhntVSYzSWJv6FMZb7LOn0WtmB72I-zPEHEaF3tYMcDX0gEpxC6Pam10FRoPbdLw2S9ma9gW7t6ABpYr2HJSQ16RMzcMV7w8wb-AZREXF3oHNbL9cyRbBmM0ponWy5-ZKMN091ir8k03_ar9nbtSDsIKF7l2pE3kpS3IO89GjfxjAdx12WtwrZvN8U2i3l-EjZZTXsF9OO_WJqsvDcmkM1r1A68RveALGq65U1zmr7TDyfb4sFcMHXfXfzQxWCXkXSZ54whfA_HAPv68qsUapgJqvKb8-f08XIpi0T6PPcVxHVMF4AZQcJowTkIIWLKoyHQvXxW629ATm1cwG0yjYxvHi2j3hiEAtFS0vjd8DhiqrOa7RMs0qjc6cP2qcgOs4_TVOmlwaHwgFrKQWHOzk0uCIQ_j2h_j5bVHu4jYg77FdYGon54rIxtWsOGlfWYTsXy8fRJ0womHFwijIRadq1ZFxw84A5EGMVSiuzvRoM4mZobJiNGUXmhhOb1nW7z4JX1l9LfmX0L-UehNb1vJJlAp8NKyhdFc14xWD0mWkbeeOjXqBsZhernOGb9ZZFNcN-o8ub057E6qbnUNI3P6jczkY9xMU1cnEz7VWoTg30XgTd4hJSG-A23PlFitHSucL7596Z5El9y8kJ54e6DuGTfOyf-A0-st1MZwhCHb1JMerv_2h3i85Jk2GakDynb4g3ncwdGgeGNE7tn3oW4yfWwETLMV7uoe1SsfB4QVhfsUZ_1y-iH3pAKomzk9idG7o8b4tqU9UkfmRSrFgiGErfhsI45lqpcXxhsym3FWNtK_RyElbVBEg-2I0BtlliAynPpHxKVbEubvkh1qSuEX7vttr8GQ2Epw8WsAoieqBn0nWWhRk_86O950kybs3noI2z9E0rFb6m1j9WOrR1e_j-VVY_zgHVEDXeJdKdA_ISPzF81Z0wxerGoIvmfFODV35pD6mdenBRJQLWWcrFqntUIMNNY35pchlx3VQTyufR1N87IH3mEbI0TyTQZSepv8Fcz6Qg14NJxkS4vy4od9YzeRGJYT-eNxThbLQcRyT7pFtvvkWq3fpk6oXEX00cTnMRZOcZy1EFkvQm_8mZjgWZTvagH3hQug3bAqghQUGZ6_t29lmr_eu7NUR6RoiAegxho3wMdTSajzeCjdR3TQrvKB3l5sGwL-o79gRsjPO8rRVoQZKf1NgVJFjGW67JlB6yzSyzkkCEMVMoUoKLsg-DS04tbAeXTId6BsojHGhgbarVYZ6YhdZZQevTixtpLOKncbK2M3W4o8BgYj8vZfC-WDdwEDNtrRMrfAzA6-Q9XBG_bOk7Pd-63qLdo5L7xO_hkKu7mZQg8pQz67GrLdQDmc7BomNwcwbNq1gFu1xQjt3jlHhYwyZx9XJIbKVWpv2YL9Q70yCd5UBSEU5xUUDvF35AWZuUvqdY6V4Ufi787iyphg2RPOTmMX1mVXFQeS3V1BzgzyRY4gTnTFZbQXxrHcJbyfiO-RKGHS02L7CHxtRpiaKj8L23l1gUaSCtBnMPZhpo-MlR-YzABIgfCQ9Or2gjVxluQ6KZRiQF9yjfM8armbanUf2R8tgorq6Zgb55VvtY7gZ4SlRe-c5AunsIO5yRPzsMzP3nmltnC88HJtP2fYWI-CUoM4PBV36xko5YhzEOv3v6eh_XokvDkRGigipiOMIrOgIe-CWyZjZPjOOGJMckJrWrskHc3NhdQGE&cid=CAQSPADICaaNhmUKK4BPOIipnszoP0ouvv3sb1kqUU4wftWWMRK1TQi2KMRtcbLcKOqXli9z09fZGSzrBU-8kBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&ds=l&xdt=1&iif=1&cor=4160623359467769000&adk=2923430906&idt=162&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 577135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjAzMTA0MzA5Nzg4MAogIHNlcnZlcl9pcDogMTgyNDU0MTQ5CiAgcHJvY2Vzc19pZDogODA2MzQzMzc5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame 6102 0
867 B 122ms
58ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjAzMTA0MzA5Nzg4MAogIHNlcnZlcl9pcDogMTgyNDU0MTQ5CiAgcHJvY2Vzc19pZDogODA2MzQzMzc5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDY2MjI4MzU2MTM4OTcyNzUxMDgKZGVidWdfa2V5OiAxNzgzNDczMTI2NzgzODk2NDU3CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wOCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc1ODk5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDcwNjcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xf4cbdbb8ea70e6e90000000000000000","13":"0xe172d6c0703af0c20000000000000000","14":"0xa59dcb1530a9695b0000000000000000","15":"0x46f7ea6ea8c74ab60000000000000000"},"debug_key":"1783473126783896457","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"6622835613897275108"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B0DD 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgAGL7wipYzFYuBkGlksVy7bbu4RJ7tZv3AEYStVh1q-g_sekH8xjeUZhpNHgHq8yAUrEOaaP8kzQx1P_4QopD7xxaVq6gIajPznD26wK4c1ZZvYmqmLM1qZWV-TPNJ8xfFMJq5wRMi-onELQS-632c85A-a1IEpN8aVFbJlrQSRYOaraC8jRjKhYcptd-qmcreR2EKbBKQWoiWIthiz6QX0xPqIH-NjE677g5sCtPHimM7BfRWYnl4XgorTLyRntEdEdygY65qEn4ovCIqVeuN1PbCynoL0ID--MKnuAVvVFQAcbkNUR9XsV_Y8_T_uCOWf7wXo6WaYefOvQ1IKDeUJCNkzvC1tU4Y_SyJ8_Zapw0S08R9Rwg9ISUcdRS77Yq69X9KR_Nh5dJ2NMngRKFJy-D&sai=AMfl-YSlV6RdcfkT1PewPaLb9zX6HIsgLlmDJ1ZM1iUHtPZZ_qPo5okD_fFARwZfMWZo-e-o5o1N0CvQp4f21SFqoXOi4YI8Tk3N3kzuRbhKBG8HSQkFRmhG-rBxu9A9M-iJs0Hu0PpwS5um&sig=Cg0ArKJSzCf97PO-_LOKEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame B0DD 24 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:54:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame B0DD 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 09:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 09:15:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0DD 202 KB
64 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 10:24:03 GMT

GET
H3 200 6709191357298728489
tpc.googlesyndication.com/simgad/ Frame B0DD 25 KB
25 KB 27ms
27ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6709191357298728489

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40d1acf3272b08d1824e8fbc66b54a01557f935dbdbf3fe1ab9e841a79ef1f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:44:23 GMT
x-content-type-options: nosniff
age: 322780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25598
x-xss-protection: 0
last-modified: Thu, 27 Jun 2019 21:09:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 16:44:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B0DD 0
0 29ms
29ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQi3asWUQ0ZiTojxWxygcrXS9WiiUhBZZwv1MyMouBxgbujCreFQlhKJJZN1aaZSNRrt2TSiJVrQDWuzU5ArDhR7yx0Bw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame 6102 12 KB
4 KB 83ms
27ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1702031042701878&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_99kwu5yZbbrKvf_x_AP9Za36Aem5b2gaa2VnKfJD_AuEAEg0e2gF2CVgoCAuAfIAQmpAjyld3sxFrI-qAMByAObBKoEqAJP0OcMiYdKKSagsjS-IsS-VTw3vdbVi5suteBJwWeLdlGbrh5igaucd61KFgiI9tyAyPEpXMYVhWsHKkXVfWbFuxlRmtM-ANXBFs6lWuyFFFVY1WUNEyGZi1z3I2Q1sQ2sCtEJzDwbOpGnm6H2uHQ6EW303vhWvRw4XUd45H_I_LtASgwXCEcjLRXF-7DoeTky4spmEewRSgYuD4M18TwZKTVqM28gr607mNjMLmXo7fi5JqXf5W_G7d0V_A7J-PzTBXXN1lqSnO1wHpmwZ8nOpe0jbimDaSvGDXsWK-2yK-YUTQytCnagA8LEnSHSZPcgt1CMlIIvmoHliphLmRmuRKF0bz4vUCqu3CdLfsFQMvz4RdhfKxfwQqI4cTXlFtju14s4ZNGlosAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj1j8jdz_-CA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJEReINEwigwsjdz_-CAxX3_xEIHXXLDX2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNhmUKK4BPOIipnszoP0ouvv3sb1kqUU4wftWWMRK1TQi2KMRtcbLcKOqXli9z09fZGSzrBU-8kBgB%26sig%3DAOD64_1JYgKikvrNfFwZKYtNT91wywgUvQ%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-B2glVPr6ZEm6P9YJGzlcp6BSOwd84kuOfsRcKzrqoevor38D8dQq1onVapDGfab6DZJl6DOgQDr4dYUbG0Clr4rNqFMZjUnhlmIAu8M0KK8EoH8CF10f0K5cEJd1Butr5vyt7KCWAT_XfzXZzwm2KsNSZ3AflOSoVsTmQZkTeBx8ZlaaI%26cry%3D1%26dbm_d%3DAKAmf-Ci6w843Z6rwZVT_hgMX6dyilaIbmUbImo8uekIJnVKB8PqeW_84YvlMzW3qzacqFFJnwGMri8AwBDImqB6Fqr8AVBurxOSVPXVLsRteh3Tx80Kmuq-1w2mdZ_c8KRy_SV_cMZo7pEn0Uxm8n6lAPOpgemNf2drtUXtoRZ6ZME3AYM6lRPITiZ77kJ21qhlVIl1aaHYzisCO6QFsh110JTjKckP54Lca60Hi4Bf0TYCd_WzznRtjGKot5ofv72CCnzxerk7tsBedgUfL6zILJvKDqoJt2O8_W8uSViQcLiHVADQz_yj8QTuAYmKHIYEXW7uuOPW3DfHAYzo6LzvYOk1uNbVjFuGwYZ3iqGpfxfb10OknSJRnC94VVDSBkqZrT0OL_RVE_damcTgIT_N1dOmXtgHrSx_uA_EloZMqDgoSoQrA81zGZGJzZ-T0qxE1VWeSdM32Yo5-UqGQ_bnJFmfcVwOiewfaR-zkh-LnTrlh1VD_79Pvq3-e867wffCVEXBAF8iHd0mH1GUh0GGWe1aV6zdrw%26adurl%3D
Requested by: Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c849fd82bff8e5b528362c5b6a84cff95a0cd13e5267a6ec922a8870c1a03244

