offer01.marketinglungs.online Open in urlscan Pro
89.117.77.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://offer01.marketinglungs.online/
Submission: On December 02 via api (December 2nd 2023, 9:52:15 pm UTC) from US — Scanned from US

Summary HTTP 248 Redirects Links 62 Behaviour Indicators

Summary

This website contacted 49 IPs in 7 countries across 43 domains to perform 248 HTTP transactions. The main IP is 89.117.77.90, located in New York, United States and belongs to NL-811-40021, US. The main domain is offer01.marketinglungs.online.
TLS certificate: Issued by R3 on December 2nd 2023. Valid for: 3 months.

This is the only time offer01.marketinglungs.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	89.117.77.90 89.117.77.90	40021 (NL-811-40021) (NL-811-40021)
17	185.185.51.170 185.185.51.170	49981 (WORLDSTREAM) (WORLDSTREAM)
2	77.223.135.226 77.223.135.226	43391 (NETDIREKT-AS) (NETDIREKT-AS)
1	77.92.138.125 77.92.138.125	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2607:f8b0:402... 2607:f8b0:4023:1::61	15169 (GOOGLE) (GOOGLE)
1	212.68.47.11 212.68.47.11	15830 (EQUINIX) (EQUINIX)
4	2607:f8b0:402... 2607:f8b0:4024:c01::64	15169 (GOOGLE) (GOOGLE)
2	195.181.165.140 195.181.165.140	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2607:f8b0:402... 2607:f8b0:4023:1::8b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4024:c02::9d	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2004	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:402... 2607:f8b0:4024:c01::9c	15169 (GOOGLE) (GOOGLE)
6	3.132.70.167 3.132.70.167	16509 (AMAZON-02) (AMAZON-02)
3	46.20.149.250 46.20.149.250	48737 (DORATELEKOM) (DORATELEKOM)
17	23.57.90.106 23.57.90.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2607:f8b0:402... 2607:f8b0:4024:c09::9b	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4024:c09::5f	15169 (GOOGLE) (GOOGLE)
4	18.221.11.176 18.221.11.176	16509 (AMAZON-02) (AMAZON-02)
12	2607:f8b0:402... 2607:f8b0:4024:c02::84	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4024:c01::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4024:c02::64	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4024:c00::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4024:c09::94	15169 (GOOGLE) (GOOGLE)
2 2	2606:ae80:145... 2606:ae80:1451:20::1720	25751 (VALUECLICK) (VALUECLICK)
1 8	173.194.209.154 173.194.209.154	15169 (GOOGLE) (GOOGLE)
1	3.81.188.147 3.81.188.147	14618 (AMAZON-AES) (AMAZON-AES)
1 1	172.104.105.5 172.104.105.5	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	2600:9000:250... 2600:9000:2505:f800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	23.83.76.68 23.83.76.68	395954 (LEASEWEB-...) (LEASEWEB-USA-LAX)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
17	2606:4700:20:... 2606:4700:20::681a:658	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
5	69.173.151.96 69.173.151.96	26667 (RUBICONPR...) (RUBICONPROJECT)
4	2602:803:c002... 2602:803:c002:200::52	26667 (RUBICONPR...) (RUBICONPROJECT)
21	85.111.6.48 85.111.6.48	9121 (TTNET) (TTNET)
5	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
3 8	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
5	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
9	2606:4700:20:... 2606:4700:20::681a:758	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	2620:100:a001::c 2620:100:a001::c	() ()
4	74.119.119.139 74.119.119.139	() ()
3	162.19.138.120 162.19.138.120	() ()
2	23.217.173.107 23.217.173.107	() ()
2	2620:100:a001::4 2620:100:a001::4	() ()
3	85.111.6.50 85.111.6.50	() ()
6 6	172.240.127.131 172.240.127.131	() ()
1	2606:4700:20:... 2606:4700:20::ac43:4a93	() ()
1	162.19.138.116 162.19.138.116	() ()
3 7	8.43.72.97 8.43.72.97	() ()
1	2606:4700::68... 2606:4700::6810:3965	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a05:e182:13ad:2937:20d	() ()
2 2	35.71.131.137 35.71.131.137	() ()
248	49

5 89.117.77.90 (New York, United States)

ASN40021 (NL-811-40021, US)
PTR: vmi1463663.contaboserver.net

offer01.marketinglungs.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.185.51.170 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-185-51-170.hosted-by-worldstream.net

s.hbrcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.223.135.226 (Turkey)

ASN43391 (NETDIREKT-AS, TR)

i.hbrcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.92.138.125 (Istanbul, Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-125-138-92-77.sadecehosting.com

cdn.p.analitik.bik.gov.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4023:1::61 (Clarksville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.68.47.11 (Turkey)

ASN15830 (EQUINIX, NL)

c.keltis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4024:c01::64 (Clarksville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.181.165.140 (London, United Kingdom)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-165-181-195-140.datapacket.com

www.haberler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1::8b (Clarksville, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4024:c02::9d (Clarksville, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4024:c01::9c (Clarksville, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.132.70.167 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-70-167.us-east-2.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.20.149.250 (Turkey)

ASN48737 (DORATELEKOM, TR)
PTR: izle.haberler.com

izlehls.haberler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 23.57.90.106 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-57-90-106.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4024:c09::9b (Clarksville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4024:c09::5f (Clarksville, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.221.11.176 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-221-11-176.us-east-2.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4024:c02::84 (Clarksville, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4024:c01::5e (Clarksville, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4024:c02::64 (Clarksville, United States)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4024:c00::5e (Clarksville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4024:c09::94 (Clarksville, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:20::1720 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 173.194.209.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: vg-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.81.188.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-188-147.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.105.5 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1715-5.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2505:f800:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.83.76.68 (Los Angeles, United States) 1 redirects

ASN395954 (LEASEWEB-USA-LAX, US)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:20::681a:658 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cdn.pixad.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssp-service.pixad.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c002:200::52 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns1.ttidc.com.tr

cpm.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::90 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

bs.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:758 (United States)

ASN13335 (CLOUDFLARENET, US)

melon.rtb.pixad.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:100:a001::c (None, ) 3 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.119.119.139 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.120 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.217.173.107 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::4 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.111.6.50 (None, )

ASN- ()

rtb.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.240.127.131 (None, ) 6 redirects

ASN- ()

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a93 (None, )

ASN- ()

static.pixad.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (None, )

ASN- ()

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 8.43.72.97 (None, ) 3 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (None, )

ASN- ()

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a05:e182:13ad:2937:20d (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (None, ) 2 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	pixad.com.tr static.cdn.pixad.com.tr — Cisco Umbrella Rank: 122373 melon.rtb.pixad.com.tr — Cisco Umbrella Rank: 285749 Failed ssp-service.pixad.com.tr static.pixad.com.tr	208 KB
27	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1487 secure-ds.serving-sys.com — Cisco Umbrella Rank: 2632 lm.serving-sys.com — Cisco Umbrella Rank: 2628	389 KB
24	programattik.com cpm.programattik.com — Cisco Umbrella Rank: 68876 rtb.programattik.com	9 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	361 KB
19	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	82 KB
19	hbrcdn.com s.hbrcdn.com — Cisco Umbrella Rank: 256227 i.hbrcdn.com — Cisco Umbrella Rank: 141489	340 KB
18	rubiconproject.com 3 redirects prebid-server.rubiconproject.com — Cisco Umbrella Rank: 788 fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com Failed	24 KB
14	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 776 gum.criteo.com mug.criteo.com	11 KB
8	yandex.ru 3 redirects bs.yandex.ru — Cisco Umbrella Rank: 12645 an.yandex.ru	2 KB
8	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2 mts0.google.com — Cisco Umbrella Rank: 4606	101 KB
6	betweendigital.com 6 redirects ads.betweendigital.com	4 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	111 KB
5	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7367	956 B
5	adform.net adx.adform.net — Cisco Umbrella Rank: 4544	3 KB
5	haberler.com www.haberler.com — Cisco Umbrella Rank: 198212 d.haberler.com Failed izlehls.haberler.com — Cisco Umbrella Rank: 386221	3 KB
5	marketinglungs.online offer01.marketinglungs.online	19 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	id5-sync.com id5-sync.com	3 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	116 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 487 fonts.googleapis.com — Cisco Umbrella Rank: 29	128 KB
2	adsrvr.org 2 redirects match.adsrvr.org	691 B
2	criteo.net static.criteo.net	62 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	882 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	128 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	190 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com Failed	617 B
1	linkedin.com px.ads.linkedin.com	729 B
1	cloudflareinsights.com static.cloudflareinsights.com	7 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com	289 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	1 KB
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 902	453 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	457 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1293	373 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 674	455 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 9014	290 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 8865	597 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1014	285 B
1	keltis.com c.keltis.com — Cisco Umbrella Rank: 352426	144 B
1	bik.gov.tr cdn.p.analitik.bik.gov.tr — Cisco Umbrella Rank: 56190 58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr Failed	34 KB
0	ipredictive.com Failed sync.ipredictive.com Failed
0	sharethrough.com Failed match.sharethrough.com Failed
0	amazon-adsystem.com Failed s.amazon-adsystem.com Failed aax-eu.amazon-adsystem.com Failed
0	ad-plus.com.tr Failed id.ad-plus.com.tr Failed
248	43

	Domain	Requested by
21	cpm.programattik.com	static.cdn.pixad.com.tr s.hbrcdn.com cpm.programattik.com
17	secure-ds.serving-sys.com	s.hbrcdn.com secure-ds.serving-sys.com
17	s.hbrcdn.com	offer01.marketinglungs.online s.hbrcdn.com
12	static.cdn.pixad.com.tr	offer01.marketinglungs.online static.cdn.pixad.com.tr s.hbrcdn.com
12	tpc.googlesyndication.com	s.hbrcdn.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	offer01.marketinglungs.online s.hbrcdn.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	melon.rtb.pixad.com.tr	static.cdn.pixad.com.tr
9	googleads.g.doubleclick.net	s.hbrcdn.com
8	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
6	ads.betweendigital.com	6 redirects
6	bs.serving-sys.com	offer01.marketinglungs.online s.hbrcdn.com secure-ds.serving-sys.com
5	gum.criteo.com	3 redirects s.hbrcdn.com
5	ssp-service.pixad.com.tr	static.cdn.pixad.com.tr
5	bidder.criteo.com	static.cdn.pixad.com.tr
5	prebid-eu.creativecdn.com	static.cdn.pixad.com.tr
5	bs.yandex.ru	static.cdn.pixad.com.tr
5	adx.adform.net	static.cdn.pixad.com.tr
5	prebid-server.rubiconproject.com	static.cdn.pixad.com.tr
5	offer01.marketinglungs.online	offer01.marketinglungs.online s.hbrcdn.com
4	token.rubiconproject.com	3 redirects eus.rubiconproject.com
4	mug.criteo.com	static.pixad.com.tr
4	fastlane.rubiconproject.com	static.cdn.pixad.com.tr
4	fonts.gstatic.com	fonts.googleapis.com
4	lm.serving-sys.com	secure-ds.serving-sys.com
4	analytics.google.com	www.googletagmanager.com
4	www.google-analytics.com	offer01.marketinglungs.online www.google-analytics.com
3	pixel.rubiconproject.com
3	rtb.programattik.com	cpm.programattik.com
3	an.yandex.ru	3 redirects
3	id5-sync.com	static.cdn.pixad.com.tr static.pixad.com.tr
3	s0.2mdn.net	secure-ds.serving-sys.com s0.2mdn.net
3	izlehls.haberler.com	s.hbrcdn.com
2	match.adsrvr.org	2 redirects
2	static.criteo.net	s.hbrcdn.com static.criteo.net
2	eus.rubiconproject.com	s.hbrcdn.com eus.rubiconproject.com
2	dclk-match.dotomi.com	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	offer01.marketinglungs.online s.hbrcdn.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.haberler.com	s.hbrcdn.com offer01.marketinglungs.online
2	www.googletagmanager.com	offer01.marketinglungs.online s.hbrcdn.com
2	i.hbrcdn.com	offer01.marketinglungs.online
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	static.cloudflareinsights.com	static.pixad.com.tr
1	lb.eu-1-id5-sync.com	static.cdn.pixad.com.tr
1	static.pixad.com.tr	s.hbrcdn.com
1	cdn.jsdelivr.net	static.cdn.pixad.com.tr
1	trace.mediago.io	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	sync.taboola.com
1	s.ad.smaato.net	1 redirects
1	s.uuidksinc.net	1 redirects
1	a.c.appier.net	1 redirects
1	rtb.adentifi.com	googleads.g.doubleclick.net
1	mts0.google.com	googleads.g.doubleclick.net
1	imasdk.googleapis.com	offer01.marketinglungs.online
1	fundingchoicesmessages.google.com	s.hbrcdn.com
1	c.keltis.com	offer01.marketinglungs.online
1	cdn.p.analitik.bik.gov.tr	offer01.marketinglungs.online
0	ups.analytics.yahoo.com Failed
0	sync.ipredictive.com Failed
0	match.sharethrough.com Failed
0	aax-eu.amazon-adsystem.com Failed
0	s.amazon-adsystem.com Failed
0	id.ad-plus.com.tr Failed	static.pixad.com.tr
0	58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr Failed	cdn.p.analitik.bik.gov.tr
0	d.haberler.com Failed	s.hbrcdn.com
248	70

This site contains links to these domains. Also see Links.

Domain
www.haberler.com
kuponkodu.haberler.com
portal.haberler.com
news.google.com
s.hbrcdn.com
www.facebook.com
twitter.com
instagram.com
www.linkedin.com
wa.me
assistant.google.com
open.spotify.com
rss.haberler.com
tr.wikipedia.org
www.youtube.com
www.tiktok.com
t.me
www.dailymotion.com
apps.apple.com
play.google.com
appgallery.cloud.huawei.com
www.yenimedya.com.tr