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 10:24:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4224
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F15 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8-3FQUjYf15Ib0e04S_F_IMvoxEdiPJldWKgtvK0I9-3XfaXXi4RChVyWxVNOSS2pX1AeqMtjDGQxKSQMmagfcaUvucr1G7FVyF9NwYrKZA02ePOMa1btBwMFirB9_JokkH2G2jRDSl2RAAe63pAeRlgPPtjBKoyLY2sSgaQqxSAwlj2G1dH1TVHGSYBosXVjUxN8kN1xGbiyNhytmUU9Voe46PPYCDXKkDz0S8VR-3FESwil-GhPyCHPpqQwWpdAGdJ5wqCOPzRtCqj0um1IwyU3VVnahuqVt4kVzh510n_ZZ1ZvX2VZiGZ1fLCF8OebdjQqwYUF9PaNBW0beqhsBUSA-MxRfa-s1zR23LZ3EulRMlqw5ltyROawSaogqK-d6dPIraXOfzWaU3piDGlee4L6Si4&sai=AMfl-YTQWTZNhaCQJ971jSugtZZ30LmYLu5p16eGNQ9zrP6zLYIjLLsFfgMKPNOyWPuhxOB55SIfgJIfOV5C2vPzry486hP47sXMkAyB4JL-CNjP7uVr4pr2uG942Wi9FOByddH9XJbaz8uJ&sig=Cg0ArKJSzG3VqVeiH73lEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Dec 2023 10:24:03 GMT

GET
H2 200 lightbox_inline.js Show response
www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/ 2 KB
1 KB 734ms
681ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox_inline.js?mb=1702031043176
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/dist/scripts.js?v=l2a5PQAltTja_55rPxRYQHJqG_4GOqgPyTIwg3M8vYQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c09161b6c533697d2f42cf425d389c31aaa97f05f9b48f76700469910a9c20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 08 Dec 2023 10:24:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 19:57:19 GMT
content-md5: 3NDdCT9QCHk0Dy1BCYxbyw==
server: cloudflare
cf-polished: origSize=2532
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 61b3d6cf-301e-0067-5005-16ab97000000
x-ms-version: 2009-09-19
cf-ray: 83244be44a14690d-FRA

GET
DATA 200
OK truncated
/ Frame B0DD 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8d77e6699154f932fc064992ea167c347907fb1b722d2a6128d1900066e4b02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0AE9 38 KB
13 KB 21ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 263558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:11:25 GMT
expires: Wed, 04 Dec 2024 09:11:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AE9 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 09:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 09:15:42 GMT

GET
H/1.1

200
OK

request.php Show response
hal900011.redintelligence.net/ Frame 6102
Redirect Chain

https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c058a9516d&subid=&uid=35fb2b36b5da73e5&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c058a9516d&subid=&uid=35fb2b36b5da73e5&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

144ms
93ms

Script
application/x-javascript

138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c058a9516d&subid=&uid=35fb2b36b5da73e5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_99kwu5yZbbrKvf_x_AP9Za36Aem5b2gaa2VnKfJD_AuEAEg0e2gF2CVgoCAuAfIAQmpAjyld3sxFrI-qAMByAObBKoEqAJP0OcMiYdKKSagsjS-IsS-VTw3vdbVi5suteBJwWeLdlGbrh5igaucd61KFgiI9tyAyPEpXMYVhWsHKkXVfWbFuxlRmtM-ANXBFs6lWuyFFFVY1WUNEyGZi1z3I2Q1sQ2sCtEJzDwbOpGnm6H2uHQ6EW303vhWvRw4XUd45H_I_LtASgwXCEcjLRXF-7DoeTky4spmEewRSgYuD4M18TwZKTVqM28gr607mNjMLmXo7fi5JqXf5W_G7d0V_A7J-PzTBXXN1lqSnO1wHpmwZ8nOpe0jbimDaSvGDXsWK-2yK-YUTQytCnagA8LEnSHSZPcgt1CMlIIvmoHliphLmRmuRKF0bz4vUCqu3CdLfsFQMvz4RdhfKxfwQqI4cTXlFtju14s4ZNGlosAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj1j8jdz_-CA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJEReINEwigwsjdz_-CAxX3_xEIHXXLDX2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNhmUKK4BPOIipnszoP0ouvv3sb1kqUU4wftWWMRK1TQi2KMRtcbLcKOqXli9z09fZGSzrBU-8kBgB%26sig%3DAOD64_1JYgKikvrNfFwZKYtNT91wywgUvQ%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-B2glVPr6ZEm6P9YJGzlcp6BSOwd84kuOfsRcKzrqoevor38D8dQq1onVapDGfab6DZJl6DOgQDr4dYUbG0Clr4rNqFMZjUnhlmIAu8M0KK8EoH8CF10f0K5cEJd1Butr5vyt7KCWAT_XfzXZzwm2KsNSZ3AflOSoVsTmQZkTeBx8ZlaaI%26cry%3D1%26dbm_d%3DAKAmf-Ci6w843Z6rwZVT_hgMX6dyilaIbmUbImo8uekIJnVKB8PqeW_84YvlMzW3qzacqFFJnwGMri8AwBDImqB6Fqr8AVBurxOSVPXVLsRteh3Tx80Kmuq-1w2mdZ_c8KRy_SV_cMZo7pEn0Uxm8n6lAPOpgemNf2drtUXtoRZ6ZME3AYM6lRPITiZ77kJ21qhlVIl1aaHYzisCO6QFsh110JTjKckP54Lca60Hi4Bf0TYCd_WzznRtjGKot5ofv72CCnzxerk7tsBedgUfL6zILJvKDqoJt2O8_W8uSViQcLiHVADQz_yj8QTuAYmKHIYEXW7uuOPW3DfHAYzo6LzvYOk1uNbVjFuGwYZ3iqGpfxfb10OknSJRnC94VVDSBkqZrT0OL_RVE_damcTgIT_N1dOmXtgHrSx_uA_EloZMqDgoSoQrA81zGZGJzZ-T0qxE1VWeSdM32Yo5-UqGQ_bnJFmfcVwOiewfaR-zkh-LnTrlh1VD_79Pvq3-e867wffCVEXBAF8iHd0mH1GUh0GGWe1aV6zdrw%26adurl%3D&documentReferer=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&ancestorOrigins=https%3A%2F%2Fpanel.poco-for-turkgsm.website&random=9495311154886&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e24e6a9b9913799559a212467e3af83696fc5693825d1cacde7ed1bbbc55ca8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 10:24:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 39174400042744204444554012532011
Connection: close
Content-Length: 1325
Expires: Fri, 08 Dec 2023 10:24:03 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 10:24:03 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c058a9516d&subid=&uid=35fb2b36b5da73e5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_99kwu5yZbbrKvf_x_AP9Za36Aem5b2gaa2VnKfJD_AuEAEg0e2gF2CVgoCAuAfIAQmpAjyld3sxFrI-qAMByAObBKoEqAJP0OcMiYdKKSagsjS-IsS-VTw3vdbVi5suteBJwWeLdlGbrh5igaucd61KFgiI9tyAyPEpXMYVhWsHKkXVfWbFuxlRmtM-ANXBFs6lWuyFFFVY1WUNEyGZi1z3I2Q1sQ2sCtEJzDwbOpGnm6H2uHQ6EW303vhWvRw4XUd45H_I_LtASgwXCEcjLRXF-7DoeTky4spmEewRSgYuD4M18TwZKTVqM28gr607mNjMLmXo7fi5JqXf5W_G7d0V_A7J-PzTBXXN1lqSnO1wHpmwZ8nOpe0jbimDaSvGDXsWK-2yK-YUTQytCnagA8LEnSHSZPcgt1CMlIIvmoHliphLmRmuRKF0bz4vUCqu3CdLfsFQMvz4RdhfKxfwQqI4cTXlFtju14s4ZNGlosAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj1j8jdz_-CA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJEReINEwigwsjdz_-CAxX3_xEIHXXLDX2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNhmUKK4BPOIipnszoP0ouvv3sb1kqUU4wftWWMRK1TQi2KMRtcbLcKOqXli9z09fZGSzrBU-8kBgB%26sig%3DAOD64_1JYgKikvrNfFwZKYtNT91wywgUvQ%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-B2glVPr6ZEm6P9YJGzlcp6BSOwd84kuOfsRcKzrqoevor38D8dQq1onVapDGfab6DZJl6DOgQDr4dYUbG0Clr4rNqFMZjUnhlmIAu8M0KK8EoH8CF10f0K5cEJd1Butr5vyt7KCWAT_XfzXZzwm2KsNSZ3AflOSoVsTmQZkTeBx8ZlaaI%26cry%3D1%26dbm_d%3DAKAmf-Ci6w843Z6rwZVT_hgMX6dyilaIbmUbImo8uekIJnVKB8PqeW_84YvlMzW3qzacqFFJnwGMri8AwBDImqB6Fqr8AVBurxOSVPXVLsRteh3Tx80Kmuq-1w2mdZ_c8KRy_SV_cMZo7pEn0Uxm8n6lAPOpgemNf2drtUXtoRZ6ZME3AYM6lRPITiZ77kJ21qhlVIl1aaHYzisCO6QFsh110JTjKckP54Lca60Hi4Bf0TYCd_WzznRtjGKot5ofv72CCnzxerk7tsBedgUfL6zILJvKDqoJt2O8_W8uSViQcLiHVADQz_yj8QTuAYmKHIYEXW7uuOPW3DfHAYzo6LzvYOk1uNbVjFuGwYZ3iqGpfxfb10OknSJRnC94VVDSBkqZrT0OL_RVE_damcTgIT_N1dOmXtgHrSx_uA_EloZMqDgoSoQrA81zGZGJzZ-T0qxE1VWeSdM32Yo5-UqGQ_bnJFmfcVwOiewfaR-zkh-LnTrlh1VD_79Pvq3-e867wffCVEXBAF8iHd0mH1GUh0GGWe1aV6zdrw%26adurl%3D&documentReferer=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&ancestorOrigins=https%3A%2F%2Fpanel.poco-for-turkgsm.website&random=9495311154886&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 08 Dec 2023 10:24:03 +0100

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B0DD 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXLfbxA4Z4oX0SptiJn58zeBfTs-4Fz2q4dRxqCnqc4Su38OwoiDNHWcM1EGU8Jgl7dHuixPw-lqKEjAGxVSHzVb3fmAEHDS2ru2r9O9H52jSZ1QEvxn5tr2rW3otIzH-P7lh6LliQsOO6uxP978f_QzSHckokHEc7nmQ6gTj3TGtqE3qX9Ei_oeMB6VA_v30gBU7q-OdrCM4svy6ZWf9w2AtiSsPLRyZha0q9eAF8-VHoNGeqLkIiApqxZrXX1T3cv3iLQCmNMmMzyYuaEZNDpAtkw9lzWZ9kmwgcPFwEmQKNZyJrNuKynNIrXs0Z3lma8gITrbpVYZQJkWOpFM7ffBgXVLAHPskNFQUiUWhWLhjIymhlSBD_h0mUf5oBB9CTLCWmyBZuAZwnmse66FCxIzCF-_E&sai=AMfl-YRU69OdIn8Uq4FuSZP3HIs60rwn0hKcpcGfNpZwxsiGdn-W0RAYc10OC6h84k2lMmT9pwRYy_gZRrTJKkUshULCMbugwjYJQVzKXRVFkQTonNoZ9vqIsMeghzIIjCJjm9irc0wcDZTg&sig=Cg0ArKJSzDcwlKq0Z1fTEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Dec 2023 10:24:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AE9 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_MPVw-5yZdj8BYWPgAfTpb-AAwAAAAA4AeAEAg&bg=!TU6lTgHNAAY3kmNgF5I7ADQBe5WfOOc07Axh6MsSUlrRfSudD4-H_PyJUPZ_T27_Ve0jCSClkfVKhGaNaExVspKa4c3YAgAAADRSAAAAAWgBB5kDYyi-gLygqj9wRgACyTIBBEPMnRPqi2N0aEv-mg6TIyx5eWsIl_AdvFVS-AX_MV9_AWt3x-NWecPvT55AGSDyDYAQoxZKgdRv8yq0wYFJU7Vx2tb9QoxBS6XtxED_jkyymLvwXN9EXd3jqIXX-ZGEQyR__ivIr4TI0nB-XolZHJfGsy-wp4r3aylwAUOAyU4lRywJ4u56t_fKnNgOzUG57RFo3TWqAz-VvG4MskIuS0UJs0i-XZ0GcYJu5v75KoWXZRDM16AgSALLB9NvcpBx3SfSkURIjSFxfg0_wWy_17ld9-1EdWBvaoIibLn1mqihIBxTgbB3j6owGyTnyj7Uz6yZB5jqLD23RJmPQq8HsrlOLPDT5epqZkBpRSSNLQP1lqr3Cmx3lZwZ4BNgW25iTYBjsT_KKXUy1u_MiQ8-6c1GIo0ZHPTyv_FRB2Lkk2bEbYRAKLd6j1eDbkSGhdtVM_Qu-HcPjyctxY-kRUDWeM_Nvi53UIg9uofy_s90_B8O7-ZpI59HhHuVPTnFZhSafEMqaa_BlON5RmcFD_A6q6vs4ci-eh1YJXnYmG0MihOpz1eaxs0Xj5HPm9RiNjas8qHpZc6MZ1rV-tw0UhIyZgk2xzwp_ITKN-XcaX4hJJTudovFs9FdTvI3sBesQ4Vpkd3_wVoAIDrTJ9kx-O8DYWad4EetvaB3C7U-xJ0eFUuSjZh8AC1huSSf0MuandS0USIOhSS3FqHL7FE3Z8fZJbmI7nk_jNR_RHQUWhu2SvoMSIVR8O5mewiiwreN5hhaokMJPk_rsDfMcBWiL6KiT6agwNX4u9yg3N6rW5zuOYOYNwpPo2ufvcQKgkb0aP1U2qWdPKn8K6CC6hjR46g_ArXes8NffVCmHENJM57Na7MD4FaQpCmGqCW1ibHGvKgrzU98_kksteD7WkNOYYDwrHaCRsIGrEXGlITBCIN7Q1KO5-rQgb4KPnxYxkT5ZJV6g6EluwE49vYc9205_BP04rQAcZmby3n6ZVpEqF4C92O6148edQNwBKZ4UUlx2_RTgNKCgn-tMi6FRMl08XHkYhTRQURdoenZ2QI8XqaYgZ82LZ450EG57YN7twRE--DtMZFINLavoKuABslH9qTUpBSXS1Ce2lI6vSTZ9Ah7v5Rvgb-SHg

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame AE0A 0
327 B 175ms
33ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=39174400042744204444554012532011&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c058a9516d&subid=&uid=35fb2b36b5da73e5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_99kwu5yZbbrKvf_x_AP9Za36Aem5b2gaa2VnKfJD_AuEAEg0e2gF2CVgoCAuAfIAQmpAjyld3sxFrI-qAMByAObBKoEqAJP0OcMiYdKKSagsjS-IsS-VTw3vdbVi5suteBJwWeLdlGbrh5igaucd61KFgiI9tyAyPEpXMYVhWsHKkXVfWbFuxlRmtM-ANXBFs6lWuyFFFVY1WUNEyGZi1z3I2Q1sQ2sCtEJzDwbOpGnm6H2uHQ6EW303vhWvRw4XUd45H_I_LtASgwXCEcjLRXF-7DoeTky4spmEewRSgYuD4M18TwZKTVqM28gr607mNjMLmXo7fi5JqXf5W_G7d0V_A7J-PzTBXXN1lqSnO1wHpmwZ8nOpe0jbimDaSvGDXsWK-2yK-YUTQytCnagA8LEnSHSZPcgt1CMlIIvmoHliphLmRmuRKF0bz4vUCqu3CdLfsFQMvz4RdhfKxfwQqI4cTXlFtju14s4ZNGlosAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj1j8jdz_-CA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJEReINEwigwsjdz_-CAxX3_xEIHXXLDX2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNhmUKK4BPOIipnszoP0ouvv3sb1kqUU4wftWWMRK1TQi2KMRtcbLcKOqXli9z09fZGSzrBU-8kBgB%26sig%3DAOD64_1JYgKikvrNfFwZKYtNT91wywgUvQ%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-B2glVPr6ZEm6P9YJGzlcp6BSOwd84kuOfsRcKzrqoevor38D8dQq1onVapDGfab6DZJl6DOgQDr4dYUbG0Clr4rNqFMZjUnhlmIAu8M0KK8EoH8CF10f0K5cEJd1Butr5vyt7KCWAT_XfzXZzwm2KsNSZ3AflOSoVsTmQZkTeBx8ZlaaI%26cry%3D1%26dbm_d%3DAKAmf-Ci6w843Z6rwZVT_hgMX6dyilaIbmUbImo8uekIJnVKB8PqeW_84YvlMzW3qzacqFFJnwGMri8AwBDImqB6Fqr8AVBurxOSVPXVLsRteh3Tx80Kmuq-1w2mdZ_c8KRy_SV_cMZo7pEn0Uxm8n6lAPOpgemNf2drtUXtoRZ6ZME3AYM6lRPITiZ77kJ21qhlVIl1aaHYzisCO6QFsh110JTjKckP54Lca60Hi4Bf0TYCd_WzznRtjGKot5ofv72CCnzxerk7tsBedgUfL6zILJvKDqoJt2O8_W8uSViQcLiHVADQz_yj8QTuAYmKHIYEXW7uuOPW3DfHAYzo6LzvYOk1uNbVjFuGwYZ3iqGpfxfb10OknSJRnC94VVDSBkqZrT0OL_RVE_damcTgIT_N1dOmXtgHrSx_uA_EloZMqDgoSoQrA81zGZGJzZ-T0qxE1VWeSdM32Yo5-UqGQ_bnJFmfcVwOiewfaR-zkh-LnTrlh1VD_79Pvq3-e867wffCVEXBAF8iHd0mH1GUh0GGWe1aV6zdrw%26adurl%3D&documentReferer=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&ancestorOrigins=https%3A%2F%2Fpanel.poco-for-turkgsm.website&random=9495311154886&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Fri, 08 Dec 2023 10:24:03 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame F948 930 B
923 B 166ms
25ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c058a9516d&subid=&uid=35fb2b36b5da73e5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_99kwu5yZbbrKvf_x_AP9Za36Aem5b2gaa2VnKfJD_AuEAEg0e2gF2CVgoCAuAfIAQmpAjyld3sxFrI-qAMByAObBKoEqAJP0OcMiYdKKSagsjS-IsS-VTw3vdbVi5suteBJwWeLdlGbrh5igaucd61KFgiI9tyAyPEpXMYVhWsHKkXVfWbFuxlRmtM-ANXBFs6lWuyFFFVY1WUNEyGZi1z3I2Q1sQ2sCtEJzDwbOpGnm6H2uHQ6EW303vhWvRw4XUd45H_I_LtASgwXCEcjLRXF-7DoeTky4spmEewRSgYuD4M18TwZKTVqM28gr607mNjMLmXo7fi5JqXf5W_G7d0V_A7J-PzTBXXN1lqSnO1wHpmwZ8nOpe0jbimDaSvGDXsWK-2yK-YUTQytCnagA8LEnSHSZPcgt1CMlIIvmoHliphLmRmuRKF0bz4vUCqu3CdLfsFQMvz4RdhfKxfwQqI4cTXlFtju14s4ZNGlosAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj1j8jdz_-CA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJEReINEwigwsjdz_-CAxX3_xEIHXXLDX2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNhmUKK4BPOIipnszoP0ouvv3sb1kqUU4wftWWMRK1TQi2KMRtcbLcKOqXli9z09fZGSzrBU-8kBgB%26sig%3DAOD64_1JYgKikvrNfFwZKYtNT91wywgUvQ%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-B2glVPr6ZEm6P9YJGzlcp6BSOwd84kuOfsRcKzrqoevor38D8dQq1onVapDGfab6DZJl6DOgQDr4dYUbG0Clr4rNqFMZjUnhlmIAu8M0KK8EoH8CF10f0K5cEJd1Butr5vyt7KCWAT_XfzXZzwm2KsNSZ3AflOSoVsTmQZkTeBx8ZlaaI%26cry%3D1%26dbm_d%3DAKAmf-Ci6w843Z6rwZVT_hgMX6dyilaIbmUbImo8uekIJnVKB8PqeW_84YvlMzW3qzacqFFJnwGMri8AwBDImqB6Fqr8AVBurxOSVPXVLsRteh3Tx80Kmuq-1w2mdZ_c8KRy_SV_cMZo7pEn0Uxm8n6lAPOpgemNf2drtUXtoRZ6ZME3AYM6lRPITiZ77kJ21qhlVIl1aaHYzisCO6QFsh110JTjKckP54Lca60Hi4Bf0TYCd_WzznRtjGKot5ofv72CCnzxerk7tsBedgUfL6zILJvKDqoJt2O8_W8uSViQcLiHVADQz_yj8QTuAYmKHIYEXW7uuOPW3DfHAYzo6LzvYOk1uNbVjFuGwYZ3iqGpfxfb10OknSJRnC94VVDSBkqZrT0OL_RVE_damcTgIT_N1dOmXtgHrSx_uA_EloZMqDgoSoQrA81zGZGJzZ-T0qxE1VWeSdM32Yo5-UqGQ_bnJFmfcVwOiewfaR-zkh-LnTrlh1VD_79Pvq3-e867wffCVEXBAF8iHd0mH1GUh0GGWe1aV6zdrw%26adurl%3D&documentReferer=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&ancestorOrigins=https%3A%2F%2Fpanel.poco-for-turkgsm.website&random=9495311154886&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 08 Dec 2023 10:24:03 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 15 Dec 2023 10:24:03 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame 6102 2 KB
2 KB 223ms
82ms Script
text/html 3.11.198.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=39174400042744204444554012532011&nw=1
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.198.160 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 374bc75307c4b8c891b01cfd5da49edbdb956eb54c67e59e4642c292423d9d11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
last-modified: Fri, 08 Dec 2023 10:24:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 08 Dec 2023 10:25:03 GMT