Subject Issuer	Validity	Valid
offer01.marketinglungs.online R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
s.hbrcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-19` - `2024-04-21`	a year	crt.sh
i.hbrcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-19` - `2024-04-21`	a year	crt.sh
*.p.analitik.bik.gov.tr RapidSSL TLS RSA CA G1	`2023-05-08` - `2024-05-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
c.keltis.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
*.haberler.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-02` - `2024-05-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
bs.serving-sys.com Amazon RSA 2048 M02	`2023-10-23` - `2024-11-21`	a year	crt.sh
secure-ds.serving-sys.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
lm.serving-sys.com Amazon RSA 2048 M01	`2023-09-26` - `2024-10-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
static.cdn.pixad.com.tr E1	`2023-10-22` - `2024-01-20`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.programattik.com GeoTrust TLS RSA CA G1	`2023-10-09` - `2024-10-08`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-09-24` - `2024-03-24`	6 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
rtb.pixad.com.tr E1	`2023-10-06` - `2024-01-04`	3 months	crt.sh
ssp-service.pixad.com.tr E1	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
static.pixad.com.tr E1	`2023-10-22` - `2024-01-20`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://offer01.marketinglungs.online/
Frame ID: 9340D23A7A128F92965A32E3B4553B21
Requests: 153 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: A88A7ADEB7633E81E898A2198244BB3A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=3306703199&adf=102118559&pi=t.ma~as.1703841254&w=160&lmt=1701553926&format=160x600&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926403&bpp=4&bdt=2778&idt=207&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=2970609412432&frm=20&pv=2&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2538&ady=571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=240
Frame ID: D9EA10E3356A394E5B143C70C9BEFAB0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=5852669271&adk=3940990908&adf=239664097&pi=t.ma~as.5852669271&w=160&lmt=1701553926&format=160x600&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926407&bpp=1&bdt=2781&idt=245&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1302&ady=571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=261
Frame ID: 8BE5E2ED491686CE9F0A054FDEBBEF70
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_NP_160x600_Right&adk=1814655476&adf=3764644489&pi=t.ma~as.Haberler_Desktop_NP_&w=160&lmt=1701553926&format=160x600&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926408&bpp=1&bdt=2782&idt=269&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2538&ady=587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=291
Frame ID: 6D665B5E730F304994A34512F3F6D00C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_NP_160x600_Left&adk=3155050290&adf=4227539296&pi=t.ma~as.Haberler_Desktop_NP_&w=160&lmt=1701553926&format=160x600&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926409&bpp=1&bdt=2783&idt=295&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1302&ady=587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=304
Frame ID: 26FD01E85FBEDB5ECA203616A28AB1F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_NP_300x600&adk=3058873058&adf=1135770216&pi=t.ma~as.Haberler_Desktop_NP_&w=300&lmt=1701553926&format=300x600&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926409&bpp=1&bdt=2784&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600%2C160x600&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2210&ady=591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=346
Frame ID: C2094688E7C12D229E52CDFC7AC9D192
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7367856165470296&output=html&h=400&slotname=1990751828&adk=3248589758&adf=2561670484&pi=t.ma~as.1990751828&w=680&lmt=1701553926&rafmt=12&format=680x400&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926410&bpp=1&bdt=2784&idt=354&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600%2C160x600%2C300x600&correlator=2970609412432&frm=20&pv=2&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1480&ady=2468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=1&fsb=1&dtd=360
Frame ID: 0DCD7C7EE38B7231BB50791BD4929ADC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&adk=1812271804&adf=3025194257&lmt=1701553926&plat=2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l&format=0x0&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926455&bpp=2&bdt=2829&idt=319&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600%2C160x600%2C300x600%2C680x400&nras=1&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&fsb=1&dtd=378
Frame ID: 039434A29C4DA9938895F35B21B04578
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=2364769965&adf=3412635188&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1701553926&format=336x280&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926457&bpp=1&bdt=2831&idt=391&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600%2C160x600%2C300x600%2C680x400%2C0x0&nras=1&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1832&ady=3198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=2&fsb=1&dtd=405
Frame ID: 997C00EE5A1AC757BA8DF1EEC4DB7841
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B5AFAE17BE01D6DD995088E0A1023EB2
Requests: 9 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/index.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Frame ID: D03102426A35400888F9F406077FE133
Requests: 33 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F4D8A844F2C12D28729313C392A4625D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E82D056954F8B86B44CCF7FD1EE4E307
Requests: 2 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Frame ID: 3B601207DB5F208132522204F7178E47
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: B631E494A51D573AA08AFAC1FEF91EEE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 8DC187BFFE21689E8CFDC73D62AD4B41
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7F9D3AF436831A9EE7C0327A33E7928F
Requests: 19 HTTP requests in this frame

Frame: https://cpm.programattik.com/user-synced?zone=921&uid=T4976103011441001642
Frame ID: 59579CC3FEBD12F9133BF59E7284301D
Requests: 4 HTTP requests in this frame

Frame: https://cpm.programattik.com/user-sync?zone=924&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D924%26uid%3D%7BUID%7D
Frame ID: 4D4017515BD6F57F065002A12A2233F3
Requests: 3 HTTP requests in this frame

Frame: https://cpm.programattik.com/user-synced?zone=920&uid=T3077114811835336525
Frame ID: 8EEFEDF7C96545B946B0902A0FD59866
Requests: 4 HTTP requests in this frame

Frame: https://static.pixad.com.tr/sync.html
Frame ID: 916B3DDF38182B5706C144E4417EE86C
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=offer01.marketinglungs.online
Frame ID: CFB51A0688CFCCEEB4562D8325452BCE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sakatlıkların bir türlü peşini bırakmadığı Arda'dan haber var - Haberler

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

248
Requests

84 %
HTTPS

49 %
IPv6

43
Domains

70
Subdomains

49
IPs

7
Countries

2351 kB
Transfer

10872 kB
Size

32
Cookies

62 Outgoing links

These are links going to different origins than the main page.

URL: https://www.haberler.com/haberler/cerez-politikasi/
Title: çerez

Search URL Search Domain Scan URL

URL: https://www.haberler.com/haberler/web-sitesi-cerez-aydinlatma-metni/
Title: Aydınlatma Metnimizi

Search URL Search Domain Scan URL

URL: https://www.haberler.com/

Search URL Search Domain Scan URL

URL: https://www.haberler.com/son-dakika/
Title: SON DAKİKA

Search URL Search Domain Scan URL

URL: https://www.haberler.com/guncel/
Title: GÜNCEL

Search URL Search Domain Scan URL

URL: https://www.haberler.com/ekonomi/
Title: EKONOMİ

Search URL Search Domain Scan URL

URL: https://www.haberler.com/magazin/
Title: MAGAZİN

Search URL Search Domain Scan URL

URL: https://www.haberler.com/spor/
Title: SPOR

Search URL Search Domain Scan URL

URL: https://www.haberler.com/dunya/
Title: DÜNYA

Search URL Search Domain Scan URL

URL: https://kuponkodu.haberler.com/
Title: KUPONLAR

Search URL Search Domain Scan URL

URL: https://portal.haberler.com/Login/?refererUrl=https://offer01.marketinglungs.online/
Title: Üye Girişi

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMNm4nwkwwIlv?hl=tr&gl=TR&ceid=TR%3Atr
Title: Abone Ol

Search URL Search Domain Scan URL

URL: https://www.haberler.com/ali-erbas/
Title: Ali Erbaş

Search URL Search Domain Scan URL

URL: https://www.haberler.com/omer-bolat/
Title: Ömer Bolat

Search URL Search Domain Scan URL

URL: https://www.haberler.com/yilmaz-tunc/
Title: Yılmaz Tunç

Search URL Search Domain Scan URL

URL: https://www.haberler.com/mansur-yavas/
Title: Mansur Yavaş

Search URL Search Domain Scan URL

URL: https://www.haberler.com/bekir-bozdag/
Title: Bekir Bozdağ

Search URL Search Domain Scan URL

URL: https://www.haberler.com/isaac-herzog/
Title: Isaac Herzog

Search URL Search Domain Scan URL

URL: https://www.haberler.com/meral-aksener/
Title: Meral Akşener

Search URL Search Domain Scan URL

URL: https://www.haberler.com/itir-esen/
Title: Itır Esen

Search URL Search Domain Scan URL

URL: https://www.haberler.com/elton-john/
Title: Elton John

Search URL Search Domain Scan URL

URL: https://www.haberler.com/can-gurzap/
Title: Can Gürzap

Search URL Search Domain Scan URL

URL: https://www.haberler.com/hande-ercel/
Title: Hande Erçel

Search URL Search Domain Scan URL

URL: https://www.haberler.com/nazan-oncel/
Title: Nazan Öncel

Search URL Search Domain Scan URL

URL: https://www.haberler.com/sinem-kobal/
Title: Sinem Kobal

Search URL Search Domain Scan URL

URL: https://www.haberler.com/taylor-swift/
Title: Taylor Swift

Search URL Search Domain Scan URL

URL: https://www.haberler.com/lugano/
Title: Lugano

Search URL Search Domain Scan URL

URL: https://www.haberler.com/muslera/
Title: Muslera

Search URL Search Domain Scan URL

URL: https://www.haberler.com/okan-buruk/
Title: Okan Buruk

Search URL Search Domain Scan URL

URL: https://www.haberler.com/fatih-tekke/
Title: Fatih Tekke

Search URL Search Domain Scan URL

URL: https://www.haberler.com/burak-yilmaz/
Title: Burak Yılmaz

Search URL Search Domain Scan URL

URL: https://www.haberler.com/abdullah-avci/
Title: Abdullah Avcı

Search URL Search Domain Scan URL

URL: https://www.haberler.com/ismail-kartal/
Title: İsmail Kartal

Search URL Search Domain Scan URL

URL: https://www.haberler.com/hava-durumu/
Title: Hava Durumu

Search URL Search Domain Scan URL

URL: https://www.haberler.com/namaz-vakitleri/
Title: Namaz Vakitleri

Search URL Search Domain Scan URL

URL: https://www.haberler.com/gamegar/
Title: Gamegar

Search URL Search Domain Scan URL

URL: https://www.haberler.com/secim/
Title: Seçim Sonuçları

Search URL Search Domain Scan URL

URL: https://www.haberler.com/sans-oyunlari/
Title: Şans Oyunları

Search URL Search Domain Scan URL

URL: https://www.haberler.com/ruya-tabirleri/
Title: Rüya Tabirleri

Search URL Search Domain Scan URL

URL: https://www.haberler.com/yemek-tarifi/
Title: Yemek Tarifleri

Search URL Search Domain Scan URL

URL: https://s.hbrcdn.com/static/kisisel-veri-sahibi-basvuru-formu.pdf
Title: Veri Sahibi Başvuru Formu

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMNm4nwkwwIlv

Search URL Search Domain Scan URL

URL: https://www.facebook.com/haberler

Search URL Search Domain Scan URL

URL: https://twitter.com/haberler

Search URL Search Domain Scan URL

URL: https://instagram.com/haberlercom

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/haberler.com/

Search URL Search Domain Scan URL

URL: https://wa.me/905495474951

Search URL Search Domain Scan URL

URL: https://assistant.google.com/services/invoke/uid/000000e94a58e27a/alm/CgTzh-CxEgIQAQ==?hl=tr

Search URL Search Domain Scan URL

URL: https://www.haberler.com/podcast/

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/7lNZfax380NS6noCicIpTr?si=fcEbMp33TOKVPox9TxWwSg

Search URL Search Domain Scan URL

URL: https://rss.haberler.com/rss.asp

Search URL Search Domain Scan URL

URL: https://tr.wikipedia.org/wiki/Haberler.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/haberlercomresmi

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@haberlercom

Search URL Search Domain Scan URL

URL: https://t.me/s/haberlercomresmi

Search URL Search Domain Scan URL

URL: https://www.dailymotion.com/haberler

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tr/app/haberler-com/id339144085

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=tr.com.yenimedya.haberler

Search URL Search Domain Scan URL

URL: https://appgallery.cloud.huawei.com/marketshare/app/C101348841

Search URL Search Domain Scan URL

URL: https://www.yenimedya.com.tr/tickets/?site=haberler&referrer=https://www.haberler.com/spor/sakatliklarin-bir-turlu-pesini-birakmadigi-arda-16582970-haberi/
Title: [Hata Bildir]

Search URL Search Domain Scan URL

URL: https://portal.haberler.com/Login/
Title: Üye Girişi

Search URL Search Domain Scan URL

URL: https://www.yenimedya.com.tr/basvuru/
Title: İnsan Kaynakları

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 107

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOSZT9LLJmXuN7-6f2eCHA0&google_cver=1&google_push=AXcoOmT3CE_Nl1kFX_7hWrF2x_Bli6xb259iaVxDH0a-T-18AavqawwQxJHVGa_yPTlNNp4C38jx1fOx0-LsBy1Ke_sjXhmIVb0 HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=2076bb9f8d04131b&is_secure=true&networkId=14000&version=1&google_gid=CAESEOSZT9LLJmXuN7-6f2eCHA0&google_cver=1&google_push=AXcoOmT3CE_Nl1kFX_7hWrF2x_Bli6xb259iaVxDH0a-T-18AavqawwQxJHVGa_yPTlNNp4C38jx1fOx0-LsBy1Ke_sjXhmIVb0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAG-wqBj_6m0ANi1cxSAAAAAAA&expiration=1701640328&google_cver=1&is_secure=true&google_gid=CAESEOSZT9LLJmXuN7-6f2eCHA0&google_push=AXcoOmT3CE_Nl1kFX_7hWrF2x_Bli6xb259iaVxDH0a-T-18AavqawwQxJHVGa_yPTlNNp4C38jx1fOx0-LsBy1Ke_sjXhmIVb0

Request Chain 109

https://a.c.appier.net/gcm?google_gid=CAESEHEi7aRJr66GtR03YlT3XOM&google_cver=1&google_push=AXcoOmQ9wQKaNRV1jSHDpp2W0PxyEC_i2BaaVnR6GnZ-liWWUKpW_5_r0_oqiL0H-VkLM6RiHhrV7rWUXGR3jN5Dn7Yy9A41y1I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LVpmUnNrSFdEZzJUMHVDb0NLZHJaUQ%3D%3D&google_push=AXcoOmQ9wQKaNRV1jSHDpp2W0PxyEC_i2BaaVnR6GnZ-liWWUKpW_5_r0_oqiL0H-VkLM6RiHhrV7rWUXGR3jN5Dn7Yy9A41y1I

Request Chain 110

https://s.uuidksinc.net/match/47/?remote_uid=CAESEASxTYAmqOYIQBUIfiuQiaE&c_param1=AXcoOmQB6liDeZUSX-2O4XZYQ2udy39ZWwtG3NoMo4B5D6Pg35_rBpSi73K8t4ppiCYhhDpuB4zSKGpxgSLCypnnQR68IpanDcIO&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQB6liDeZUSX-2O4XZYQ2udy39ZWwtG3NoMo4B5D6Pg35_rBpSi73K8t4ppiCYhhDpuB4zSKGpxgSLCypnnQR68IpanDcIO

Request Chain 111

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKwXKq-QGlQnWLRM__m1mVE&google_cver=1&google_push=AXcoOmR3Sbxj8oRDE9QrIUoKNnph_IulArMqQZzXTat14I-zUUFuxiUj5xefAdy7bA0RQFZRH8mQGYIaDKOQi6PLg3EoVmY2j436 HTTP 302
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=21a0414e51&gdpr=0&gdpr_consent=

Request Chain 112

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAqBj0_5I_s9pVOtbWmBo30&google_cver=1&google_push=AXcoOmRK3Rmy0BgjH2MwfuszWDqIfXF2KBuf3nnUZJNHq4l2fd9WPJwO07h2U-Z6f5aJEGXJ68J1zQIPirXa_iY-F-azj3saYoys HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRK3Rmy0BgjH2MwfuszWDqIfXF2KBuf3nnUZJNHq4l2fd9WPJwO07h2U-Z6f5aJEGXJ68J1zQIPirXa_iY-F-azj3saYoys&google_hm=MjQ4OTE1NTQxNzk4MDQzNjU2Mw%3D%3D

Request Chain 113

https://trace.mediago.io/cs/google?google_gid=CAESEKZ8I0lggwWoufN2HrRYeuA&google_cver=1&google_push=AXcoOmQnnMCTyEmwBJvcTxfbQCfbjofe76mg9pkKKk-DDe0u2EgXNCU8W1I2Rvl7j1yvePAm_Z3PqJImWnfOtq3rNNE0lCEPvgh2fQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQnnMCTyEmwBJvcTxfbQCfbjofe76mg9pkKKk-DDe0u2EgXNCU8W1I2Rvl7j1yvePAm_Z3PqJImWnfOtq3rNNE0lCEPvgh2fQ&google_hm=9d9fcb00f4066cff140txu00lpol9xmw

Request Chain 219

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foffer01.marketinglungs.online%2F&domain=offer01.marketinglungs.online&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Xs38M3xpT0pTVEVnNDkyNks0NFVaUEp1RVNSMk94V3NnV3F5c1ZKcjJ2bG1FeGVDOHhUdWEwRGVrQzlyeW9GWWpzWEl0cWwra2dZNVMwN3F1RTJReEFXZ1J5M0UzM0JERDFEOWNQN1dqb245MTl3YVZqRFk2UDdTYTJLVkJUeVAyeWZFYTJqUTczL2V4NmRzSmxjU09vYmR2aGFnemhYTzJETFVLcHFKdmk3TW1ES1VRUW9rWnAzZ3BPNEh2bW1JZnoxd3RlUHVGTlMrZS8vMXlBNGttS1RHbFhQYk12cVgrOEpqWW95S2lLMTU0bWtFUk5ZbE96emdaYTBpN2pESDBYeCthditkcnYvTEY3ZkZrUDVkNGgzbDBXZz09fA&cppv=2