GET
H2

200

activityi;dc_pre=CM-FhN7P_4IDFQ7kOwIdUDQAiw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9665324083260.375 Show response
5994599.fls.doubleclick.net/ Frame 5B77
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9665324083260.375?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CM-FhN7P_4IDFQ7kOwIdUDQAiw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9665324083260.375?

391 B
326 B

69ms
69ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CM-FhN7P_4IDFQ7kOwIdUDQAiw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9665324083260.375?

Requested by

Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

cafe /

Resource Hash

d324a0117cdb64b295d832b6e6a6947c012b320aade1f8f2603abf58a730bab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 10:24:03 GMT
expires: Fri, 08 Dec 2023 10:24:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 10:24:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM-FhN7P_4IDFQ7kOwIdUDQAiw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9665324083260.375?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900011.redintelligence.net/ Frame 1FD2 7 KB
2 KB 77ms
26ms Document
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request_content.php?s=39174400042744204444554012532011&a=d71f3088
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c058a9516d&subid=&uid=35fb2b36b5da73e5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_99kwu5yZbbrKvf_x_AP9Za36Aem5b2gaa2VnKfJD_AuEAEg0e2gF2CVgoCAuAfIAQmpAjyld3sxFrI-qAMByAObBKoEqAJP0OcMiYdKKSagsjS-IsS-VTw3vdbVi5suteBJwWeLdlGbrh5igaucd61KFgiI9tyAyPEpXMYVhWsHKkXVfWbFuxlRmtM-ANXBFs6lWuyFFFVY1WUNEyGZi1z3I2Q1sQ2sCtEJzDwbOpGnm6H2uHQ6EW303vhWvRw4XUd45H_I_LtASgwXCEcjLRXF-7DoeTky4spmEewRSgYuD4M18TwZKTVqM28gr607mNjMLmXo7fi5JqXf5W_G7d0V_A7J-PzTBXXN1lqSnO1wHpmwZ8nOpe0jbimDaSvGDXsWK-2yK-YUTQytCnagA8LEnSHSZPcgt1CMlIIvmoHliphLmRmuRKF0bz4vUCqu3CdLfsFQMvz4RdhfKxfwQqI4cTXlFtju14s4ZNGlosAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj1j8jdz_-CA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJEReINEwigwsjdz_-CAxX3_xEIHXXLDX2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNhmUKK4BPOIipnszoP0ouvv3sb1kqUU4wftWWMRK1TQi2KMRtcbLcKOqXli9z09fZGSzrBU-8kBgB%26sig%3DAOD64_1JYgKikvrNfFwZKYtNT91wywgUvQ%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-B2glVPr6ZEm6P9YJGzlcp6BSOwd84kuOfsRcKzrqoevor38D8dQq1onVapDGfab6DZJl6DOgQDr4dYUbG0Clr4rNqFMZjUnhlmIAu8M0KK8EoH8CF10f0K5cEJd1Butr5vyt7KCWAT_XfzXZzwm2KsNSZ3AflOSoVsTmQZkTeBx8ZlaaI%26cry%3D1%26dbm_d%3DAKAmf-Ci6w843Z6rwZVT_hgMX6dyilaIbmUbImo8uekIJnVKB8PqeW_84YvlMzW3qzacqFFJnwGMri8AwBDImqB6Fqr8AVBurxOSVPXVLsRteh3Tx80Kmuq-1w2mdZ_c8KRy_SV_cMZo7pEn0Uxm8n6lAPOpgemNf2drtUXtoRZ6ZME3AYM6lRPITiZ77kJ21qhlVIl1aaHYzisCO6QFsh110JTjKckP54Lca60Hi4Bf0TYCd_WzznRtjGKot5ofv72CCnzxerk7tsBedgUfL6zILJvKDqoJt2O8_W8uSViQcLiHVADQz_yj8QTuAYmKHIYEXW7uuOPW3DfHAYzo6LzvYOk1uNbVjFuGwYZ3iqGpfxfb10OknSJRnC94VVDSBkqZrT0OL_RVE_damcTgIT_N1dOmXtgHrSx_uA_EloZMqDgoSoQrA81zGZGJzZ-T0qxE1VWeSdM32Yo5-UqGQ_bnJFmfcVwOiewfaR-zkh-LnTrlh1VD_79Pvq3-e867wffCVEXBAF8iHd0mH1GUh0GGWe1aV6zdrw%26adurl%3D&documentReferer=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&ancestorOrigins=https%3A%2F%2Fpanel.poco-for-turkgsm.website&random=9495311154886&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ea7cea9c7ce34a7df4ef39c4e07f89edd29cce7e1b53ef3a30644230e9b15238

Request headers

Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2050
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Dec 2023 10:24:03 GMT
Expires: Fri, 08 Dec 2023 10:24:03 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 6102
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39174400042744204444554012532011&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39174400042744204444554012532011&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
360 B

32ms
32ms

Image
image/gif

91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39174400042744204444554012532011&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39174400042744204444554012532011&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Fri, 08 Dec 2023 10:24:03 GMT
server: nginx
content-length: 138
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 6102 43 B
702 B 250ms
110ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=39174400042744204444554012532011&pv=1

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 10:24:03 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK a-06v4 Show response
i.liadm.com/s/c/ Frame 0060 1 KB
1 KB 525ms
141ms Document
text/html 44.209.173.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-06v4?duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&euns=0&s=&version=v2.11.1&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-06v4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.209.173.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-209-173-11.compute-1.amazonaws.com

Software

Resource Hash

2befe42d25f9d4c5f6f00a8605755be2b1f8ecf12d909ad7c8098142963d157c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://panel.poco-for-turkgsm.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 689
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Dec 2023 10:24:03 GMT
Request-Time: 17
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4430 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Fri, 08 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6102 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2af8b8d56655530b1a1d66b85ede4850e37e42672b4c3b00cdc692508585656b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4430
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAjavHOgxuiLxHm7VX-uYjw&google_cver=1&google_push=AXcoOmSLRDAW2NBy7fKtBoO200q_wVC5w1RcvPEZA2ErHY8h1A0JBVMACKkxPjxPOddGtONIV9hxMC21m3LHWFSB9FWUulyl05iR
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI4MTYyOTgyMTU5NTI0MDE5OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENAJXM5JG45-hATb66MeNtE&google_cver=1

43 B
398 B

53ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENAJXM5JG45-hATb66MeNtE&google_cver=1
Requested by: Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Dec 2023 10:24:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENAJXM5JG45-hATb66MeNtE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4430 0
104 B 223ms
115ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFG4y2x9bGKGU2eW6opB1ls&google_cver=1&google_push=AXcoOmSG94GgTmBvia4lz3pHsPLjO1VifjJVaQtNI7g3BkNBBWf0Bz5KtumumNilBe7NPS6Nuo4FB5ypaj_gr3LlnBO5gRfj4keefQ
Requested by: Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 4430 70 B
149 B 152ms
43ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKdlZhddkO0EHSRj8N6kSKY&google_cver=1&google_push=AXcoOmS410ITIwsM5MI4ciMeWCfdR-5SqPhYPBquyVgxnhZBBddvDWSkezDnOjawbEd_gnjne9u_RZgZzf47RJR_xomJiuK4PyJ9cA
Requested by: Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4430
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFnk-TH7TeoQBynqOv1x-Js&google_cver=1&google_push=AXcoOmTS76hVeb1_bNA5C_GZS8L9MHmVIqzofIJUd-Ln8crIgT9VTZUIssSNO4hMe9CRRRAH1hp1GOAFE20...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTS76hVeb1_bNA5C_GZS8L9MHmVIqzofIJUd-Ln8crIgT9VTZUIssSNO4hMe9CRRRAH1hp1GOAFE203D8IoyCenlBDxY6kZ_A&google_hm=OrUOywDwTHOm9e0_iq...

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTS76hVeb1_bNA5C_GZS8L9MHmVIqzofIJUd-Ln8crIgT9VTZUIssSNO4hMe9CRRRAH1hp1GOAFE203D8IoyCenlBDxY6kZ_A&google_hm=OrUOywDwTHOm9e0_iqt5T6U

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:02 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTS76hVeb1_bNA5C_GZS8L9MHmVIqzofIJUd-Ln8crIgT9VTZUIssSNO4hMe9CRRRAH1hp1GOAFE203D8IoyCenlBDxY6kZ_A&google_hm=OrUOywDwTHOm9e0_iqt5T6U
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4430 0
174 B 137ms
29ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENU0OmSB46ieiQhz2yUph2o&google_cver=1&google_push=AXcoOmTuWQ8eewjRbK_N-QUcfD5x-brBMjo6fETkXfjF4rrsOetIoAyQZl1cPRj1Yrq7uWgUhrZoOPVNEG9_8hGv5wjFOsI_rtfbbA
Requested by: Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4430
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOyOp9-UmE3Hbj9iWj6aRrw&google_cver=1&google_push=AXcoOmSsH7dRRNNXIfN52lwcpIy7f5l5x2a8PYNoDeBpXttPQ-ntd43JcI5Uuw5L19aJuAkZ-Wsny8zN95Mid2...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDE2NzY2NjQ3NzgyNDE0NQ%3D%3D&google_push=AXcoOmSsH7dRRNNXIfN52lwcpIy7f5l5x2a8PYNoDeBpXttPQ-ntd43JcI5Uuw5L19aJuAkZ-Wsny8zN95Mid28jGF...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDE2NzY2NjQ3NzgyNDE0NQ%3D%3D&google_push=AXcoOmSsH7dRRNNXIfN52lwcpIy7f5l5x2a8PYNoDeBpXttPQ-ntd43JcI5Uuw5L19aJuAkZ-Wsny8zN95Mid28jGFGnVWqTp5OftA

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDE2NzY2NjQ3NzgyNDE0NQ%3D%3D&google_push=AXcoOmSsH7dRRNNXIfN52lwcpIy7f5l5x2a8PYNoDeBpXttPQ-ntd43JcI5Uuw5L19aJuAkZ-Wsny8zN95Mid28jGFGnVWqTp5OftA
Date: Fri, 08 Dec 2023 10:24:03 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4430
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKnqPRuUNi93tb-_ai1Q22c&google_cver=1&google_push=AXcoOmSBPQ3VXBMFJOG2Oxi4WjA_Lsfkpui-FKKx0xjsXJB_yCBWqUqy4KB-LSpFJVMYVYJaBQyJmMFLrd0p12ltRqpZ0Tky2S...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSBPQ3VXBMFJOG2Oxi4WjA_Lsfkpui-FKKx0xjsXJB_yCBWqUqy4KB-LSpFJVMYVYJaBQyJmMFLrd0p12ltRqpZ0Tky2So...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE4MDM5NTExNDA2MTk3OTQyMDc1Mg%3D%3D&google_push=AXcoOmSBPQ3VXBMFJOG2Oxi4WjA_Lsfkpui-FKKx0xjsXJB_yCBWqUqy...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE4MDM5NTExNDA2MTk3OTQyMDc1Mg%3D%3D&google_push=AXcoOmSBPQ3VXBMFJOG2Oxi4WjA_Lsfkpui-FKKx0xjsXJB_yCBWqUqy4KB-LSpFJVMYVYJaBQyJmMFLrd0p12ltRqpZ0Tky2SodfQ

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE4MDM5NTExNDA2MTk3OTQyMDc1Mg%3D%3D&google_push=AXcoOmSBPQ3VXBMFJOG2Oxi4WjA_Lsfkpui-FKKx0xjsXJB_yCBWqUqy4KB-LSpFJVMYVYJaBQyJmMFLrd0p12ltRqpZ0Tky2SodfQ
date: Fri, 08 Dec 2023 10:24:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4430 0
12 B 28ms
27ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzZE9mzVAbCpwyUAUKvRvDlsjAm8TAX-D7938Oa-erY0VLsPQMfc-XW-IiD2VeiP7JtfiO

Requested by

Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame 1FD2 5 KB
1 KB 82ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=39174400042744204444554012532011&a=d71f3088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 10:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 09:31:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 10:24:03 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1FD2 12 KB
12 KB 76ms
26ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=39174400042744204444554012532011&a=d71f3088
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 26735035b23410abe44992a5a817160c3563ec4cb9bf7a2df8222370b1a9d5a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 10:24:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12182
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1FD2 12 KB
12 KB 76ms
27ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=39174400042744204444554012532011&a=d71f3088
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8db0944beeac6af82ba53e1eb9f25e227c2025a82fc2b5b359c34cb2c7e791f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 10:24:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12071
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1FD2 8 KB
8 KB 77ms
26ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=39174400042744204444554012532011&a=d71f3088
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ecb81e87e78cce601b0a11f6e5aa18cf839550da10cf02a23fcfa4639aa4a857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 10:24:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 8151
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame F948 175 KB
63 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4997c29fa4f007b56e086e19dd955d6e5a1d6a31644ecb04b525daa6998ddb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64121
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Dec 2023 10:24:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312050101&jk=2614302699020528&bg=!8_Cl8L_NAAY3kmNgF5I7ADQBe5WfODR3uKDwrB2rbX0TGB8g6Sa52bR18vPR8QIYtfsWgzb7ZnpfbDXHdpS2zPOKuvSiAgAAADBSAAAAA2gBB5kDKGZrEBakwnZANEUCXo9TncnPPYMZKCgyfZ4E6-Phrwcn9J-3Cf0I74JrARYn0B1zswaQkxAiMHRW4vfCDxIAmo7212qbKN2pHtRuPljrBaKV-Ry4hw2lDKU4L3vDpaC9grjYDcwMbuUF9XOt3lqVUuOe-4W0zx9NwHw7a43AR4RMoFb0dywxTWY1MsfVRwCepEhbphXXBZly-1gkUPxyh3qlGKob-5ziTdg5LJ1Kcpdb61gvSso4QILuXnv55jgdHUEV9ZvFV8uwtwkddBT0cMHU_RP_5E-19eya2_g75BOo6vdGiQTyktf7rkkg4amqnN_lXJ6hD9cpRBpnty1u6U4-BeDZVKpgteeuK04aFHPUa_lpgFKcmWZdjDk0ycubhePX8nS829rPhF4ywXBzeOXOELcjU2k2Txy3baInobNCOzA45Y6BJWa55niBZpt4CTfHYDxZp8ljNfLTcP98HBjCF-EEw23YH45JTRNVoqvc0LVOYVe5oQ2wFbfNUSfy_NDkxreXjAQM8obk8YlpyXcx4HGv_VBKSD8FwTKBw6IpiKl2TZ1BAqYaxpT2dTrz2VUrYkdnWp1yzt27FgIeqlraEnU6u19r-nFGSCF_PemKTyui-0U2IQth9Jv0G_SgvzqmKhZ34xxPQiruzxJV5KexTqzOV8vvkFDkF7wGGVDXPi-g62_6TWAQF83ndSATTxkF7VspwALq34lOxGidg7tM4rgNRLPPAPIsZiMMFHPF_WgL8GpEULfoIrpOq-ydziowiSbNqoCmFf1z9FMxBi-vyUq3OAFjgQtfYU2rK5wsaQ9iKox3uW0xvXGwP7X3Ae0wCi3-HfSUMA3CdqYlu2sy_63jgB0j9mdDaa8fVz0i60ZRDRA87eUr5Pn_u0qlMdOuPGrJA0MYQd7qK-gEfZXSnfNIPN7ARSp2ezLaUUPKjDtDezAD6aQWyiypk6PJfrLvsftl6zdktONVvim8QVAQ-tdEKkDH_2AfIdaEylMxFTmAfxRMPfr1WjE4bdNx44BfaXo0T_ROlt50kzM0WU6jdZMinsLMzdS6YkAqshRdrvqZkWkQa2w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame 1FD2 0
150 B 77ms
26ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=39174400042744204444554012532011&a=be2fc50b&vb=m
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=39174400042744204444554012532011&a=d71f3088
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=39174400042744204444554012532011&a=d71f3088
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 10:24:03 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 1FD2 14 KB
15 KB 67ms
20ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900011.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:17:35 GMT
x-content-type-options: nosniff
age: 313588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 19:17:35 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 1FD2 15 KB
15 KB 72ms
25ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900011.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:37:52 GMT
x-content-type-options: nosniff
age: 312371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 19:37:52 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 6102 53 KB
19 KB 86ms
24ms Script
application/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=39174400042744204444554012532011&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 01:58:47 GMT
content-encoding: gzip
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 30317
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: tdKIPWmMHYvw5Zgjo9UEpGBzCHbZdIA9-sqRiVDQp_2WjbU3JOKxeA==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 6102 85 B
436 B 84ms
22ms Image
image/gif 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1702031343&Signature=NZZCC134wRjM3Xm6KaS3j0YX4A0vTlzHC3l2QSUXFzp~tiYtVQ5bN8qWWLwqY8zqH6KQqqmueCwKTxG1AzW~aFS71Dc-w9~Tac81zzdgufq0A5xezEpVS0caiIbJdvFJ1r~jccK4U-U3V0ODhgbhYgrff15xrY0EoWNLFf2djoisr89k~9AGT32CgBve1-xfRjUyl7kvuHvhsIELFiaVzMYeMxLnG737tQrph4ZX~kKXL3ZouDZpTgn4RDwmsUm72~qbZJ8SHMUy924SsLAxz7UK9ru36FX4oiA4RuVXsSKD-PpnLmRxHvv7IAFBLwnBuk6D6aEokGTLoZrxVXxkkg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
URL: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 08 Dec 2023 10:08:25 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 10068
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: JWmYEgsw5kxf_miV9Xx-vH4I1D_Yh4pIEeOoMSJd0rL7f3LmuJ40uw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F948 274 KB
91 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ff934cd7d0b18ab7e48a1dbf8798aa2499c10bee7a9d2ff200aae76885ed12f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93074
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 10:24:03 GMT