Request Chain 237

https://an.yandex.ru/mapuid/turktelekomrtb/ HTTP 302
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=22816F12538E1162

Request Chain 238

https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D921%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D921%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=8943889173777265884 HTTP 302
https://cpm.programattik.com/user-sync?zone=921&dsp=8&t=image&uid=0ee40cbf-cf2f-5351-9e4d-55f7fb26f2fa

Request Chain 239

https://an.yandex.ru/mapuid/turktelekomrtb/ HTTP 302
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=22816F12538E1162

Request Chain 240

https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D924%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D924%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=7823609789727419562 HTTP 302
https://cpm.programattik.com/user-sync?zone=924&dsp=8&t=image&uid=0ee40cbf-cf2f-5351-9e4d-55f7fb26f2fa

Request Chain 241

https://an.yandex.ru/mapuid/turktelekomrtb/ HTTP 302
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=22816F12538E1162

Request Chain 242

https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D920%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D920%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-7337898234490049693 HTTP 302
https://cpm.programattik.com/user-sync?zone=920&dsp=8&t=image&uid=0ee40cbf-cf2f-5351-9e4d-55f7fb26f2fa

Request Chain 263

https://gum.criteo.com/sid/json?origin=publishertag&domain=marketinglungs.online&sn=ChromeSyncframe&so=0&topUrl=offer01.marketinglungs.online&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_Itc6Hx2ZUVwSmpNU0pWZHpweldrMGZ6UEhEaWxhcTY3WFZVOVJoREJIM0ZMNWYvd0lUOVNreVdERWc5bUxseDFVYmtqWlZ5aGxaSXlTaU1JNlI4QXE3NDMvLzJSUDB1RkYrcGx5RzdkUjZpMXdsckQ1QlZycm1KTUNvWmExaTFlWVRQem1RMG9tNjFRVXFaNVRERTRiZ0FpeXpMaUhwM0J4VGhBSW1mQXFyNFU4NTNsY29UdmRSbFV3Ritsd24wQVNrdEg4TC9qVmk5ZXltQlZ6OEh4UW1oRXFVY1AyNHBDN1FRSHhGVERRTDF1djB4UThvSFVCb3RKaTNkZUdHYmQwNldXcGFWakJicWVaVjVxaEo0ZENxQUpnVlNaWUY2c0gzbG1SdmMzYlNDNGdiND18&cppv=2

Request Chain 266

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fstatic.pixad.com.tr&domain=static.pixad.com.tr&bundle=&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=0HQV23xIaXlQUGhZZVdZSFYwQU5qNmNVL1FHT2p5dWZ2c0oySjRXbzJLWnNEVVNRVEprYUE3WkdvUERQMWtUNTJMVzlJU1dod25WbStyLzU4MHJIdVRPVlp3QWF6QkxTRTRCc21MVkkyNDdlR240QXhkRjVHMjN4YmFFYzdZSVhYRkZYZlNyVWRZMll0a2txSGc1MGpmT1JMV0RtRGNsaXZ2M0h0cWR2U1Y1NEVNWmppcDRLWVdsUzZzbXl6T0d2a2Z5TnBmYzc3M0xPby9oSEZqK295SWo1K1BXdmxUMEhtcGZLanNZcE9yRmg2b2VZVnRKNWE4a1RPaEdhVnZYK0N3aEpCMEdLZmJnQUZ5WXp5bUdUOXBGZjJNUjZPVlBiUkRoZDJITFIyMnBpaU5Mdz18&cppv=2

Request Chain 269

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPOLA0UJ-1F-7IAN

Request Chain 270

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LPOLA0UJ-1F-7IAN&ex=d-rubiconproject.com&status=ok

Request Chain 271

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5WpUuWq9RbaJ0WA9Ly07Kg&rk=usync-na

Request Chain 272

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEENsvtVW845naz8WLfiCFo&google_cver=1

Request Chain 274

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/dtGxdHzy2Xyf-vk2f5x4Ncn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NEh5aHNE2oKUb6kkYE_897TSbsO5t7WM_nOnmQ--~A

Request Chain 275

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=285a14f2-8c15-43fe-9b5d-4d795c724cf0&gdpr=0&gdpr_consent=&expires=30

Request Chain 276

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjBhZjY2MDE4MDRkZDAwYmI5M2I0NmM4ZDUxNTEzNTkwYTFmZDRjOA

Request Chain 277

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBPTEEwVUotMUYtN0lBTg== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOFjKEoxUArkEykj-mUSfI8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBPTEEwVUotMUYtN0lBTg==&google_push=

Request Chain 278

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEPTE7K104AABZ6Ubb8zw&expires=30

Request Chain 279

https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPOLA0UJ-1F-7IAN

Request Chain 281

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPOLA0UJ-1F-7IAN&redir=true

248 HTTP transactions
42 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
offer01.marketinglungs.online/ 78 KB
17 KB 1035ms
838ms Document
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx / PHP/8.0.30 PleskLin
Resource Hash: 7a661914044f0f673b117d130630c1b0dcd94601b3bcd336bc7b7d99986d3338

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 21:52:03 GMT
server: nginx
x-powered-by: PHP/8.0.30 PleskLin

GET
H2 200 cookieconsent.js Show response
s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/ 101 KB
24 KB 924ms
547ms Script
application/javascript 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: af9899a393c086ef1507641bc6ed14e6d86f6478d6d1fbd701598918a24b0df8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 456380
x-powered-by: ASP.NET
x-midtier: de-fra-dp-s02
x-cache-status: HIT
server: MerlinCDN
etag: W/"4d95b6d5ae46d91:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
s.hbrcdn.com/mstatic/assets/js/ 132 KB
47 KB 968ms
592ms Script
application/javascript 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/js/jquery-3.6.0.min.js?v=88
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: 673313e96a0534f9af92ca33def0f1116ba8935661c63ff6f644303cc3f2e834

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 456380
x-powered-by: ASP.NET
x-midtier: de-fra-lea-s01
x-cache-status: HIT
server: MerlinCDN
etag: W/"83d7f5f2a21da1:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 general.min.css
s.hbrcdn.com/mstatic/assets/css/ 298 KB
57 KB 671ms
295ms Stylesheet
text/css 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100400
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: c08460d7dd465cdfe32fe4d47eec5e648cfbb65cf91a52bca93328a6df0ed8b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 212948
x-powered-by: ASP.NET
x-midtier: de-fra-dp-s02
x-cache-status: HIT
server: MerlinCDN
etag: W/"6ba8b52bc922da1:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 header.css
s.hbrcdn.com/mstatic/assets/css/ 15 KB
3 KB 530ms
154ms Stylesheet
text/css 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100400
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: 7ab1ddc9fb494d565a1526c1d56cd90495b3e680abdad7ff4cb2f58d7e516882

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 212948
x-powered-by: ASP.NET
x-midtier: de-fra-lea-s01
x-cache-status: HIT
server: MerlinCDN
etag: W/"649eee5ffb21da1:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 responsive.css
s.hbrcdn.com/mstatic/assets/css/ 139 KB
29 KB 853ms
478ms Stylesheet
text/css 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/css/responsive.css?v=100400
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: 74060c2cee39f6cd2b8e3391da6498ac183035f1ae83d53e9c535fe9fffbb734

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 212948
x-powered-by: ASP.NET
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
server: MerlinCDN
etag: W/"c5501d2bc922da1:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haberler-logo.svg
s.hbrcdn.com/static/img/tasarim/ 3 KB
2 KB 1008ms
632ms Image
image/svg+xml 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/static/img/tasarim/haberler-logo.svg
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: b6d5ce14b069d40cb5859aa9fdeeb16368192644526d6353cf773f040edc9ad3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
server: MerlinCDN
age: 456380
etag: W/"d0e022c5def2d51:0"
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: de-fra-dp-s02
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
allow: GET, HEAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haberler-logo.png
s.hbrcdn.com/mstatic/assets/img/ 5 KB
6 KB 149ms
148ms Image
image/png 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/haberler-logo.png
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: 8e2c49db07018a59ab49b67849718cd1cfe72bec77de478771f5e70a7327cb88

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
age: 456380
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: de-fra-lea-s01
content-length: 5417
server: MerlinCDN
etag: "c9b327ec6b9d71:0"
allow: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-header-search.png
s.hbrcdn.com/mstatic/assets/img/ 1 KB
1 KB 150ms
146ms Image
image/png 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/icon-header-search.png
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: 8ab35ac6bc54b61452906c1c99641547a8ea08869d7d25b6f7baa872009035f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
age: 456379
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: nl-naw-ws-s08
content-length: 1141
server: MerlinCDN
etag: "541f49ec6b9d71:0"
allow: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sakatliklarin-bir-turlu-pesini-birakmadigi-arda-16582971_4828_o.jpg
i.hbrcdn.com/haber/2023/11/30/ 33 KB
33 KB 691ms
284ms Image
image/jpeg 77.223.135.226
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.hbrcdn.com/haber/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-arda-16582971_4828_o.jpg
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.135.226 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 4d1384b647f253b924594830c31e53ee5af63dda537e4a0ea185784267f7c19f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
server: MerlinCDN
age: 198775
x-powered-by: ASP.NET
x-cache-status: HIT
allow: GET, HEAD
x-midtier: tr-ist-sh-s10
content-type: image/jpeg
access-control-allow-origin: *
x-edge: tr-izm-nt-s09
cache-control: max-age=864560
part: netrs
accept-ranges: bytes
content-length: 33528

GET
H2 404 1x1.gif
offer01.marketinglungs.online/ 808 B
808 B 73ms
69ms Image
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer01.marketinglungs.online/1x1.gif
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
content-encoding: br
last-modified: Sat, 02 Dec 2023 13:44:24 GMT
server: nginx
etag: W/"328-60b87153a3702"
content-type: text/html

GET
H2 200 advertisement.gif
s.hbrcdn.com/static/reklam/ 95 B
399 B 145ms
144ms Image
image/gif 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/static/reklam/advertisement.gif?ads=1
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: 51b42074adc78d3a6e9e45b60e8f366ed5dc028a84e4bbcf7811e7d42e188510

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
age: 456380
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: de-fra-dp-s02
content-length: 95
server: MerlinCDN
etag: "379128da78d7d51:0"
allow: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haber-detay.js Show response
s.hbrcdn.com/mstatic/js/ 74 KB
19 KB 155ms
154ms Script
application/javascript 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/js/haber-detay.js?v=2.800
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: 47e6de7aa7cb396d543583e8870c8fc721d7a1f7105421d10e9967b67e72a4df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 200642
x-powered-by: ASP.NET
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
server: MerlinCDN
etag: W/"9e25d3ed9423da1:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tracker1.js Show response
cdn.p.analitik.bik.gov.tr/ 34 KB
34 KB 1247ms
383ms Script
text/plain 77.92.138.125
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.92.138.125 Istanbul, Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS: static-125-138-92-77.sadecehosting.com
Software: MerlinCDN /
Resource Hash: 275ae68d7e6a744bfa1bfb3d8fd72518dc3144a5d2e9c67c380f640b9c5305d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:05 GMT
via: HTTP/2.0 Merlin CDN
server: MerlinCDN
age: 148
x-midtier: tr-ist-sh-s03
x-cache-status: HIT
access-control-max-age: 2592000
access-control-allow-methods: OPTIONS, GET, POST
access-control-allow-origin: *
x-edge: tr-ist-sh-s07
allow: GET, HEAD
cache-control: max-age=3600

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 418 KB
94 KB 208ms
93ms Script
application/javascript 2607:f8b0:4023:1::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSKB5QB

Requested by

Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1::61 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e50125f4db9ce6fdcbe37c5c16dae37f0aea8d9faa90d41ed46dade88d361ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95673
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Dec 2023 21:52:04 GMT

POST
H2 200 c.aspx Show response
c.keltis.com/ 0
144 B 1067ms
184ms XHR
application/x-javascript 212.68.47.11
EQUINIX

General

Check archive.org

Show headers Download Go to

Full URL: https://c.keltis.com/c.aspx?
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.68.47.11 , Turkey, ASN15830 (EQUINIX, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: private, max-age=86400
content-length: 0

GET
H2 200 spdx.js Show response
s.hbrcdn.com/mstatic/assets/js/ 12 KB
5 KB 150ms
148ms Script
application/javascript 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/assets/js/spdx.js?v=0
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: a79f658e21388c2f1c9237816ccb4d86b311b7a97420c764d5c8beddd53f3e9b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 456338
x-powered-by: ASP.NET
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
server: MerlinCDN
etag: W/"bf3bbc9eccb7d81:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 187ms
56ms Script
text/javascript 2607:f8b0:4024:c01::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::64 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 20:00:59 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6665
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 02 Dec 2023 22:00:59 GMT

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 404 1x1.gif
offer01.marketinglungs.online/ 808 B
808 B 73ms
72ms Image
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer01.marketinglungs.online/1x1.gif
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
content-encoding: br
last-modified: Sat, 02 Dec 2023 13:44:24 GMT
server: nginx
etag: W/"328-60b87153a3702"
content-type: text/html

GET
H2 200 searchbar-icon.png
s.hbrcdn.com/mstatic/assets/img/ 995 B
1 KB 145ms
145ms Image
image/png 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/searchbar-icon.png
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100400
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: 2a689ccabc2668e13126715b0b9ea6829af15218f5445e6f595c3a04c8f8276c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
age: 456379
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: de-fra-lea-s01
content-length: 995
server: MerlinCDN
etag: "fcb7aaec6b9d71:0"
allow: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search-icon.svg
www.haberler.com/mstatic/assets/img/ 608 B
750 B 423ms
137ms Image
image/svg+xml 195.181.165.140
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haberler.com/mstatic/assets/img/search-icon.svg

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100400

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.165.140 London, United Kingdom, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-165-181-195-140.datapacket.com

Software

MerlinCDN / ASP.NET

Resource Hash

73c379d75be2202585d1f33f3c8047654e4f0ad9911e0eae1de2df5d1ee168f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.hbrcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:05 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
content-encoding: gzip
age: 477437
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: nl-naw-ws-s08
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 08:50:33 GMT
server: MerlinCDN
etag: W/"fcb7aaec6b9d71:0"
allow: GET, HEAD
content-type: image/svg+xml
x-edge: gb-lon-dp-s03
cache-control: max-age=10454400
expires: Wed, 27 Mar 2024 09:14:48 GMT

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 i-time.svg
s.hbrcdn.com/mstatic/assets/img/ 561 B
613 B 145ms
144ms Image
image/svg+xml 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/i-time.svg
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100400
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: 22a2251d406dde7956601090cefa2f2280bbc168d0c6d1ed76caa4f93967e881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
server: MerlinCDN
age: 456283
etag: W/"5d7a2c0bb1bda1:0"
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: de-fra-dp-s02
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
allow: GET, HEAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 i-googleNews.png
s.hbrcdn.com/mstatic/assets/img/ 5 KB
6 KB 148ms
147ms Image
image/png 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/i-googleNews.png
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100400
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: ae8266b08b009d1e8a33cc15ef3836034632fd32f86a09c57bfd62eadfa85fca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
age: 456317
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: de-fra-lea-s01
content-length: 5404
server: MerlinCDN
etag: "dbaf53bebb1bda1:0"
allow: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sakatliklarin-bir-turlu-pesini-birakmadigi-arda-16582971_4828_o.jpg
i.hbrcdn.com/haber/2023/11/30/ 33 KB
33 KB 252ms
251ms Image
image/jpeg 77.223.135.226
NETDIREKT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.hbrcdn.com/haber/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-arda-16582971_4828_o.jpg
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.223.135.226 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software: MerlinCDN / ASP.NET
Resource Hash: 4d1384b647f253b924594830c31e53ee5af63dda537e4a0ea185784267f7c19f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:04 GMT
via: HTTP/2.0 Merlin CDN
server: MerlinCDN
age: 198775
x-powered-by: ASP.NET
x-cache-status: HIT
allow: GET, HEAD
x-midtier: tr-ist-sh-s10
content-type: image/jpeg
access-control-allow-origin: *
x-edge: tr-izm-nt-s09
cache-control: max-age=864560
part: netrs
accept-ranges: bytes
content-length: 33528