GET
H2 200 dc_pre=CM-FhN7P_4IDFQ7kOwIdUDQAiw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9665324083260.375
adservice.google.com/ddm/fls/z/ Frame 5B77 42 B
401 B 106ms
59ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM-FhN7P_4IDFQ7kOwIdUDQAiw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9665324083260.375

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM-FhN7P_4IDFQ7kOwIdUDQAiw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9665324083260.375?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/ Frame C625 510 B
419 B 354ms
354ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox.js?mb=1702031043913&lv=1
Requested by: Host: panel.poco-for-turkgsm.website
URL: https://panel.poco-for-turkgsm.website/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 82421ea1b7b67215779dcf529b7473fccaadaedcf8b227bc5b36f287f90d0e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:04 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 08 Dec 2023 10:11:49 GMT
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 83244be88e67690d-FRA

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame 0060
Redirect Chain

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=49f09ede-b79b-402f-8b08-dc366cb9106c
https://p.rfihub.com/cm?pub=39342&in=1&userid=81a3ac32-b164-4ef2-8ca8-a4ccd692fb7a%3A1702031044.1539083&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D81a3ac32-b164-4ef2-8ca8-a4ccd69...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336726786764456&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D81a3ac32-b164-4ef2-8c...
https://idsync.rlcdn.com/501709.gif?partner_uid=81a3ac32-b164-4ef2-8ca8-a4ccd692fb7a%3A1702031044.1539083&_=1702031044.1569483

0
98 B

84ms
32ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=81a3ac32-b164-4ef2-8ca8-a4ccd692fb7a%3A1702031044.1539083&_=1702031044.1569483
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&euns=0&s=&version=v2.11.1&
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Fri, 08 Dec 2023 10:24:04 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: FRA56-C2
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=81a3ac32-b164-4ef2-8ca8-a4ccd692fb7a%3A1702031044.1539083&_=1702031044.1569483
content-length: 447
x-amz-cf-id: YPk6U1_qo5GDwtirC23vkg3M4hqHsmkoFexqxYsXETfJ2ieLVWe_jg==

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0060 70 B
148 B 44ms
44ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&euns=0&s=&version=v2.11.1&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

restricted
mid.rkdms.com/ Frame 0060
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7281629821595240199
https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=49f09ede-b79b-402f-8b08-dc366cb9106c&liid=&_ct=im
https://mid.rkdms.com/restricted

0
0

132ms
132ms

Image
text/html

52.5.50.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/restricted
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&euns=0&s=&version=v2.11.1&
Protocol: H2
Server: 52.5.50.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-50-31.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:04 GMT
server: awselb/2.0
vary: Accept-Encoding
content-type: text/html; charset=utf-8
location: https://mid.rkdms.com/restricted
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 0060
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=49f09ede-b79b-402f-8b08-dc366cb9106c
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=49f09ede-b79b-402f-8b08-dc366cb9106c&rd=Y

43 B
593 B

340ms
340ms

Image
image/gif

2.19.217.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=49f09ede-b79b-402f-8b08-dc366cb9106c&rd=Y

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&euns=0&s=&version=v2.11.1&

Protocol

Server

2.19.217.66 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-217-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 10:24:04 GMT
pragma: no-cache
date: Fri, 08 Dec 2023 10:24:04 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=49f09ede-b79b-402f-8b08-dc366cb9106c&rd=Y
pragma: no-cache
date: Fri, 08 Dec 2023 10:24:04 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 08 Dec 2023 10:24:04 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 0060 43 B
363 B 90ms
28ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&euns=0&s=&version=v2.11.1&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:03 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 255759
expires: Fri, 08 Dec 2023 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 0060 43 B
146 B 72ms
20ms Image
image/gif 52.58.171.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=liveintent&user_id=49f09ede-b79b-402f-8b08-dc366cb9106c
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&euns=0&s=&version=v2.11.1&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.171.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-171-137.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 0060
Redirect Chain

https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=49f09ede-b79b-402f-8b08-dc366cb9106c
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=49f09ede-b79b-402f-8b08-dc366cb9106c

42 B
716 B

99ms
99ms

Image
image/gif

54.194.146.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=49f09ede-b79b-402f-8b08-dc366cb9106c

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj&euns=0&s=&version=v2.11.1&

Protocol

Server

54.194.146.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-146-163.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0d41b9f76.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 08 Dec 2023 10:24:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: dNi2uYksQac=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-06695c737.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 08 Dec 2023 10:24:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: wMM1kW9AQMo=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=49f09ede-b79b-402f-8b08-dc366cb9106c
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3F15 42 B
174 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKlhQQ7mpeledpM2sfaG3NrxmhMkYWCWrkDPXesP7W-ZjAAvE8JM1-gDjsD-Bz0gj_ILy7CbkQINkbxodjTADF0yKnviqvdYq7Nz00Jycn4c2bk5GIcQjYIgCwoBdCXVNGnzk01Uq1aQ&sai=AMfl-YRrUeTX9-7Adfji66HHy_1MjNjZo43dT5wUj1Xkuc-87v-QVwA&sig=Cg0ArKJSzDb8oaCl6PqzEAE&id=lidar2&mcvt=1000&p=571,436,661,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=518484386&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702031042974&rpt=198&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/ Frame C625 693 KB
147 KB 44ms
44ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/user.js?cb=638370122967366391
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox.js?mb=1702031043913&lv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1f7f51e6bef1fc5346f5d2f7b94c557d5d32985482e0e6e7e34fc8f07f0cff6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Dec 2023 10:24:04 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: //8KG9dxqOURpyUa2IDhbg==
age: 530223
cf-polished: origSize=1167838
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 19:57:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 25dd7701-001e-0064-56ee-24a890000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 83244beac897690d-FRA
expires: Sat, 07 Dec 2024 10:24:04 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 37ms
37ms Stylesheet
text/css 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=638017198397572777
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/user.js?cb=638370122967366391
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Dec 2023 10:24:04 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 199655
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 0a776975-a01e-000f-1969-22f5c6000000
cache-control: public, max-age=2678400
x-ms-version: 2009-09-19
cf-ray: 83244beba97c690d-FRA
expires: Mon, 08 Jan 2024 10:24:04 GMT

GET
H2 200 z Show response
lightboxapi.azurewebsites.net/z9gd/42066/panel.poco-for-turkgsm.website/jsonp/ 674 B
1 KB 529ms
149ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42066/panel.poco-for-turkgsm.website/jsonp/z?cb=1702031044424&callback=jQuery17107153835237889856_1702031044416&_=1702031044424
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/user.js?cb=638370122967366391
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 65b5d26f7e5e14c28191d571ac64ac84e9a369fd6b293232d369a5c6fd84ea41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:24:04 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
258 B 36ms
36ms Image
image/gif 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1702031044419&h=panel.poco-for-turkgsm.website&e=p&u=42066
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Dec 2023 10:24:04 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 708566
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 5b718bc0-301e-0067-0a4e-23ab97000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83244bebb981690d-FRA

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 6102 16 B
209 B 70ms
70ms Fetch
application/json 35.176.121.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.121.206 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-121-206.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Dec 2023 10:24:04 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 124ms
37ms Preflight 35.176.121.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.121.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-121-206.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 08 Dec 2023 10:24:04 GMT
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6102 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQIt5Ag9PauthPdr3LZSeoRnBu5WoGvxD99Ceqb5RwrIp2t6AO4xFlyKkDSRPnHEFYDx5TKnpaDx6QAz7cOQhpbzUQwonlKOAkF5f8Wnhlj-C0K7RBXwtsheXhLbjYgIY&sai=AMfl-YSM7DnSOy8NeJo8ZJSpQghK-oaIuVkq-AKSa-GaGNKgAMzQ0NTwQPyMSGNX8vZhrGYpMPaAHsCnJoM2EQf4yyGjiHEBsq_yy5xCyOsJBzaknNA-n4hVdBzvSAEsVfLFpn9QM_Tmfo4&sig=Cg0ArKJSzNypK9GCgjE7EAE&cid=CAQSPADICaaNhmUKK4BPOIipnszoP0ouvv3sb1kqUU4wftWWMRK1TQi2KMRtcbLcKOqXli9z09fZGSzrBU-8kBgB&id=lidar2&mcvt=1000&p=194,1010,444,1310&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2495303898&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702031042865&rpt=639&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame 1FD2 0
150 B 82ms
28ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=39174400042744204444554012532011&a=be2fc50b&vb=v
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=39174400042744204444554012532011&a=d71f3088
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=39174400042744204444554012532011&a=d71f3088
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 10:24:04 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6102 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=585860331331&version=m202309260101&ct=77&x=1&cor=4160623359467769000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 10:24:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings.js Show response
www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox/7b326ca7-bf12-4cf2-8b22-faa738684506/ 4 KB
3 KB 49ms
49ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox/7b326ca7-bf12-4cf2-8b22-faa738684506/settings.js?cb=638017198397572777
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/user.js?cb=638370122967366391
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4754b6de24fb6763a7d3ccb376563f90db41c3f2457c1830c58c1ba99c550903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Dec 2023 10:24:04 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: rMh3MdcmwM68bYTxDl+m0A==
age: 16907
cf-polished: origSize=3666
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 14 Mar 2022 21:52:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 9317174e-501e-0011-4799-292f2b000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 83244bef1cc4690d-FRA
expires: Sat, 07 Dec 2024 10:24:04 GMT

GET
H2 200 lightbox_builder.js Show response
www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/ Frame DF0D 291 KB
50 KB 39ms
39ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox_builder.js?cb=638017198397572777
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/user.js?cb=638370122967366391
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 393c7ecfc835c146c0e4ad0a591d56e975143e99e0c21f08ccdc412f774c0149