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AGSKWxXjiBnhdVIxfzhC0gUQPzo5qLJsy4eVGLVy4xdw4xNvKGRdKWS8LzrzJb569YdXDCxZm_Fwnum-KlbU3Z__hn8= Show response
fundingchoicesmessages.google.com/f/ 22 KB
10 KB 244ms
120ms Script
application/javascript 2607:f8b0:4023:1::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXjiBnhdVIxfzhC0gUQPzo5qLJsy4eVGLVy4xdw4xNvKGRdKWS8LzrzJb569YdXDCxZm_Fwnum-KlbU3Z__hn8=

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1::8b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a00c9034ee0a006bbcbf6330329e4385b15248468cce6ec66f4aee0487d3edf1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-GhQtj1WjbBeLLd2KtD0xLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-GhQtj1WjbBeLLd2KtD0xLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
219 B 65ms
64ms XHR
text/plain 2607:f8b0:4024:c01::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1167668152&t=event&_s=1&dl=https%3A%2F%2Foffer01.marketinglungs.online%2F&ul=en-us&de=UTF-8&dt=Sakatl%C4%B1klar%C4%B1n%20bir%20t%C3%BCrl%C3%BC%20pe%C5%9Fini%20b%C4%B1rakmad%C4%B1%C4%9F%C4%B1%20Arda%27dan%20haber%20var%20-%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Mobil%20Haber%20Detay&ea=Impression&el=Videolu%20Haber&_u=aEBAAEABEAAAACAAI~&jid=1985738062&gjid=1720271018&cid=96863363.1701553925&tid=UA-242929-3&_gid=473021874.1701553925&_r=1&_slc=1&cd6=%7CDefault%7C&cd4=Sadece%20Haberler%2CSa%C4%9Fl%C4%B1k%2CSpor%2CReal%20Madrid%2CArda%20G%C3%BCler&z=1236693931

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::64 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 63ms
63ms Image
image/gif 2607:f8b0:4024:c01::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1167668152&t=pageview&_s=2&dl=https%3A%2F%2Foffer01.marketinglungs.online%2F&ul=en-us&de=UTF-8&dt=Sakatl%C4%B1klar%C4%B1n%20bir%20t%C3%BCrl%C3%BC%20pe%C5%9Fini%20b%C4%B1rakmad%C4%B1%C4%9F%C4%B1%20Arda%27dan%20haber%20var%20-%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=&gjid=&cid=96863363.1701553925&tid=UA-242929-3&_gid=473021874.1701553925&cd6=%7CDefault%7C&cd4=Sadece%20Haberler%2CSa%C4%9Fl%C4%B1k%2CSpor%2CReal%20Madrid%2CArda%20G%C3%BCler&cd1=Spor&z=371750328

Requested by

Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::64 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:30:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
96 KB 72ms
71ms Script
application/javascript 2607:f8b0:4023:1::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1::61 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0027461b424e3121ccf1cdf583171334ad059b78de9e7c32a748e9489421df10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97911
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Dec 2023 21:52:05 GMT

GET adv.js
d.haberler.com/ 0
0

GET
H2 200 haberler.com.png
www.haberler.com/static/images/ 1 KB
1 KB 134ms
134ms Image
image/png 195.181.165.140
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haberler.com/static/images/haberler.com.png

Requested by

Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.165.140 London, United Kingdom, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-165-181-195-140.datapacket.com

Software

MerlinCDN / ASP.NET

Resource Hash

32868a1bf80d19678eb0651409c76b377427788cf2ba1dd6aefc3f0c9fdd796c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:05 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
age: 477436
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: nl-naw-ws-s08
content-length: 1086
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Jun 2021 10:59:31 GMT
server: MerlinCDN
etag: "a32ea75d9e57d71:0"
allow: GET, HEAD, POST
content-type: image/png
x-edge: gb-lon-dp-s03
cache-control: max-age=2592000
accept-ranges: bytes

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
357 B 497ms
61ms XHR
text/plain 2607:f8b0:4024:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-242929-3&cid=96863363.1701553925&jid=1985738062&gjid=1720271018&_gid=473021874.1701553925&_u=aEBAAEAAEAAAACAAI~&z=1987881676

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::9d Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 02 Dec 2023 21:52:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
264 B 160ms
63ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je3bt0v9103786146z8838813481&_p=1701553924015&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=96863363.1701553925&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701553925&sct=1&seg=0&dl=https%3A%2F%2Foffer01.marketinglungs.online%2F&dt=Sakatl%C4%B1klar%C4%B1n%20bir%20t%C3%BCrl%C3%BC%20pe%C5%9Fini%20b%C4%B1rakmad%C4%B1%C4%9F%C4%B1%20Arda%27dan%20haber%20var%20-%20Haberler&en=page_view&_fv=1&_ss=1&tfd=3030
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 68ms
67ms Ping
text/plain 2607:f8b0:4024:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FFKENFZBJW&cid=96863363.1701553925&gtm=45je3bt0v9103786146z8838813481&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c02::9d Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 258ms
85ms Image
image/gif 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-242929-3&cid=96863363.1701553925&jid=1985738062&_u=aEBAAEAAEAAAACAAI~&z=1410842505

Requested by

Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 87ms
64ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je3bt0v9103786146z8838813481&_p=1701553924015&gcd=11l1l1l1l1&dma=0&cid=96863363.1701553925&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1701553925&sct=1&seg=0&dl=https%3A%2F%2Foffer01.marketinglungs.online%2F&dt=Sakatl%C4%B1klar%C4%B1n%20bir%20t%C3%BCrl%C3%BC%20pe%C5%9Fini%20b%C4%B1rakmad%C4%B1%C4%9F%C4%B1%20Arda%27dan%20haber%20var%20-%20Haberler&_s=2&tfd=3103
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 214ms
84ms Script
text/javascript 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a31c0f521383b5af47e97dd2165a021f278415a4910b39297f83be8e2842bf7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52568
x-xss-protection: 0
server: cafe
etag: 9292012041695070560
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 21:52:06 GMT

GET
H2 404 ah_2.js
offer01.marketinglungs.online/static/js/ 0
0 78ms
75ms Script
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://offer01.marketinglungs.online/static/js/ah_2.js?v=0.02.113
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:06 GMT
content-encoding: br
last-modified: Sat, 02 Dec 2023 13:44:24 GMT
server: nginx
etag: W/"328-60b87153a3702"
content-type: text/html

GET
H2 200 icon-login.svg
s.hbrcdn.com/mstatic/assets/img/ 409 B
591 B 145ms
144ms Image
image/svg+xml 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hbrcdn.com/mstatic/assets/img/icon-login.svg
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100400
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: d7b57d66afbe39520418a8832d590f40b1c372c001acbab8cf1d67b0a40b447b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
server: MerlinCDN
age: 456379
etag: W/"85814bec6b9d71:0"
x-powered-by: ASP.NET
x-cache-status: HIT
x-midtier: nl-naw-ws-s08
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
allow: GET, HEAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 lazyload.js
offer01.marketinglungs.online/mstatic/assets/js/ 0
0 84ms
83ms Script
text/html 89.117.77.90
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://offer01.marketinglungs.online/mstatic/assets/js/lazyload.js
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.77.90 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1463663.contaboserver.net
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:06 GMT
content-encoding: br
last-modified: Sat, 02 Dec 2023 13:44:24 GMT
server: nginx
etag: W/"328-60b87153a3702"
content-type: text/html

GET
H2 200 hls.light.m.js Show response
s.hbrcdn.com/mstatic/js/ 205 KB
69 KB 155ms
155ms Script
application/javascript 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/js/hls.light.m.js
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: 059d42589e2143481e88a37bab21bcacbc5797045f9fe8c1d66fb17514186c14

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 456320
x-powered-by: ASP.NET
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
server: MerlinCDN
etag: W/"8e195e9fccb7d81:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ 4 KB
2 KB 224ms
74ms Script
text/html 3.132.70.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079874789&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&w=970&h=250&ord=_ADTIME_&z=10000
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.70.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-70-167.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a92dc734eb44af87131ac84082bbd0795faf2b35aeb5a71a613da370dee9cfa9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:06 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 1687
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST collect
58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr/api/ 0
0

GET
H/1.1 200
OK playlist.m3u8 Show response
izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/ 149 B
376 B 913ms
186ms XHR
application/vnd.apple.mpegurl 46.20.149.250
DORATELEKOM

General

Check archive.org

Show headers Download Go to

Full URL: https://izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/playlist.m3u8
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/hls.light.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.20.149.250 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS: izle.haberler.com
Software: Nimble/4.0.1-9 /
Resource Hash: 581ab691b98611e1768b91ed3dda81dd3dd021f3123c7a2cb1e6052bf991062c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 02 Dec 2023 21:52:07 GMT
Cache-Control: no-cache
Server: Nimble/4.0.1-9
Connection: Keep-Alive
Content-Length: 149
Content-Type: application/vnd.apple.mpegurl

GET
H2 200 video-ads.js Show response
s.hbrcdn.com/mstatic/scripts/ 10 KB
3 KB 182ms
134ms Script
application/javascript 185.185.51.170
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hbrcdn.com/mstatic/scripts/video-ads.js?v=46
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.51.170 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-185-51-170.hosted-by-worldstream.net
Software: MerlinCDN / ASP.NET
Resource Hash: 69243cba8f1d4cf91955556e24044c73d02285bb8e3c9166aca3a7853d5ec9d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:06 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
age: 456320
x-powered-by: ASP.NET
x-midtier: de-fra-lea-s01
x-cache-status: HIT
server: MerlinCDN
etag: W/"43e86c4ae6a4d91:0"
vary: Accept-Encoding
allow: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-edge: nl-naw-ws-s07
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ebPreServing_ndw.js Show response
secure-ds.serving-sys.com/BurstingScript/ 44 KB
13 KB 309ms
65ms Script
application/javascript 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing_ndw.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c5151b8cf46d2a6f145bed7ed4f04cc68aebcb3e53fac281810eaa53f89a6873

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:06 GMT
content-encoding: gzip
x-amz-request-id: 4CS6K6Q7SZVPKPAA
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
content-length: 12805
x-amz-id-2: qG0hGJsKTY2Durmekqk7/Vu5F5ko/mnOeC/IRfPy4SKquoXXHFv+B9RrLOLyYA7MV6gxkTTJoKE=
pragma: no-cache
last-modified: Wed, 04 Oct 2023 14:16:50 GMT
server: AmazonS3
etag: "37a6d38869955594a397c114462564b7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: rp_RtBU8EyNr4emGSWxVLusb_FHwCd8MHMg_3QF7iwBtzq-yJYCwgg==
expires: Sat, 02 Dec 2023 21:52:06 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 88ms
86ms Script
text/javascript 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d10966cd0fd6c72712c62b5ee6e4df243ee39eabc4eb00308d6cb3c246e864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137242
x-xss-protection: 0
server: cafe
etag: 18335851392494752313
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 21:52:06 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame A88A 9 KB
4 KB 207ms
58ms Document
text/html 2607:f8b0:4024:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::9b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 20318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 16:13:28 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 16:13:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 84ms
68ms Image
image/gif 2607:f8b0:4024:c01::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1167668152&t=event&_s=3&dl=https%3A%2F%2Foffer01.marketinglungs.online%2F&ul=en-us&de=UTF-8&dt=Sakatl%C4%B1klar%C4%B1n%20bir%20t%C3%BCrl%C3%BC%20pe%C5%9Fini%20b%C4%B1rakmad%C4%B1%C4%9F%C4%B1%20Arda%27dan%20haber%20var%20-%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ana%20Sayfa&ea=Impression&el=haberler_Desktop_HP_336x280_1&_u=aEBAAEABEAAAACAAI~&jid=&gjid=&cid=96863363.1701553925&tid=UA-242929-3&_gid=473021874.1701553925&cd6=%7CDefault%7C&cd4=Sadece%20Haberler%2CSa%C4%9Fl%C4%B1k%2CSpor%2CReal%20Madrid%2CArda%20G%C3%BCler&cd1=Spor&z=1501332890

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::64 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15414
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 234ms
58ms Script
text/javascript 2607:f8b0:4024:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::5f Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128095
x-xss-protection: 0
expires: Sat, 02 Dec 2023 21:52:06 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D9EA 603 B
242 B 285ms
242ms Document
text/html 2607:f8b0:4024:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=3306703199&adf=102118559&pi=t.ma~as.1703841254&w=160&lmt=1701553926&format=160x600&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926403&bpp=4&bdt=2778&idt=207&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=2970609412432&frm=20&pv=2&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2538&ady=571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=240

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::9b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:52:06 GMT
expires: Sat, 02 Dec 2023 21:52:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 180ms
68ms XHR
application/json 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba559d2e4fcccdf3b3756a53ff01e36fddc8a3566f0863e2902bf959915e6a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12064
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8BE5 603 B
236 B 363ms
317ms Document
text/html 2607:f8b0:4024:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=5852669271&adk=3940990908&adf=239664097&pi=t.ma~as.5852669271&w=160&lmt=1701553926&format=160x600&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926407&bpp=1&bdt=2781&idt=245&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1302&ady=571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=261

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::9b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:52:07 GMT
expires: Sat, 02 Dec 2023 21:52:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D66 603 B
213 B 270ms
241ms Document
text/html 2607:f8b0:4024:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_NP_160x600_Right&adk=1814655476&adf=3764644489&pi=t.ma~as.Haberler_Desktop_NP_&w=160&lmt=1701553926&format=160x600&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926408&bpp=1&bdt=2782&idt=269&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2538&ady=587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=291

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::9b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:52:06 GMT
expires: Sat, 02 Dec 2023 21:52:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 26FD 603 B
213 B 374ms
365ms Document
text/html 2607:f8b0:4024:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_NP_160x600_Left&adk=3155050290&adf=4227539296&pi=t.ma~as.Haberler_Desktop_NP_&w=160&lmt=1701553926&format=160x600&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926409&bpp=1&bdt=2783&idt=295&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1302&ady=587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=304

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::9b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:52:07 GMT
expires: Sat, 02 Dec 2023 21:52:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ 0
195 B 285ms
75ms XHR
text/plain 18.221.11.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing_ndw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.11.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-11-176.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://offer01.marketinglungs.online
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ 12 KB
5 KB 74ms
69ms Script
text/html 3.132.70.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?secCall=1&sessionid=43157034149175154&usercookie=u2=c07a1fa9-7be0-4a51-a39c-18a0fd3eaa45&c=28&cn=display&pli=1079874789&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&w=970&h=250&ord=_ADTIME_&z=10000&ccpastatus=1&gdprpurposes=847&rand=9373585107030777&vurl=$$https%3A%2F%2Foffer01.marketinglungs.online%2F$$&vurlem=2
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.70.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-70-167.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 04b88b2037b57f16cbba896afb5189fba7379438336a69cdc36e9f158ed85ccc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:06 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 4577
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C209 135 KB
40 KB 274ms
273ms Document
text/html 2607:f8b0:4024:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_NP_300x600&adk=3058873058&adf=1135770216&pi=t.ma~as.Haberler_Desktop_NP_&w=300&lmt=1701553926&format=300x600&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926409&bpp=1&bdt=2784&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600%2C160x600&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2210&ady=591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=346