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Dec 2023 10:24:04 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: VhfzUtx7TM+B6tDk7wJHaQ==
age: 199654
cf-polished: origSize=491701
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 19:57:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 97ec3bc8-101e-003f-35de-11afec000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 83244bef1ccd690d-FRA
expires: Sat, 07 Dec 2024 10:24:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DF0D 2 KB
685 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=fallback

Requested by

Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox_builder.js?cb=638017198397572777

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e4bcd9b88cbbde3deb757d328d37cacaa5481b3966f54bfe3d20baa218b5a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 10:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 10:24:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 10:24:05 GMT

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
128 B 39ms
39ms Image
image/gif 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1702031045046&h=panel.poco-for-turkgsm.website&e=i&u=42066&b=196969&v=empty&s=empty
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Dec 2023 10:24:05 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 708567
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 5b718bc0-301e-0067-0a4e-23ab97000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83244bef9d40690d-FRA

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=605939082&t=event&ni=1&_s=2&dl=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&ul=en-us&de=UTF-8&dt=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Digioh&ea=Lightbox%20Display&el=196969&ev=1&_u=YDDAAUABAAAAACAAI~&jid=&gjid=&cid=829349977.1702031042&tid=UA-2624863-1&_gid=305739312.1702031042&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=4566144

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 22:00:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44608
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DF0D 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://panel.poco-for-turkgsm.website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 565103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 21:25:42 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=605939082&t=event&ni=1&_s=3&dl=https%3A%2F%2Fpanel.poco-for-turkgsm.website%2F&ul=en-us&de=UTF-8&dt=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Email%20Capture&ea=Lightbox%20Display&el=Button&ev=1&_u=YDDAAUABAAAAACAAI~&jid=&gjid=&cid=829349977.1702031042&tid=UA-2624863-1&_gid=305739312.1702031042&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=467264908

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://panel.poco-for-turkgsm.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 22:00:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44608
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 02:23:11	Name: lidid Value: 49f09ede-b79b-402f-8b08-dc366cb9106c
i.liadm.com/s	1970-01-20 17:30:23	Name: _li_ss Value: CkUKBQgKENcWCgYI3QEQ1xYKBgilARDXFgoGCIEBENcWCgUIDBDhFgoGCKIBENcWCgYIiwEQ1xYKBgjSARDXFgoFCH4Q1xY
.poco-for-turkgsm.website/	1970-01-20 18:56:47	Name: _gcl_au Value: 1.1.1368106093.1702031042
.poco-for-turkgsm.website/	1970-01-21 02:23:11	Name: _ga Value: GA1.2.829349977.1702031042
.poco-for-turkgsm.website/	1970-01-20 16:48:37	Name: _gid Value: GA1.2.305739312.1702031042
.poco-for-turkgsm.website/	1970-01-20 16:47:11	Name: _gat_gtag_UA_2624863_1 Value: 1
.poco-for-turkgsm.website/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .poco-for-turkgsm.website
.poco-for-turkgsm.website/	1970-01-21 02:23:11	Name: _lc2_fpi Value: 32e71002c47f--01hh4f9a2evbx99zt4cc5hvyqj
.poco-for-turkgsm.website/	1970-01-21 02:23:11	Name: _lc2_fpi_meta Value: {%22w%22:1702031042638}
.adnxs.com/	1970-01-20 18:56:47	Name: uuid2 Value: 2977689643396247985
.liadm.com/	1970-01-21 02:23:11	Name: lidid Value: 49f09ede-b79b-402f-8b08-dc366cb9106c
.casalemedia.com/	1970-01-20 18:56:47	Name: CMPS Value: 2147
.doubleclick.net/	1970-01-21 02:08:47	Name: IDE Value: AHWqTUligbHEvO7cgQUKzclWJ7UbR3MdRJQhhOuiww5tt3R8esLOSrAXgEE-awNuTPE
.adnxs.com/	1970-01-20 18:56:47	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb=Lmvp.!@wnfH8K6pQK`!5=E<L5?%Lx/ZzJN_iV`^76T`mj$kcz77KvC9O'Dmj$Z1MbpRzqF1`b^gQ*%8Nw
.doubleclick.net/	1970-01-20 21:06:23	Name: APC Value: AfxxVi40zxSu2Ts8HZaTg6iTN0fmYKH5ecby2ka3UdCB_dxjLNIZsQ
.poco-for-turkgsm.website/	1970-01-21 02:08:47	Name: __gads Value: ID=517079a1716d469d:T=1702031042:RT=1702031042:S=ALNI_MYxPVpPIGsyK-IQ8f-oTrI6MOHsSg
.poco-for-turkgsm.website/	1970-01-21 02:08:47	Name: __gpi Value: UID=00000d0f8bf577b5:T=1702031042:RT=1702031042:S=ALNI_MZokm6QXMXIc615zMOyn_P7D5FW-g
.poco-for-turkgsm.website/	1970-01-21 02:23:11	Name: _ga_6CLCKX16XJ Value: GS1.1.1702031042.1.0.1702031043.59.0.0
.casalemedia.com/	1970-01-21 01:32:47	Name: CMID Value: ZXLuwzMILBzgVSWHv0rFKgAA
.casalemedia.com/	1970-01-20 18:56:47	Name: CMPRO Value: 2147
.doubleclick.net/	1970-01-20 17:30:23	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 18:56:47	Name: 8lcfmzhxc8d6_uid Value: c2d9b9b5f534bcaa
.adfarm1.adition.com/	1970-01-20 18:56:47	Name: UserID1 Value: 7310167666477824145
.3lift.com/	1970-01-20 18:56:47	Name: tluid Value: 3180395114061979420752
.turn.com/	1970-01-20 21:06:23	Name: uid Value: 7281629821595240199
.ctnsnet.com/	1970-01-21 01:32:47	Name: gid_CAESEFnk-TH7TeoQBynqOv1x-Js Value: 1
.ctnsnet.com/	1970-01-21 01:32:47	Name: cid_3ab50ecb00f04c73a6f5ed3f8aab794f Value: 1
.blismedia.com/	1970-01-21 01:32:51	Name: b Value: 6572EEC3E4FBC77FC1D6515DBLIS
.office-partner.de/	1970-01-21 02:23:11	Name: source Value: {"webgains_webgains":{"timestamp":1702031043736,"clickCookie":false}}
.awin1.com/	1970-01-20 16:57:15	Name: awpv11601 Value: 113440\|1702031043\|e911b340-95b3-11ee-b1a8-22396ad6a5ca
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.lightboxcdn.com/	1969-12-31 23:59:59	Name: _cfuvid Value: IjDlvsMEkD5ks1YPwTAdOu5_Ir6lxoXEtlwu2vBpH0k-1702031043899-0-604800000
.poco-for-turkgsm.website/	1970-01-20 17:30:23	Name: _li_ss Value: CjYKBQgKENcWCgYI3QEQ1xYKBgiBARDXFgoFCAwQ4RYKBgiiARDXFgoGCIsBENcWCgYI0gEQ1xY
.poco-for-turkgsm.website/	1970-01-20 17:30:23	Name: _li_ss_meta Value: {%22w%22:1702031044024%2C%22e%22:1704623044024}
.rezync.com/	1970-01-20 21:06:23	Name: zync-uuid Value: 81a3ac32-b164-4ef2-8ca8-a4ccd692fb7a:1702031044.1539083
.addthis.com/	1970-01-21 02:17:25	Name: na_id Value: 2023120810240400072220087829
.addthis.com/	1970-01-21 02:17:25	Name: na_tc Value: Y
.addthis.com/	1970-01-21 02:17:25	Name: uid Value: 6572eec4f04ac6d4
.addthis.com/	1970-01-21 02:17:25	Name: ouid Value: 6572eec40001c3d19b3385cad462cea47d85c338475d0f80c6c0
.rfihub.com/	1970-01-21 02:08:47	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjO3MDM3MzExNRPiM9StcHQqcAnMjwgOKk0DAPx61PElAAAA
.rfihub.com/	1970-01-21 02:08:47	Name: eud Value: H4sIAAAAAAAA_13IuxGAMAgA0AmsMgceP4G4DUEzkKWlk1p6Z_ne1TwoJUsYBpmCnpMhKgNSqw7rPIfnTo6MQqi60iYdQ-62fClmz88vkQv5ZloAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjO3MDM3MzExNRPiM9StcHQqcAnMjwgOKk0DAPx61PElAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXByxWAMAgEwIvt4OOzBmI3GzSFWLkz35FlDHa4LBsQvNulmiVE9zOm75W8LdU1TIHTrpha8QPxF2G4OgAAAA
live.rezync.com/	1970-01-20 21:06:23	Name: sd-session-id Value: .eJwNylEOgyAMANC79FsWSktBLmMQa0I22SLuZ8a7z8-XvBOmj-5bbtoOSMf-1QHKq97qkE7o9bfpExJ4ZEckwUmIEoTZC1wDdO29vttUl_tEzJQLOTOjsGFdnYklR5O5lEVGt84hJwzWWULL_EBPo40E1x_B8yYa.ZXLuxA.3klnLa4oxGQLrLqGG3B9z8SjLus
.dlx.addthis.com/	1970-01-20 17:30:23	Name: na_sc_x Value: 1
.demdex.net/	1970-01-20 21:06:23	Name: demdex Value: 02643786498856883192278898669207536747
.lightboxapi.azurewebsites.net/	1970-01-20 16:47:14	Name: TiPMix Value: 13.800548095107112
.lightboxapi.azurewebsites.net/	1970-01-20 16:47:14	Name: x-ms-routing-name Value: self
.dpm.demdex.net/	1970-01-20 21:06:23	Name: dpm Value: 02643786498856883192278898669207536747

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://panel.poco-for-turkgsm.website/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://panel.poco-for-turkgsm.website/cdn-cgi/challenge-platform/scripts/jsd/main.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=81a3ac32-b164-4ef2-8ca8-a4ccd692fb7a%3A1702031044.1539083&_=1702031044.1569483 Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/user.js?cb=638370122967366391(Line 97) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
86af48786eea0cfe2ccac3039fc68bdf.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
b-code.liadm.com
b1sync.zemanta.com
c.amazon-adsystem.com
cdn.teachertube.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
content.swncdn.com
d.turn.com
dclk-match.dotomi.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900011.redintelligence.net
i.liadm.com
ib.adnxs.com
idsync.rlcdn.com
lightboxapi.azurewebsites.net
live.rezync.com
match.adsrvr.org
media.swncdn.com
medialead.de
mid.rkdms.com
p.rfihub.com
pagead2.googlesyndication.com
panel.poco-for-turkgsm.website
pv.medialead.de
r.turn.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lightboxcdn.com
www.teachertube.com
x.bidswitch.net
x.dlx.addthis.com
104.18.36.155
104.64.118.247
108.138.1.25
13.32.27.113
138.201.63.116
138.201.64.38
142.250.181.230
142.250.185.226
178.250.1.9
18.66.147.120
185.143.234.120
185.89.210.122
193.0.160.131
2.19.217.66
20.40.202.0
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
205.234.175.175
216.58.206.38
2600:1f18:730:b110:b9d7:5d50:f444:5e53
2600:9000:225e:3600:8:8845:1500:93a1
2606:4700:20::ac43:4097
2606:4700::6811:180e
2606:4700::6813:d383
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9b
2a02:fa8:8806:12::1400
2a0b:4d07:101::1
3.11.198.160
34.225.218.210
34.96.105.8
35.176.121.206
35.186.193.173
35.244.174.68
44.209.173.11
52.223.40.198
52.5.50.31
52.58.171.137
54.194.146.163
64.202.112.95
76.223.111.18
85.114.159.93
91.121.248.44
94.23.99.218
99.86.4.52
04c57d77b2da86500623ecf0d1e148d73c2b1f7832c0dfbe5fa7fef20148041b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e3436fda51c8e8eb41bb2569c2f3fe308f3ce2be168b56fdc15d29df05d000
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08db8744e1e40d0dea90de30c0019e235218d99ced1629cfea8a90e2a5a419a7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10089e9ea026980ec586a85660e8e7c47c7a2e0ba884863a74ebe606b9355f69
1ed2aff5bb5a2b032a6f5ab8afae851104d7166724987a631651c1f4d882f308
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
26735035b23410abe44992a5a817160c3563ec4cb9bf7a2df8222370b1a9d5a8
2af8b8d56655530b1a1d66b85ede4850e37e42672b4c3b00cdc692508585656b
2befe42d25f9d4c5f6f00a8605755be2b1f8ecf12d909ad7c8098142963d157c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30358ae781659e2bc770aac143016854b076556751ee5812c04add6a99510510
30ecc46eac05a2fee506214087afdddc5a45305b875b2ae53188438c307972f2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
374bc75307c4b8c891b01cfd5da49edbdb956eb54c67e59e4642c292423d9d11
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
393c7ecfc835c146c0e4ad0a591d56e975143e99e0c21f08ccdc412f774c0149
3be64a1287eecb4df5d34f64044039633f2346bf787a724cf5b2f7f7c7ce6e3f
40d1acf3272b08d1824e8fbc66b54a01557f935dbdbf3fe1ab9e841a79ef1f77
4314c6f9c17827a211d8da915c0f04396121296b04d09ede372653a71be24216
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4754b6de24fb6763a7d3ccb376563f90db41c3f2457c1830c58c1ba99c550903
47ba748628cb1e3b9cea86533cb091c48acf7af5651f55b1c54459719a423d42
48749e4b7f98c7f45f40076797dbc8005c15894760e3b18ab55f3655207c86e9
489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56d534d2c384bd82d8e92a7c9b9ab3f2e3f5581f231510c627b38f101c3b3502
583edc8fb897ec5ebc6dd3c54679ce9f8d3d4454e2c8d00561e88897ddd21839
58db6e642a5c93a30ac885003bc145ba1350a8c38a4a200b7a6b113ab51f8c8c
590b1c85090cd7d76f56b31adb1ff050ef8aabf6ad535e603cc7a8e0454eaac3
5db2e80e3f29328a362c9753db36f09f118635b697e29e45987bdc97a7f7bbc4
5e4bcd9b88cbbde3deb757d328d37cacaa5481b3966f54bfe3d20baa218b5a2e
618deeee95ada2869cbc7402b889ea71fa6366fe8ec232bfebbfd3043163f712
61aa1bff6855b179c44f7e3bf952a0dc9913e0b2041929a020591ff831920f5d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65b5d26f7e5e14c28191d571ac64ac84e9a369fd6b293232d369a5c6fd84ea41
65d54d8b3da05b0470472de1b1837eb008522496f9a0b5819aa9ebb03b006606
67fe60348920ae0cf01fdd81b9e36ffa7254eabef360848b0d8dc1ee9f9fa7ae
71dd5d9c9b1daecd546edf5fc5634e48201cfa411c4386cedfd94329c69d32b9
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f1eb3019a07280fe1ba8a67fcedcb4eea11ee651f0202c131abce36bf402db5
819d20449e143e272691df9f11b130a75f076c3089cbae5224544518efcd849d
82421ea1b7b67215779dcf529b7473fccaadaedcf8b227bc5b36f287f90d0e04
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85c09161b6c533697d2f42cf425d389c31aaa97f05f9b48f76700469910a9c20
882131fea024d9277f69936dce728fdf9376589f7dcb51c81794ccab173dbd10
89829b7409391803bc3d3eb9b9ace1c4ded110b3e70da7c07c36f4907bce1562
8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db0944beeac6af82ba53e1eb9f25e227c2025a82fc2b5b359c34cb2c7e791f4
9766b93d0025b538daff9e6b3f145840726a1bfe063aa80fc9323083733cbd84
9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9efb0fa8b6eb17ef69b3c4a0bc131d5b890feb43aef54da5e00ccb9111013a4a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff934cd7d0b18ab7e48a1dbf8798aa2499c10bee7a9d2ff200aae76885ed12f
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a379b2cb7f16bdb34683c426e25a7be1ba77c0462b863933a464fbb953d079f7
a5d7fef8fe761435ea4a85dc28fda75e42a782187bf9289a53cd6d2f49507966
ae0a4dd3f4c0bbee8fdd3a70f8058cddb1612cf21bb1bdff572f2ed5b1e39d66
af3a6ad1716cb90c3c3391eec1ca45bf595644de5a6e9112f4440a5298467eec
af74e1a011da94fd4b962c03b77c284344511432ecf9154845f058c96bd02cd4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f7f51e6bef1fc5346f5d2f7b94c557d5d32985482e0e6e7e34fc8f07f0cff6
b331bd2fad59d5e70a6628f16130ce4fff5cfef99a11beb0a80e1e75816a1b84
b6063f4c908efee944c87b02f8ddd54e55d60fb495fe2d95fad3c964fa8d0d5e
b77540afcb287df890ee3f702456961bb5f347c9fc8a1dc4b701c136e36bbc44
b865f9707cedd8abe92543866d157f11c7580aec7526678edffe39ab1c454672
b885e9ca55ffd164b37ed4e3316f8a88f7b5c5fdc6920b8a2c5fdd0e89ca0eaf
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
c3e02a868d3bee66ff08eb2b74a5db6224af1185a0b614e240d49b46cfa52ca6
c63d0e0fb350b811afa33bf2356af9020ce8f612332c39c7961eafe933723210
c77b1cc2439c34f343e09b29a5dc3a76934660b72eaed4406bd5b31d409f04b3
c7fa3b11a11e8b5d3379e8563d5afc091761044a085bad4789792e0a9c9ce753
c849fd82bff8e5b528362c5b6a84cff95a0cd13e5267a6ec922a8870c1a03244
c8d77e6699154f932fc064992ea167c347907fb1b722d2a6128d1900066e4b02
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c932399fb9f897daef0e655f7f931a4b6bede22fe1fc387c1a3f0a7c81b6f519
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ceeada33b44bd66a03c22c5bd457f7a6bcc9ab1f5e451bd70ed4653662702d74
d324a0117cdb64b295d832b6e6a6947c012b320aade1f8f2603abf58a730bab1
d4997c29fa4f007b56e086e19dd955d6e5a1d6a31644ecb04b525daa6998ddb7
d9290e14631b4aec5fc53dedb69839741e11090fadb6f0c876044d1992be1245
d932243e46a23ec66e87cfaa3390f5426459bdb89f6920d25e78f4e0a0387eef
ddd55c5756a4ea1e42ab58e2af23d55431b9f808c61a2e5837e61c488c317718
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0b49eb2c63baa28b13d65ccdc89ba30a9b27cf3cc65a91d965cb9b527a083b5
e0f23fa5ba218f00f5039678455f7be32b113009048a71802bc7bb6f7e6f3606
e24e6a9b9913799559a212467e3af83696fc5693825d1cacde7ed1bbbc55ca8b
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5deb36c92a30bfd5c5232d1bdfabdcf842ee858dce2da017a48ec922ba9c397
e909e1c0b2634f8f16c9a9c2cbd515667f22b98470ece970f85bc75886a9ec38
e9f4d0009dd384954901125db9e7c1375a604a102516aaed6bdd7113113817d3
ea7cea9c7ce34a7df4ef39c4e07f89edd29cce7e1b53ef3a30644230e9b15238
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecb81e87e78cce601b0a11f6e5aa18cf839550da10cf02a23fcfa4639aa4a857
ed7d9336de582248857dbf01b186a480a5c57337b5516e3e01dff1a26005c7b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa877c4fad9a99e929c0a132863cff2c69bd16f0869c93750a3ce447ee4a2a86
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fdca94b5eb3df5cec885dc4fa966adf60d065e4a8f296db5124d731c0210d7c1
feb66f83bae1b5d508dcf05686ca73d3fd178a3d32216bd134bc26156fbdfed7

panel.poco-for-turkgsm.website Open in urlscan Pro 185.143.234.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

169 Requests

91 %HTTPS

40 %IPv6

42 Domains

61 Subdomains

49 IPs

11 Countries

3374 kBTransfer

8227 kBSize

49 Cookies

66 Outgoing links

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

panel.poco-for-turkgsm.website Open in urlscan Pro
185.143.234.120 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

91 %
HTTPS

40 %
IPv6

42
Domains

61
Subdomains

49
IPs

11
Countries

3374 kB
Transfer

8227 kB
Size

49
Cookies

169 HTTP transactions
5 data transactions