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::9b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32b679dc268024db0eb471f5e2bb7f610705692d7c81e6b9eb238637a0bf1b2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40880
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:52:07 GMT
expires: Sat, 02 Dec 2023 21:52:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0DCD 603 B
218 B 81ms
80ms Document
text/html 2607:f8b0:4024:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7367856165470296&output=html&h=400&slotname=1990751828&adk=3248589758&adf=2561670484&pi=t.ma~as.1990751828&w=680&lmt=1701553926&rafmt=12&format=680x400&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926410&bpp=1&bdt=2784&idt=354&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600%2C160x600%2C300x600&correlator=2970609412432&frm=20&pv=2&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1480&ady=2468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=1&fsb=1&dtd=360

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::9b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:52:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0394 0
19 B 73ms
71ms Document
text/html 2607:f8b0:4024:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&adk=1812271804&adf=3025194257&lmt=1701553926&plat=2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l&format=0x0&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926455&bpp=2&bdt=2829&idt=319&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600%2C160x600%2C300x600%2C680x400&nras=1&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&fsb=1&dtd=378

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c09::9b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:52:06 GMT
expires: Sat, 02 Dec 2023 21:52:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
76ms Image
image/gif 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=hbHeaderInBottom&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 586ms
64ms Script
text/javascript 2607:f8b0:4024:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 21:52:07 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 997C 99 KB
35 KB 273ms
271ms Document
text/html 2607:f8b0:4024:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=2364769965&adf=3412635188&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1701553926&format=336x280&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926457&bpp=1&bdt=2831&idt=391&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600%2C160x600%2C300x600%2C680x400%2C0x0&nras=1&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1832&ady=3198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=2&fsb=1&dtd=405

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c09::9b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78aabd0f88afcf773d40ad4fdc7aa00b7dd20da3309b2011ba7848f8d4bab0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35491
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:52:07 GMT
expires: Sat, 02 Dec 2023 21:52:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 versionsOH.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/versions/ 213 B
511 B 70ms
61ms Script
application/javascript 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/versions/versionsOH.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 52c60926de4e2ecac39a3cd11b1808c425a84bd32e5b76aa0551be74a03ffdbe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:06 GMT
content-encoding: gzip
x-amz-request-id: 40MTZ8NN80F27KVV
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
content-length: 126
x-amz-id-2: eMyHcHwORrPiD8kZeVBqUaa5gKJGz4ujfWxNXvxajij+5d2HT2TOJqtVJFc8hlrguLoOSu4KL1g=
last-modified: Thu, 23 Nov 2023 13:38:49 GMT
server: AmazonS3
etag: "e8788c87ad1f5db307887d64bba4d2f6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1784920
accept-ranges: bytes
x-amz-cf-id: zxVE6VuOb-IuGz7s7b3qmsnM2850VVDOA9z_iYwqH9pFAOixpx1IEQ==

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ 13 KB
5 KB 81ms
73ms Script
text/html 3.132.70.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?secCall=1&sessionid=43157034149175154&usercookie=u2=c07a1fa9-7be0-4a51-a39c-18a0fd3eaa45&c=28&cn=display&pli=1079874789&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&w=970&h=250&ord=_ADTIME_&z=10000&ccpastatus=1&gdprpurposes=847&rand=7503762660553543&vurl=$$https%3A%2F%2Foffer01.marketinglungs.online%2F$$&vurlem=2
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.70.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-70-167.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e1c8d28729ea3d708c29245bb05a41f306f2e82ddd4e6a363ca52622969723d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:06 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 4736
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ebHtml5PoliteBanner.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ 309 KB
83 KB 74ms
70ms Script
application/javascript 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5PoliteBanner.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3d3dcb9df7355755d17d153a2b140c73bce475e8bcf4d5d8901a9947d12ff72b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:07 GMT
content-encoding: gzip
x-amz-request-id: WDREJYDBBGDRCTKV
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
content-length: 84865
x-amz-id-2: BF+itd2cUREczVyMZtBTROiA+Ez/OQcn3/UqcF7k8v1m5MWUe3VycE0RMDQmi2TiUFU0e5R1j6s=
last-modified: Thu, 23 Nov 2023 13:31:08 GMT
server: AmazonS3
etag: "2a11c5cfeeb6f587ab977f3e6ea62e90"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1784523
accept-ranges: bytes
x-amz-cf-id: gKcKmA6nqaar-iXzBuZ65jJBjslLjnT9wEhswc3v0pyXX4xWUlnaug==

GET
H2 200 versionsOH.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/versions/ 213 B
511 B 139ms
139ms Script
application/javascript 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/versions/versionsOH.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 52c60926de4e2ecac39a3cd11b1808c425a84bd32e5b76aa0551be74a03ffdbe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:07 GMT
content-encoding: gzip
x-amz-request-id: 40MTZ8NN80F27KVV
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
content-length: 126
x-amz-id-2: eMyHcHwORrPiD8kZeVBqUaa5gKJGz4ujfWxNXvxajij+5d2HT2TOJqtVJFc8hlrguLoOSu4KL1g=
last-modified: Thu, 23 Nov 2023 13:38:49 GMT
server: AmazonS3
etag: "e8788c87ad1f5db307887d64bba4d2f6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1784919
accept-ranges: bytes
x-amz-cf-id: zxVE6VuOb-IuGz7s7b3qmsnM2850VVDOA9z_iYwqH9pFAOixpx1IEQ==

GET
H/1.1 200
OK chunk.m3u8 Show response
izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/ 536 B
763 B 200ms
199ms XHR
application/vnd.apple.mpegurl 46.20.149.250
DORATELEKOM

General

Check archive.org

Show headers Download Go to

Full URL: https://izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/chunk.m3u8?nimblesessionid=336433925
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/hls.light.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.20.149.250 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS: izle.haberler.com
Software: Nimble/4.0.1-9 /
Resource Hash: ea05768bcc4d81c5988df2a07e8b02ff9c1ffb6cbd077e1318b29e66fecd9663

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 02 Dec 2023 21:52:07 GMT
Cache-Control: no-cache
Server: Nimble/4.0.1-9
Connection: Keep-Alive
Content-Length: 536
Content-Type: application/vnd.apple.mpegurl

GET
H2 200 css
fonts.googleapis.com/ Frame C209 14 KB
1 KB 73ms
64ms Stylesheet
text/css 2607:f8b0:4024:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_NP_300x600&adk=3058873058&adf=1135770216&pi=t.ma~as.Haberler_Desktop_NP_&w=300&lmt=1701553926&format=300x600&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926409&bpp=1&bdt=2784&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600%2C160x600&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2210&ady=591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::5f Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 21:52:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 21:03:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 21:52:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C209 2 KB
1 KB 59ms
56ms Script
text/javascript 2607:f8b0:4024:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:23:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 07:23:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame C209 24 KB
9 KB 64ms
57ms Script
text/javascript 2607:f8b0:4024:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:40:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:40:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C209 3 KB
1 KB 74ms
69ms Script
text/javascript 2607:f8b0:4024:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:40:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:40:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C209 20 KB
8 KB 83ms
81ms Script
text/javascript 2607:f8b0:4024:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 21:52:07 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C209 202 KB
64 KB 85ms
72ms Script
text/javascript 2607:f8b0:4024:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::9b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 21:52:07 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame C209 37 KB
16 KB 186ms
54ms Script
text/javascript 2607:f8b0:4024:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:59:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 16:59:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 997C 6 KB
779 B 72ms
71ms Stylesheet
text/css 2607:f8b0:4024:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=2364769965&adf=3412635188&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1701553926&format=336x280&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926457&bpp=1&bdt=2831&idt=391&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600%2C160x600%2C300x600%2C680x400%2C0x0&nras=1&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1832&ady=3198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=2&fsb=1&dtd=405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::5f Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 21:52:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 21:26:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 21:52:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 997C 2 KB
856 B 55ms
55ms Script
text/javascript 2607:f8b0:4024:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:23:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 07:23:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 997C 24 KB
9 KB 76ms
58ms Script
text/javascript 2607:f8b0:4024:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:40:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:40:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 997C 3 KB
1 KB 83ms
67ms Script
text/javascript 2607:f8b0:4024:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:40:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:40:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 997C 20 KB
8 KB 65ms
62ms Script
text/javascript 2607:f8b0:4024:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 13:31:41 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 997C 202 KB
64 KB 68ms
65ms Script
text/javascript 2607:f8b0:4024:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::9b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 21:52:07 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 997C 37 KB
15 KB 164ms
74ms Script
text/javascript 2607:f8b0:4024:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:59:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 16:59:54 GMT

GET
H2 200 data=QP21nDQvrpwk7KU-srEWiFvIRxqt6drUciED4Qlgjx6ETFjZkiV1dEhs6c8GthuaeQoTVMolEGG4jimqp_rQyR2V0SX-l4jHy42SNYKqqwTVfm8ZjOxY6-Uzyg
mts0.google.com/vt/ Frame C209 89 KB
89 KB 249ms
72ms Image
image/png 2607:f8b0:4024:c02::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=QP21nDQvrpwk7KU-srEWiFvIRxqt6drUciED4Qlgjx6ETFjZkiV1dEhs6c8GthuaeQoTVMolEGG4jimqp_rQyR2V0SX-l4jHy42SNYKqqwTVfm8ZjOxY6-Uzyg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::64 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

5dc43a014199e20c3bce2297332063d5714004e4fc729c5ad7decff476ba00b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:07 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91016
x-xss-protection: 0
x-server-version-bin: CggIBBCIwaKrBg==
server: scaffolding on HTTPServer2
etag: 074cc6b1847f8747
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=1266
expires: Sat, 02 Dec 2023 22:13:13 GMT

GET
DATA 200
OK truncated
/ Frame C209 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C209 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B5AF 1 KB
643 B 57ms
56ms Document
text/html 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 20594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 16:08:53 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 16:08:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK n_0_0_0.ts
izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/ 208 KB
0 190ms
190ms XHR
video/mpegts 46.20.149.250
DORATELEKOM

General

Check archive.org

Show headers Download Go to

Full URL: https://izlehls.haberler.com/2023/11/30/sakatliklarin-bir-turlu-pesini-birakmadigi-ar-8597-16582970_kj_0335.mp4/n_0_0_0.ts?nimblesessionid=336433925
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/js/hls.light.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.20.149.250 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS: izle.haberler.com
Software: Nimble/4.0.1-9 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 02 Dec 2023 21:52:07 GMT
Cache-Control: no-cache
Server: Nimble/4.0.1-9
Connection: Keep-Alive
Content-Length: 602916
Content-Type: video/mpegts

GET
BLOB 200
OK 4c77199e-288c-47eb-8585-0ea63f28fa4c
https://offer01.marketinglungs.online/ 76 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://offer01.marketinglungs.online/4c77199e-288c-47eb-8585-0ea63f28fa4c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 174ee81fe3239c66218623548b7dce74bdfaebbb783c59a84826f1689a056d74

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 77329
Content-Type: text/javascript

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/8276351479982037512/ Frame 997C 57 KB
58 KB 69ms
54ms Image
image/jpeg 2607:f8b0:4024:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8276351479982037512/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb5dfa80e943ca38bdd46e50c783342d7450ecdc27ce9fb0f4ba4f21b17abf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 15:04:26 GMT
x-content-type-options: nosniff
age: 24461
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58573
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 20:35:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 15:04:26 GMT

GET
DATA 200
OK truncated
/ Frame 997C 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 URLUtil.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_117_0_0/ 7 KB
2 KB 63ms
63ms Script
application/javascript 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_117_0_0/URLUtil.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:07 GMT
content-encoding: gzip
x-amz-request-id: JJT7H3BJXKCX379A
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
content-length: 1951
x-amz-id-2: 18c+iXCDTj3aLOfW09CiiJj4hkW2vjdxjuTISmgTV2YpjXvFKGQnQq3E+9Be7kLMQKSfPeX14a8=
last-modified: Thu, 23 Nov 2023 13:31:14 GMT
server: AmazonS3
etag: "3470a076f0022d50a41874998110932e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1784369
accept-ranges: bytes
x-amz-cf-id: wlF0z7UvQpGgGIk5306xVcrLu66pmjnvyWUfHsIkcw0hOeJVIndKaA==

GET
H2 200 index.html Show response
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/ Frame D031 59 KB
17 KB 68ms
65ms Document
text/html 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/index.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5PoliteBanner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2ba02499f7b3de5f87bdcc85dbf9eee3ad1ce5813a667fecc852000c5af793dd

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: gzip
content-length: 17005
content-type: text/html
date: Sat, 02 Dec 2023 21:52:07 GMT
etag: "45a1bd95bb719aefb8f9a7a533f5c8b1"
expires: Mon, 31 Dec 2035 00:00:00 GMT
last-modified: Tue, 07 Nov 2023 15:02:34 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-cf-id: zrQZmT-BbsVQ-wrzBypijHccAGbK7b9tH1RoXqx_0Z2R8LeOzWKmqw==
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: b1.QeJn59zu8UJFgMZrnmILwMa_jHuU3

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F4D8 13 KB
5 KB 69ms
55ms Document
text/html 2607:f8b0:4024:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c02::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 78690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:00:37 GMT
expires: Sun, 01 Dec 2024 00:00:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E82D 829 B
999 B 104ms
90ms Document
text/html 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38fef29f574de08187a7106ae4c811897913ac25f71c3a04390162439319c551

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GM_SWh0Gw8CYsxD2KKfEUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-GM_SWh0Gw8CYsxD2KKfEUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:52:07 GMT
expires: Sat, 02 Dec 2023 21:52:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ebHtml5Banner.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ 302 KB
82 KB 74ms
63ms Script
application/javascript 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 30c26578fa0df200478a3fe63c5cd23995195d646707e6602ef527c0587b1695

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:07 GMT
content-encoding: gzip
x-amz-request-id: ZRTK56FXPPRH6PNG
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
content-length: 83539
x-amz-id-2: S2cP1OaYkZ8WjQSTf3DDIZvN6lYio8hjE+HHR+0/bitOwM/Dz2lMT0kOjX6Mx/UKZoBrS2x1Kqk=
last-modified: Thu, 23 Nov 2023 13:31:07 GMT
server: AmazonS3
etag: "eca8c15b68f0ca045ff477063a23db64"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1784304
accept-ranges: bytes
x-amz-cf-id: tuWjX_Tr1Ei7TmLK7y1uNJ-ke_BJNhhwnPZlDTYxt_MlKbGv3BKc0g==

GET
DATA 200
OK truncated
/ Frame C209 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc76506c14bbde915bb28360675dffe1badb633bdc22373f23cd37f3b6052923

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C209 33 KB
33 KB 188ms
71ms Font
font/woff2 2607:f8b0:4024:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c00::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:39:36 GMT
x-content-type-options: nosniff
age: 72751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 01:39:36 GMT

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame D031 139 KB
48 KB 184ms
54ms Script
text/javascript 2607:f8b0:4024:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/index.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::94 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48652
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 22:05:13 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 58ms
57ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je3bt0v9103786146&_p=1701553924015&gcd=11l1l1l1l1&dma=0&cid=96863363.1701553925&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=gA&sid=1701553925&sct=1&seg=0&dl=https%3A%2F%2Foffer01.marketinglungs.online%2F&dt=Sakatl%C4%B1klar%C4%B1n%20bir%20t%C3%BCrl%C3%BC%20pe%C5%9Fini%20b%C4%B1rakmad%C4%B1%C4%9F%C4%B1%20Arda%27dan%20haber%20var%20-%20Haberler&_s=3&tfd=5242
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 997C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e553fdc563b5f1d66512546c468631ca4b7884f21898ec5c18af891580cccd2a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5AF
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOSZT9LLJmXuN7-6f2eCHA0&google_cver=1&google_push=AXcoOmT3CE_Nl1kFX_7hWrF2x_Bli6xb259iaVxDH0a-T-18Aavqaww...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=2076bb9f8d04131b&is_secure=true&networkId=14000&version=1&google_gid=CAESEOSZT9LLJmXuN7-6f2eCHA0&google_cver=1&google_push=AXcoOmT3CE_N...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAG-wqBj_6m0ANi1cxSAAAAAAA&expiration=1701640328&google_cver=1&is_secure=true&google_gid=CAESEOSZT9LLJmXuN7-6f2eCH...

170 B
188 B

63ms
63ms

Image
image/png

173.194.209.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAG-wqBj_6m0ANi1cxSAAAAAAA&expiration=1701640328&google_cver=1&is_secure=true&google_gid=CAESEOSZT9LLJmXuN7-6f2eCHA0&google_push=AXcoOmT3CE_Nl1kFX_7hWrF2x_Bli6xb259iaVxDH0a-T-18AavqawwQxJHVGa_yPTlNNp4C38jx1fOx0-LsBy1Ke_sjXhmIVb0

Protocol

Server

173.194.209.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

vg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:08 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAG-wqBj_6m0ANi1cxSAAAAAAA&expiration=1701640328&google_cver=1&is_secure=true&google_gid=CAESEOSZT9LLJmXuN7-6f2eCHA0&google_push=AXcoOmT3CE_Nl1kFX_7hWrF2x_Bli6xb259iaVxDH0a-T-18AavqawwQxJHVGa_yPTlNNp4C38jx1fOx0-LsBy1Ke_sjXhmIVb0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 204 CookieSyncAdX
rtb.adentifi.com/ Frame B5AF 0
285 B 208ms
57ms Image
text/plain 3.81.188.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEDdD5wm9umSOI1LdH8xGRUg&google_cver=1&google_push=AXcoOmTv1xng3kTJ3yLxTpcAmME-NEv9pXA2Sj40RJ1Fe4x_nONzdqm2IfjOuaK-H-po4lpVpheC2nDg8iFgNyaZBmaGNeTXwOr6
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=2364769965&adf=3412635188&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1701553926&format=336x280&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926457&bpp=1&bdt=2831&idt=391&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600%2C160x600%2C300x600%2C680x400%2C0x0&nras=1&correlator=2970609412432&frm=20&pv=1&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1832&ady=3198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=2&fsb=1&dtd=405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.81.188.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-81-188-147.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:08 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5AF
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEHEi7aRJr66GtR03YlT3XOM&google_cver=1&google_push=AXcoOmQ9wQKaNRV1jSHDpp2W0PxyEC_i2BaaVnR6GnZ-liWWUKpW_5_r0_oqiL0H-VkLM6RiHhrV7rWUXGR3jN5Dn7Yy9A41y1I
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LVpmUnNrSFdEZzJUMHVDb0NLZHJaUQ%3D%3D&google_push=AXcoOmQ9wQKaNRV1jSHDpp2W0PxyEC_i2BaaVnR6GnZ-liWWUKpW_5_r0_oqiL0H-VkLM6RiHhrV7rWUXGR3j...

170 B
188 B

65ms
64ms

Image
image/png

173.194.209.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LVpmUnNrSFdEZzJUMHVDb0NLZHJaUQ%3D%3D&google_push=AXcoOmQ9wQKaNRV1jSHDpp2W0PxyEC_i2BaaVnR6GnZ-liWWUKpW_5_r0_oqiL0H-VkLM6RiHhrV7rWUXGR3jN5Dn7Yy9A41y1I

Protocol

Server

173.194.209.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

vg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 02 Dec 2023 21:52:08 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LVpmUnNrSFdEZzJUMHVDb0NLZHJaUQ%3D%3D&google_push=AXcoOmQ9wQKaNRV1jSHDpp2W0PxyEC_i2BaaVnR6GnZ-liWWUKpW_5_r0_oqiL0H-VkLM6RiHhrV7rWUXGR3jN5Dn7Yy9A41y1I
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 242

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5AF
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEASxTYAmqOYIQBUIfiuQiaE&c_param1=AXcoOmQB6liDeZUSX-2O4XZYQ2udy39ZWwtG3NoMo4B5D6Pg35_rBpSi73K8t4ppiCYhhDpuB4zSKGpxgSLCypnnQR68IpanDcIO&gdpr=%%GDPR%%&...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQB6liDeZUSX-2O4XZYQ2udy39ZWwtG3NoMo4B5D6Pg35_rBpSi73K8t4ppiCYhhDpuB4zSKGpxgSLCypnnQR68IpanDcIO

170 B
188 B

68ms
68ms

Image
image/png

173.194.209.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQB6liDeZUSX-2O4XZYQ2udy39ZWwtG3NoMo4B5D6Pg35_rBpSi73K8t4ppiCYhhDpuB4zSKGpxgSLCypnnQR68IpanDcIO

Protocol

Server

173.194.209.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

vg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQB6liDeZUSX-2O4XZYQ2udy39ZWwtG3NoMo4B5D6Pg35_rBpSi73K8t4ppiCYhhDpuB4zSKGpxgSLCypnnQR68IpanDcIO
date: Sat, 02 Dec 2023 21:52:08 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame B5AF
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKwXKq-QGlQnWLRM__m1mVE&google_cver=1&google_push=AXcoOmR3Sbxj8oRDE9QrIUoKNnph_IulArMqQZzXTat14I-zUUFuxiUj5xefAdy7bA0RQFZRH8mQGYIaDKOQi6PL...
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=21a0414e51&gdpr=0&gdpr_consent=

0
373 B

229ms
68ms

Image
text/plain

141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=21a0414e51&gdpr=0&gdpr_consent=
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:08 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 67521

Redirect headers

date: Sat, 02 Dec 2023 21:52:08 GMT
via: 1.1 47d67ec06257ea027f0bfa471c226c42.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: TPA52-P2
x-cache: Miss from cloudfront
location: https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=21a0414e51&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: Njti21ZP3R4NYN6pRmNzSvxDsSdo83Jd3Ds04Cy_ZV5WPm_IhMSd-w==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B5AF
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAqBj0_5I_s9pVOtbWmBo30&google_cver=1&google_push=AXcoOmRK3Rmy0BgjH2MwfuszWDqIfXF2KBuf3nnUZJNHq4l2fd9WPJwO07h2U-Z6f5aJEGXJ68J1zQ...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRK3Rmy0BgjH2MwfuszWDqIfXF2KBuf3nnUZJNHq4l2fd9WPJwO07h2U-Z6f5aJEGXJ68J1zQIPirXa_iY-F-azj3saYoys&google_hm=MjQ4OTE1NT...

170 B
232 B

66ms
63ms

Image
image/png

173.194.209.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRK3Rmy0BgjH2MwfuszWDqIfXF2KBuf3nnUZJNHq4l2fd9WPJwO07h2U-Z6f5aJEGXJ68J1zQIPirXa_iY-F-azj3saYoys&google_hm=MjQ4OTE1NTQxNzk4MDQzNjU2Mw%3D%3D

Protocol

Server

173.194.209.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

vg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRK3Rmy0BgjH2MwfuszWDqIfXF2KBuf3nnUZJNHq4l2fd9WPJwO07h2U-Z6f5aJEGXJ68J1zQIPirXa_iY-F-azj3saYoys&google_hm=MjQ4OTE1NTQxNzk4MDQzNjU2Mw%3D%3D
date: Sat, 02 Dec 2023 21:52:07 GMT
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B5AF
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEKZ8I0lggwWoufN2HrRYeuA&google_cver=1&google_push=AXcoOmQnnMCTyEmwBJvcTxfbQCfbjofe76mg9pkKKk-DDe0u2EgXNCU8W1I2Rvl7j1yvePAm_Z3PqJImWnfOtq3rNNE0lCEPv...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQnnMCTyEmwBJvcTxfbQCfbjofe76mg9pkKKk-DDe0u2EgXNCU8W1I2Rvl7j1yvePAm_Z3PqJImWnfOtq3rNNE0lCEPvgh2fQ&google_hm=9d9fcb00f406...

170 B
329 B

66ms
65ms

Image
image/png

173.194.209.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQnnMCTyEmwBJvcTxfbQCfbjofe76mg9pkKKk-DDe0u2EgXNCU8W1I2Rvl7j1yvePAm_Z3PqJImWnfOtq3rNNE0lCEPvgh2fQ&google_hm=9d9fcb00f4066cff140txu00lpol9xmw

Protocol

Server

173.194.209.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

vg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQnnMCTyEmwBJvcTxfbQCfbjofe76mg9pkKKk-DDe0u2EgXNCU8W1I2Rvl7j1yvePAm_Z3PqJImWnfOtq3rNNE0lCEPvgh2fQ&google_hm=9d9fcb00f4066cff140txu00lpol9xmw
date: Sat, 02 Dec 2023 21:52:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B5AF 0
139 B 206ms
59ms Image
text/html 173.194.209.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ld4qxHfFbNB5dutuG2Mkzijs4naR96d3bT_KkFs-E5eBWGuU7Nsq5Zj7Z-oAsoVR4X6mOACA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.209.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

vg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 997C 15 KB
16 KB 82ms
54ms Font
font/woff2 2607:f8b0:4024:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c00::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:48:54 GMT
x-content-type-options: nosniff
age: 378193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2024 12:48:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 997C 15 KB
16 KB 163ms
137ms Font
font/woff2 2607:f8b0:4024:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c00::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:44:35 GMT
x-content-type-options: nosniff
age: 72452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 01:44:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 997C 15 KB
15 KB 182ms
158ms Font
font/woff2 2607:f8b0:4024:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c00::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 04:28:47 GMT
x-content-type-options: nosniff
age: 321800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 04:28:47 GMT

GET
H2 200 970x250.html Show response
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/ Frame 3B60 3 KB
2 KB 65ms
65ms Document
text/html 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5PoliteBanner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: eaab0174d0698b264be4cfa5e242ad62d30e61cca2cfe8598a04552be818e9d3

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: gzip
content-length: 1422
content-type: text/html
date: Sat, 02 Dec 2023 21:52:07 GMT
etag: "6fcd973986f1382e6bde0c12eaf90d60"
expires: Mon, 31 Dec 2035 00:00:00 GMT
last-modified: Wed, 29 Nov 2023 08:59:19 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-cf-id: 1_xZDr_WJf_YBeXcNp8HRjWrVyOKFySBQ5UaPKYopQfrUjMJjidn7Q==
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: Y7zeIz6_aZGD.bLte4DUbp4cCOJvSxmv

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E82D 0
0 77ms
75ms Image
text/html 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=3191001187206789&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame F4D8 39 KB
15 KB 57ms
54ms Script
text/javascript 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:14:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:14:30 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3B60 236 KB
63 KB 74ms
66ms Script
text/javascript 2607:f8b0:4024:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::94 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 21:52:08 GMT

GET
H2 200 970x250.js Show response
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/ Frame 3B60 211 KB
43 KB 68ms
61ms Script
application/x-javascript 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4fe9a85e96820eb6c30f9f493d816c0684f67d467a5999eb8b9c5bc8331eae38

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: yEJ_jRCGAb31W0FIoJ7OEs1uHmy6MgFv
content-encoding: gzip
date: Sat, 02 Dec 2023 21:52:08 GMT
last-modified: Wed, 29 Nov 2023 08:59:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
etag: "56a2f7eaefe2b26b73c5b0d9070266da"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: hOkKuwoyEUMpbqR6_8GsZYT9boF9rHJnPPaR5DT9bKQfuT45rivjXw==
content-length: 43883
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 EBLoader.js Show response
secure-ds.serving-sys.com/BurstingScript/ Frame 3B60 12 KB
4 KB 79ms
72ms Script
application/javascript 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7ae0b8e3f80fd2c97dea35c4a3643b17368ea41e6e63f083065bfb2a38caf37c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:08 GMT
content-encoding: gzip
x-amz-request-id: DCC183ZXGN2QFE3D
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
content-length: 3615
x-amz-id-2: sSQF2HcxNol6fkxu3w01qY4FFOFmiRmVocbTqmONJDZpCpcjwA/vNBtXsn+w8iufycXFlp4KmK4=
pragma: no-cache
last-modified: Tue, 18 Jul 2023 10:48:48 GMT
server: AmazonS3
etag: "b92fa833b298e9df5fa8ee69009adb9a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: m6ex2py5iIvQDzol6djwdRCpIULqiLxJrQSprbAZiC7luH6gtl6fhg==
expires: Sat, 02 Dec 2023 21:52:08 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame B631 51 KB
19 KB 57ms
56ms Script
text/javascript 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:13:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:13:37 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DC1 51 KB
19 KB 58ms
57ms Script
text/javascript 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:13:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:13:37 GMT

GET
DATA 200
OK truncated
/ Frame D031 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ 0
195 B 71ms
68ms XHR
text/plain 18.221.11.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.11.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-11-176.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://offer01.marketinglungs.online
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

GET
H2 200 EB.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_179_1_0/ Frame 3B60 79 KB
28 KB 65ms
63ms XHR
application/javascript 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_179_1_0/EB.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b1f1881d36e033f8a3a3c2d76a8cee754ed1f5bf38cd2b8616489997ebd4cb0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:08 GMT
content-encoding: gzip
x-amz-request-id: HET6WJ6T0V5S175F
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
content-length: 28366
x-amz-id-2: CsyVSI7XZBwxsjO8bseknNOg16xekAkiaa0ohspBCfGi4YC1Nb+THjMg0cU3sWVIu+mwyw9fw9o=
last-modified: Thu, 23 Nov 2023 13:31:12 GMT
server: AmazonS3
etag: "1e19bdb7b58f499266826e96c99faa92"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1784405
accept-ranges: bytes
x-amz-cf-id: ijbSa7v85hfxZbt8H6vcmqL4zZU4u9_3yOK0B-6UfCITvX_Dp2D7mQ==

GET
H2 200 _2_8_aralik_hy_01.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/images/ Frame 3B60 28 KB
28 KB 71ms
65ms Image
image/png 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/images/_2_8_aralik_hy_01.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 04189eb76e9f64cfbe4887b49b259b4184306225b10139800bba7d3dce4e2151

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: eDzVzT1hsu8oglBLpEJ1Rz_jzEyfKw.T
date: Sat, 02 Dec 2023 21:52:08 GMT
last-modified: Wed, 29 Nov 2023 08:59:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
etag: "acf8cb9d657182deaee60e3a70fbcdae"
x-amz-server-side-encryption: AES256
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 28230
x-amz-cf-id: nfhCMI9Aw8sKUpvu9JALubNctoSbUIGfmAXC_tWbdb5VtB4F0A9Ptg==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 Serving Show response
bs.serving-sys.com/ 24 B
605 B 79ms
73ms XHR
text/html 3.132.70.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&dmae=0&sessionid=43157034149175154&ai=1092163815&usercookie=u2=c07a1fa9-7be0-4a51-a39c-18a0fd3eaa45&oo=0&clsrc=2&clbv=_2_250_3_0&gdprpurposes=847&dg=1078263137&sdg=1079543897&ctick=302&ord=0.4179973962746697
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5PoliteBanner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.70.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-70-167.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:08 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://offer01.marketinglungs.online
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: private
access-control-allow-credentials: true
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H2 200 adServer.bs
bs.serving-sys.com/Serving/ 0
475 B 75ms
75ms Ping
text/html 3.132.70.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&int=1092163815~~0~~1078263137~~43157034149175154^MultiBurn~0~0~01020~22^VsR~0~0~01020~309^VsRAd~0~0~01020~309^AdStart~0~0~01020~310&usercookie=u2=c07a1fa9-7be0-4a51-a39c-18a0fd3eaa45&rnd=0.7444898054226865&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5PoliteBanner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.70.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-70-167.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:08 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://offer01.marketinglungs.online
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ 0
475 B 74ms
73ms XHR
text/html 3.132.70.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&interactionsStr=$$1092163815~~0~~1078263137~~43157034149175154%5EActualSize~970x250x0x1x0000x0x0x970x250~0~01020~312$$&usercookie=u2=c07a1fa9-7be0-4a51-a39c-18a0fd3eaa45&rnd=0.9843410469669491&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5PoliteBanner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.70.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-70-167.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:08 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://offer01.marketinglungs.online
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D031 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 dev_studio_01_250_videomodule.js Show response
s0.2mdn.net/ads/studio/ Frame D031 14 KB
5 KB 56ms
55ms Script
text/javascript 2607:f8b0:4024:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/dev_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/Enabler.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c09::94 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023b881adfdfbd01a5c162f6a497f4ac793bec2dee6c664e011fe2505365af95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5140
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 22:06:19 GMT

GET
H2 200 _2_8_aralik_hy_02.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/images/ Frame 3B60 25 KB
25 KB 72ms
71ms Image
image/png 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/images/_2_8_aralik_hy_02.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 72e403d91c5872380fc6e8e7ea0271c9e745b2f580382e0bfde996c6e0169922

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: RF4HhJgkmjAcTbAXqJK53qqoXROcf4CJ
date: Sat, 02 Dec 2023 21:52:08 GMT
last-modified: Wed, 29 Nov 2023 08:59:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
etag: "627cfa8b3a633e43c826241678340dd6"
x-amz-server-side-encryption: AES256
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 25624
x-amz-cf-id: VeHlg5C7SSiWd0IDRSq0DPgvfRiZn_GKTcTWnUL98Ba4GO5wWtWXgg==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D031 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
H2 206 25_FILM_A101_81_IL_79SN_970x250_1.mp4
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/ Frame D031 4 MB
0 64ms
63ms Media
video/mp4 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/25_FILM_A101_81_IL_79SN_970x250_1.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231107/1077303147/83439122246536607/index.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: rW0EGFq_1hkw2XBXzaw00iSoESGAoU9a
date: Sat, 02 Dec 2023 21:52:08 GMT
last-modified: Tue, 07 Nov 2023 15:02:34 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
etag: "71d90a33404b640438165600954108c3"
x-amz-server-side-encryption: AES256
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-8298225/8298226
accept-ranges: bytes
x-amz-cf-id: CA7d2fJkM6i11R07C_4lfwvmGF5Fk0oOrBdh2vtaNLUlXrqRDUsvzQ==
Content-Length: 8298226
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 _2_8_aralik_hy_03.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/images/ Frame 3B60 21 KB
21 KB 120ms
120ms Image
image/png 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/images/_2_8_aralik_hy_03.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 59fe999c1a9f6631f1a9cc3d7993edfeaa79a968779626bbb4d8fcf1c85da674

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: Xf2IaSaae2qKLMCowoivY6vWWx.ptDCy
date: Sat, 02 Dec 2023 21:52:08 GMT
last-modified: Wed, 29 Nov 2023 08:59:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
etag: "476c4a6d76c2319043d5f358588c9433"
x-amz-server-side-encryption: AES256
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 21689
x-amz-cf-id: UOLJ6ZPzqIMIgBbjY1P_hA6Ln7XTGA-ix-5C8g9wPEfrLnW_YLqtIw==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D031 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F4D8 0
10 B 56ms
54ms Image
text/plain 2607:f8b0:4024:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lwKCDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4024:c02::84 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 _2_8_aralik_hy_04.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/images/ Frame 3B60 21 KB
21 KB 104ms
103ms Image
image/png 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/images/_2_8_aralik_hy_04.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: df07ccf700d212fb49981f2ead496207fd80ec648533f8b5cc9db302b13b9d0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: UoqhreBYJC5zEhJzrsi2eLoQg475xM5Q
date: Sat, 02 Dec 2023 21:52:08 GMT
last-modified: Wed, 29 Nov 2023 08:59:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
etag: "bb60a451851aa7e6e8472b1bfe6a5bc8"
x-amz-server-side-encryption: AES256
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 21527
x-amz-cf-id: w6SDqVbcB_rolFQ_ZJCMpJJ6IBmaOC010YHVMiT_4YCFMPhTBwo8AQ==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D031 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 telefonelsag11.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/images/ Frame 3B60 4 KB
4 KB 73ms
69ms Image
image/png 23.57.90.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/images/telefonelsag11.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.90.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-57-90-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0f2bb0591c3166bb83f8600b99048a3d5e25ba5dd904df5971d8e4d2da2d4b31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231129/1077327670/83943513813693941/970x250.html?v=_2_179_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: vQmyyyhtLKZ_5fC1MfyKn2gzIPRKhYaC
date: Sat, 02 Dec 2023 21:52:08 GMT
last-modified: Wed, 29 Nov 2023 08:59:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
etag: "4c996d56de86f9d875dd4c1093e9a950"
x-amz-server-side-encryption: AES256
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3657
x-amz-cf-id: SlozgNEyf6GCNTkOiXWqHn4A6sFq6IVvf6bIDwgQve-iCiOOpgEvng==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D031 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D031 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
73ms Image
text/html 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=3191001187206789&bg=!7e6l7qHNAAY3kmNgF5I7ADQBe5WfOMPLhKQLIsy2kLbOOko_XnqjPEuXi-cTRizf870iHLSXj3N0o8T0iYKZJDO_4rxrAgAAAolSAAAAC2gBB5kCyJGxvrajjsXV0gWmzp4FBXvhMLKBYCq0tngbWVd0J4cUYR6U7Wj3zjwFZPnWf6D_V1OuUMzmBiFu9tLIg1aL1ShuIgNUe6GfgZMfXgTh-XLeVeJhp8nWMdkNLUxj1TKTD-bm3TAi_d7YQ6FwTwrWFOytffBZ-8uLvrWWjRQQVF0U0_Q5bO_NZXw8SQx6jtThtLjuMvFuAsgqWQYVLr_kqBcXS10QyQ5n9JUdd7QUCnloFw51blh1t4-t-LbhBNU6YWLzj8IehVk2atnNGTxBdholoX2TUq8-YPEntg5Tt0eGm0okuEpZ2R1aP-9TvcbxzF2kPIdLmKtm0XQEF3uSyEdTfo9B6zY0kP3xFEhZj0VbcoOqL8Oy6gPX4R2EVx_TkJRzyqIQfHVLxUEbbySoDkyIb96Wzw539R7M-D_o3b2p0yhfgDHYRc0hmyA9aoDp-FfqAJIyYBBD-i_xnyQRN2GOkljqkrX5hrKpbOHOqQaDpxNWK68zntE1OfrfqgzBKgSiWd-F4N7Np_3IQPUlcSH8PLnIpETT4Bk2W9ZX1mwbp6flYEwDTCzILgeVO6Jbi5XLm40FhZXXJPU58gHv-_tI4Vvl1DQ2fO04r4ArcL3ZnYxvz8-bVuITQDQmeWEEj1WNfeuZh04x_PdT3d4GB6ETyff_O95mNhX72QcvkNc88Db92Eh46dgLJ_uebz9YQRTyZz1Rx7hv5CaFvuYCBLJa2QZ2L1DhHpG3tPfWYhHO_6Q50SWEdMRMJZ05lAf5gtYRSjGp-QVSLQKjkS3MMdmlXxlbwO56cLi2x7UK-048BQ_5k_7WOD-oMO_hjMJOfh405J1Z2d4fY7EYBpF5D_t6MLZUB-gw3ECwTNeKGePO3I_ui3DAUgPv8qg7zv48t7IbExEO8fYWXXLNqOSzj6Ctq8fDk9WaCmNLCuqo52p8Pg4pLn6MRE8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 adsbypixad.js Show response
static.cdn.pixad.com.tr/dist/ 19 KB
7 KB 135ms
53ms Script
application/javascript 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553
Requested by: Host: offer01.marketinglungs.online
URL: https://offer01.marketinglungs.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f74952253d6a5b3808b4b3a1c9854c9b1cb2b849f9f1542ce148f8ca78ffa85

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:11 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 876
cdn-storageserver: DE-51
cdn-cachedat: 12/02/2023 21:36:53
cdn-pullzone: 1145655
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 06:53:47 GMT
cdn-proxyver: 1.04
cdn-fileserver: 306
cdn-requestpullcode: 200
server: cloudflare
etag: W/"6566dffb-4c46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHSshRlY5p24cOkJijo9fdoTAQKvJ4V5rzQZFaKPFQuuOX7fCRbEV2WbBb6Tl1dOG0qNimZMvndKapJHF9Ff90ROloAbrza%2B7l6MnUPH11ZqEXviZEMH6zACzqsqqeSrJtcp9usfvrolti3zwplXyyGPA23X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=14400
cdn-requestid: 66296c63711e66f9ef82a7b18788911b
cf-ray: 82f6cba5cc117496-MIA
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 i Show response
static.cdn.pixad.com.tr/f/4327716010/ 10 KB
11 KB 335ms
157ms Fetch
application/octet-stream 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.pixad.com.tr/f/4327716010/i?v=1701553
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd7d28af9f6a20ab4e7470da46177f185920a3dcf1c4d44ca359b51738fc8595

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 975
cdn-storageserver: DE-661
cdn-cachedat: 12/02/2023 21:36:53
cdn-pullzone: 1145655
alt-svc: h3=":443"; ma=86400
content-length: 10371
last-modified: Thu, 23 Nov 2023 09:31:13 GMT
cdn-proxyver: 1.04
cdn-fileserver: 605
cdn-requestpullcode: 206
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZXZCqhVexhiOZXCIMgh4pVHJiWuFEnvANiA%2BwdI5QvHKbNhkLR9UoNQIz7c5XrrHpzykVOMHugIH93qrYIkdLU6lURMTxtUSU0vmCBlDsa1qOYFiFhtofYv3nq%2BKD7hhG9xD%2FxpacRhCGM3897q1xKLkD8R"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: b436a141b0fd9be462a5d834afa97173
accept-ranges: bytes
cf-ray: 82f6cba7487edaf5-MIA
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 i Show response
static.cdn.pixad.com.tr/f/4327716010/ 10 KB
11 KB 336ms
159ms Fetch
application/octet-stream 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.pixad.com.tr/f/4327716010/i?v=1701553
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd7d28af9f6a20ab4e7470da46177f185920a3dcf1c4d44ca359b51738fc8595

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 975
cdn-storageserver: DE-661
cdn-cachedat: 12/02/2023 21:36:53
cdn-pullzone: 1145655
alt-svc: h3=":443"; ma=86400
content-length: 10371
last-modified: Thu, 23 Nov 2023 09:31:13 GMT
cdn-proxyver: 1.04
cdn-fileserver: 605
cdn-requestpullcode: 206
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2B8M04Y1ScpaObLgEoY%2FTvj5KTnmJLgAuoRtemk8%2FZf1JFF%2FcjqlhNJRG%2BUE65td9ctj57IhpQOYaRrO9ByBrhdHeDL011SQ52xe2nPXyjwTDk%2FPzpTRcAObOYtz3pEF391iBahVQAKc6yLTJ5sK2FBPZ6Fc"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 2c1e8dc15c8f4b8b2a1ba80022fa3d84
accept-ranges: bytes
cf-ray: 82f6cba74881daf5-MIA
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 i Show response
static.cdn.pixad.com.tr/f/4327716010/ 10 KB
11 KB 226ms
50ms Fetch
application/octet-stream 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.pixad.com.tr/f/4327716010/i?v=1701553
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd7d28af9f6a20ab4e7470da46177f185920a3dcf1c4d44ca359b51738fc8595

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 975
cdn-storageserver: DE-661
cdn-cachedat: 12/02/2023 21:36:53
cdn-pullzone: 1145655
alt-svc: h3=":443"; ma=86400
content-length: 10371
last-modified: Thu, 23 Nov 2023 09:31:13 GMT
cdn-proxyver: 1.04
cdn-fileserver: 605
cdn-requestpullcode: 206
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkoGa%2FddjahJe2hLKsWNMRoCFSh33C9dbv6ZDZKiXIXnPUdMrnUkr2GhobnVUQyVR%2BPojyg7Q8HCu9Pjp2%2FpYax3g7VG9uKexK5H%2BUHMX%2BH8fl16apPaAcXKQO%2F1a%2Bp3UsGsCpMIj7%2FZWENuBHXTOj0WQ2us"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 574574e4d406e0e9c3472ab52f7b9da3
accept-ranges: bytes
cf-ray: 82f6cba74875daf5-MIA
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 i Show response
static.cdn.pixad.com.tr/f/4327716010/ 10 KB
11 KB 258ms
82ms Fetch
application/octet-stream 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.pixad.com.tr/f/4327716010/i?v=1701553
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd7d28af9f6a20ab4e7470da46177f185920a3dcf1c4d44ca359b51738fc8595

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 975
cdn-storageserver: DE-661
cdn-cachedat: 12/02/2023 21:36:53
cdn-pullzone: 1145655
alt-svc: h3=":443"; ma=86400
content-length: 10371
last-modified: Thu, 23 Nov 2023 09:31:13 GMT
cdn-proxyver: 1.04
cdn-fileserver: 605
cdn-requestpullcode: 206
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2N7s7X7OBggORxz5yYAXlCdzo%2FNj0fd8TyLebFanDlOxeMU0fTYqWngJAQGiaNvVdFQMzR%2FDaK0hUD33vg0iLiPf0gPiffwsVkDzCyeeQXWuGfL7lMEnnYEvSRRMnqRoW0trKrwhCsgumzrbP7ZXksfXrsxb"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 22ca7037a62abc155bda3f52ae75e79a
accept-ranges: bytes
cf-ray: 82f6cba74879daf5-MIA
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 i Show response
static.cdn.pixad.com.tr/f/4327716010/ 10 KB
11 KB 261ms
85ms Fetch
application/octet-stream 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.pixad.com.tr/f/4327716010/i?v=1701553
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd7d28af9f6a20ab4e7470da46177f185920a3dcf1c4d44ca359b51738fc8595

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 975
cdn-storageserver: DE-661
cdn-cachedat: 12/02/2023 21:36:53
cdn-pullzone: 1145655
alt-svc: h3=":443"; ma=86400
content-length: 10371
last-modified: Thu, 23 Nov 2023 09:31:13 GMT
cdn-proxyver: 1.04
cdn-fileserver: 605
cdn-requestpullcode: 206
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijfFS3M0Yr2j1%2BOmQ4jnGbkksENm37QyHoankS9UX%2BPmEQrEY4EEz3qPtiVHxKQXIOQG2tpqR3%2FF2e5lyPGEfM09RowNwjlQkkaLAImBjCHXAS4oYxhrDF5JbGsq9BCWaEufdyvapCHefpkagDHCr42PHKqf"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: df23db7f667af2d1b7f7de6669dda6a2
accept-ranges: bytes
cf-ray: 82f6cba7487bdaf5-MIA
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 offer01-marketinglungs-online Show response
static.cdn.pixad.com.tr/f/4327716010/ 0
900 B 204ms
203ms Fetch
text/html 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.pixad.com.tr/f/4327716010/offer01-marketinglungs-online?v=1701553
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 625
cdn-storageserver: DE-662
cdn-cachedat: 12/02/2023 21:52:11
cdn-pullzone: 1145655
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Apr 2023 11:08:02 GMT
cdn-proxyver: 1.04
cdn-fileserver: 590
cdn-requestpullcode: 200
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsFKow1H6t7sekCTbf%2BKVztL10zJZVHaFr%2BoxTvYaRkb%2BC3WHfRaah1ouUyGCLIo8gmBpLv53OygAK4%2Bt45xxUAIfAZypsSgkN0MTQSvyMq1xMuMaBaItxsWL9t88qWJ%2FUZtDCWr09xynn9stLY%2F%2FGnpEFrx"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: f9eb24e0a2eb9d1c990b7b9f9b96b666
cf-ray: 82f6cba7c966daf5-MIA
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 offer01-marketinglungs-online Show response
static.cdn.pixad.com.tr/f/4327716010/ 0
903 B 571ms
541ms Fetch
text/html 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.pixad.com.tr/f/4327716010/offer01-marketinglungs-online?v=1701553
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 625
cdn-storageserver: DE-662
cdn-cachedat: 12/02/2023 21:52:11
cdn-pullzone: 1145655
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Apr 2023 11:08:02 GMT
cdn-proxyver: 1.04
cdn-fileserver: 590
cdn-requestpullcode: 200
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jy9Jr3SoC%2FIDah5XDl3kzSEvLyV%2B6PVdmFuv%2BBs3v0Sa3vVNQPVZ5PTSzHhDXL5LZncUvuiqIEi0qU4AolY74MAl57Rw1Gq1gmWmS9%2BMfhV%2Byh4DFUT0GgBgqVWlmbhqbg%2F6Hs%2FRCmihY8ZmLKolvWJT%2BKA2"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 6ea3938b1ef1794881583614e6754839
cf-ray: 82f6cba84a42daf5-MIA
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 offer01-marketinglungs-online Show response
static.cdn.pixad.com.tr/f/4327716010/ 0
894 B 556ms
548ms Fetch
text/html 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.pixad.com.tr/f/4327716010/offer01-marketinglungs-online?v=1701553
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 625
cdn-storageserver: DE-662
cdn-cachedat: 12/02/2023 21:52:11
cdn-pullzone: 1145655
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Apr 2023 11:08:02 GMT
cdn-proxyver: 1.04
cdn-fileserver: 590
cdn-requestpullcode: 200
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nUER0fmnQozv9gPd4ytzzuUZ1qX%2FjWV4JcEdUB5ASFtVIEwjBOQ%2FjJt8G5nnOFAmYplJJd9oq4wA3gGAeEHaKzsAq27mJsIUuEK1tk2uXz3MnzIho1zwFGPxafkUBPnHJ3VXP0NXDoXrTd10vP8HF7MMwAB"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: ed4a2609e4e55bc252281c889c9767c5
cf-ray: 82f6cba85a6adaf5-MIA
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 offer01-marketinglungs-online Show response
static.cdn.pixad.com.tr/f/4327716010/ 0
904 B 578ms
556ms Fetch
text/html 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.pixad.com.tr/f/4327716010/offer01-marketinglungs-online?v=1701553
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 625
cdn-storageserver: DE-662
cdn-cachedat: 12/02/2023 21:52:11
cdn-pullzone: 1145655
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Apr 2023 11:08:02 GMT
cdn-proxyver: 1.04
cdn-fileserver: 590
cdn-requestpullcode: 200
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPuJ4x3nXSO1KBnhaSQb8V54FXr79Qt6dpDFKiC%2BV2NHKPIy9j3E7ay%2Fd3bCmBO1%2F64vhAF0cb5JF5Xr9qFFi%2FTcNHwT0LNmQ5qpEEmuMl%2FN9%2FXVk7pRWSz%2F%2Bo80NOnsWSKTD%2BEYoB0lTKUdGXuEOHA5XcQC"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 48c09760f53b4852793c406ca92e996b
cf-ray: 82f6cba89b15daf5-MIA
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 offer01-marketinglungs-online Show response
static.cdn.pixad.com.tr/f/4327716010/ 0
899 B 585ms
563ms Fetch
text/html 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.pixad.com.tr/f/4327716010/offer01-marketinglungs-online?v=1701553
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 625
cdn-storageserver: DE-662
cdn-cachedat: 12/02/2023 21:52:11
cdn-pullzone: 1145655
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Apr 2023 11:08:02 GMT
cdn-proxyver: 1.04
cdn-fileserver: 590
cdn-requestpullcode: 200
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w96nQ975qSEznHp5xdlGW85561biOHFoFm%2FugOmf5ZNpCx086%2FqCj5r3YjlqsusNxiUWVGx9vDMuf9wxDkgxUF9lw%2Fqqqc9F9FPy%2BlE61dOKR4NBX%2FIGJkQIk3sQa%2FkX0byemjojvPub0agd3zGbvKejwU4j"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: bd208b7f9f18ae9663a5b14f98b867a0
cf-ray: 82f6cba89b1cdaf5-MIA
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 prebid8.25.0.js Show response
static.cdn.pixad.com.tr/dist/ 439 KB
134 KB 46ms
43ms Script
application/javascript 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94f151a7964f65d87bcaf4b5758d541c80a8fba0bb34d8ddc5ab9f8f4122f7c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 976
age: 1290
cdn-storageserver: DE-680
cdn-cachedat: 12/01/2023 17:06:18
cdn-pullzone: 1145655
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Nov 2023 09:51:01 GMT
cdn-proxyver: 1.04
cdn-fileserver: 742
cdn-requestpullcode: 200
server: cloudflare
etag: W/"65646685-6dae9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IP7OO95DeaJpLTeDNDSDuUfdtryL1a1LacwoncfN30W8KZgnBr7KZrBdwmOe%2F1MzLtHjIatZ2tMjmAkwXLXvQJ3AIfl%2BhwhyiuhGZ7zO6rvvS0celhSwS%2FsTh9i3iIu6WnGxXdt4Y322QHTwhmekWgwHNkhB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=14400
cdn-requestid: 2472b68768de251b15dce364f2f160d5
cf-ray: 82f6cba92ad87496-MIA
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 353ms
29ms Fetch
application/json 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231202

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5a787d539cf38c44227edae3b32f9baffcccf721d2ada015b732e11bac0db170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 02 Dec 2023 21:52:12 GMT
x-content-type-options: nosniff
content-encoding: br
age: 21084
x-jsd-version: 1.0.1892
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 785
x-served-by: cache-fra-eddf8230103-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type: version
etag: W/"642-maGbSK4k2X9erGcOaUhCqMYsf3g"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
485 B 326ms
101ms Fetch
application/json 69.173.151.96
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: aa68a43e51b9ea57a5071c185941cb1957c62fa9551e537b44d6a945e14e338d

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.4.0
Content-Type: application/json
access-control-allow-origin: https://offer01.marketinglungs.online
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 477 B
1021 B 322ms
92ms Fetch
application/json 2602:803:c002:200::52
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25100&site_id=458252&zone_id=2685414&size_id=9&rp_schain=1.0,1!admatic.com.tr,adm-pub-140550463727,1,,,&eid_pubcid.org=eeee416d-ef58-46b2-ac7f-3a4dce2b1c32%5E1&rf=https%3A%2F%2Foffer01.marketinglungs.online%2F&tg_i.domain=offer01.marketinglungs.online&tg_i.page=https%3A%2F%2Foffer01.marketinglungs.online%2F&tg_i.name=https%3A%2F%2Foffer01.marketinglungs.online&tg_i.pbadslot=INS_86b23139-78db-7732-94e7-33e874b22b70&tk_flint=px_pbjs_lite_v8.25.0&l_pb_bid_id=3702d4396ec7d3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=INS_86b23139-78db-7732-94e7-33e874b22b70&m_ch_mobile=%3F0&slots=1&rand=0.5412634360817221
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5a61b567228651c8a39e04543ae547f53a033918d9fe992c55793edfe6e12ceb

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:12 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 477
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb Show response
cpm.programattik.com/ 204 B
386 B 822ms
403ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=924&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: da0a441a0f712ea0bd34d84dc2bf0aa62b7f209797560b6d14daec1117881606

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 204
content-type: application/json; charset=utf-8

POST
H2 200 hb Show response
cpm.programattik.com/ 204 B
387 B 600ms
202ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=920&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: 0c684661cbf2d9b048095c8012c485037ad53f4ac57a2109b3e8155002970ecb

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 204
content-type: application/json; charset=utf-8

POST
H2 200 hb Show response
cpm.programattik.com/ 204 B
386 B 602ms
204ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=921&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: 53df0dccf74e4bea979151e193fb73e9a06ac816529f3e3fa2361b29144f9e45

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 204
content-type: application/json; charset=utf-8

POST pb
melon.rtb.pixad.com.tr/ 0
0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
542 B 607ms
213ms Fetch 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 403 2591347 Show response
bs.yandex.ru/prebid/ 27 B
493 B 612ms
195ms Fetch
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2591347?imp-id=1&target-ref=offer01.marketinglungs.online&ssp-id=10500&ssp-cur=TRY
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:12 GMT
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 21:52:12 GMT
x-yandex-req-id: 1701553932506796-1144807965084138363900276-production-app-host-vla-pcode-279
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://offer01.marketinglungs.online
content-type: text/html; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Sat, 02 Dec 2023 21:52:12 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
192 B 542ms
149ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
208 B 468ms
61ms Fetch 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.25.0&cb=25771423069&lsavail=1

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

OPTIONS
H2 204 pb
melon.rtb.pixad.com.tr/ Frame 0
0 639ms
438ms Preflight 2606:4700:20::681a:758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://melon.rtb.pixad.com.tr/pb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://offer01.marketinglungs.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: POST
access-control-allow-origin: https://offer01.marketinglungs.online
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f6cbac5a03daf5-MIA
date: Sat, 02 Dec 2023 21:52:12 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnV3kDzUNzoxa%2BQuNYJuOwFqlOP34kNEv2t7%2BJvSDsYSWDeetNHhKbQIKAnJqmETr0bNAb4nAZH0diERMts9nsm1rqHkGc2B6LzJYEASfXObGGywcJ7c0qKZ%2B8Rijofj8ANJIzJQe6sLEukQLwa7tefdNck%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
working-on: pxd-k8s
x-powered-by: Pixad-k8s

POST
H/1.1 200
OK int Show response
lm.serving-sys.com/lm/ 0
195 B 276ms
67ms XHR
text/plain 18.221.11.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/int
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5PoliteBanner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.11.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-11-176.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://offer01.marketinglungs.online
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

OPTIONS
H2 204 pb
melon.rtb.pixad.com.tr/ Frame 0
0 175ms
171ms Preflight 2606:4700:20::681a:758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://melon.rtb.pixad.com.tr/pb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://offer01.marketinglungs.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: POST
access-control-allow-origin: https://offer01.marketinglungs.online
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f6cbaefe6cdaf5-MIA
date: Sat, 02 Dec 2023 21:52:12 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2DcEXikDkrQ%2BtoW5MYlVkUKUyuQrYyJnyl9MPQMVp1gJDSD9ONae9kehu4B367MSZF%2B93Y7ykxkgobOi%2FazOR6%2FBORjdEhqVlRSYbMRI4pcaGGA7%2B%2FBXMrwyyZdQa5JCwet34ovSf38vHk8LqXxRRmI2wQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
working-on: pxd-k8s
x-powered-by: Pixad-k8s

POST
H2 403 2591347 Show response
bs.yandex.ru/prebid/ 27 B
221 B 207ms
192ms Fetch
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2591347?imp-id=1&target-ref=offer01.marketinglungs.online&ssp-id=10500&ssp-cur=TRY
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:12 GMT
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 21:52:12 GMT
x-yandex-req-id: 1701553932710322-1273355482020757482600371-production-app-host-vla-pcode-112
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://offer01.marketinglungs.online
content-type: text/html; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Sat, 02 Dec 2023 21:52:12 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
207 B 73ms
62ms Fetch 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.25.0&cb=52836429729&lsavail=1

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
486 B 69ms
64ms Fetch
application/json 69.173.151.96
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: f8dae1e199f3902868da53b08751ce0137283a69a5a0b415ab8cbb084296c04e

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.4.0
Content-Type: application/json
access-control-allow-origin: https://offer01.marketinglungs.online
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 477 B
511 B 69ms
64ms Fetch
application/json 2602:803:c002:200::52
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25100&site_id=458252&zone_id=2685414&size_id=9&rp_schain=1.0,1!admatic.com.tr,adm-pub-140550463727,1,,,&eid_pubcid.org=eeee416d-ef58-46b2-ac7f-3a4dce2b1c32%5E1&rf=https%3A%2F%2Foffer01.marketinglungs.online%2F&tg_i.domain=offer01.marketinglungs.online&tg_i.page=https%3A%2F%2Foffer01.marketinglungs.online%2F&tg_i.name=https%3A%2F%2Foffer01.marketinglungs.online&tg_i.pbadslot=INS_a050b4ae-db3c-2dfd-f964-1e4d04b917f4&tk_flint=px_pbjs_lite_v8.25.0&l_pb_bid_id=331273b3ffece8e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=INS_a050b4ae-db3c-2dfd-f964-1e4d04b917f4&m_ch_mobile=%3F0&slots=1&rand=0.10980446152491963
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5a895cc442dae0e56223b9b1848fcc3292b360e23801953c055e0035bd78001a

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:12 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 477
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H3 204 pb Show response
melon.rtb.pixad.com.tr/ 0
579 B 618ms
618ms Fetch 2606:4700:20::681a:758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://melon.rtb.pixad.com.tr/pb

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

working-on: pxd-k8s
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Pixad-k8s
access-control-allow-methods: POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJX5IUpN8Fv9rH4D7dzkiULI33BLkiAHFpcVP07OaCtd6AeRLDW%2BTDrQrznjfnTiC436FOfvtQe0sQsP%2FzQUKccaNK0S1Krqv95XiT8ud1qVEzDqHhdcLiwT%2FPjI%2BlXI34E5Th%2FaxyX%2FC4oOOl78mFZB7OA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://offer01.marketinglungs.online
access-control-allow-credentials: true
cf-ray: 82f6cbb0182a02ed-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
541 B 282ms
278ms Fetch 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
191 B 156ms
152ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 hb Show response
cpm.programattik.com/ 206 B
388 B 200ms
196ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=924&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: 6dd150f7d1f81aff7f9166bdcd3a180a545f202c54d91140a438a61259e7894a

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 206
content-type: application/json; charset=utf-8

POST
H2 200 hb Show response
cpm.programattik.com/ 206 B
388 B 199ms
196ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=920&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: 5dd5eb02318555d9db5ff2f1f4d1e0d9c94b685f302bfc68ba93b7df01b9a6cc

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 206
content-type: application/json; charset=utf-8

POST
H2 200 hb Show response
cpm.programattik.com/ 206 B
388 B 198ms
195ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=921&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: 8004f0b0e633ad89b94118deadc491ee26c8f37a3ea335286d04c65cfba9fa55

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 206
content-type: application/json; charset=utf-8

OPTIONS
H2 204 pb
melon.rtb.pixad.com.tr/ Frame 0
0 172ms
170ms Preflight 2606:4700:20::681a:758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://melon.rtb.pixad.com.tr/pb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://offer01.marketinglungs.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: POST
access-control-allow-origin: https://offer01.marketinglungs.online
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f6cbb0489cdaf5-MIA
date: Sat, 02 Dec 2023 21:52:12 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbUEEFXvW%2B0lJO%2BSXRc442CYgNzfgiIeSzMW27XRIeruHvb9LkLsaRVuJB5%2FSzd0FsgwnOqMV1W8aHGBL8g7NILmH6AyOwB3ItKaPyZVkQcA%2F3oij282iz6kqaGQz1V%2B2Cf8KSBXqaa8G77gWqlNcvLhavM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
working-on: pxd-k8s
x-powered-by: Pixad-k8s

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
485 B 63ms
61ms Fetch
application/json 69.173.151.96
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a54f7d1e58192baa46dfe1e3d2080b8050c55bea6d271d64ed578ff9cb366b1a

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.4.0
Content-Type: application/json
access-control-allow-origin: https://offer01.marketinglungs.online
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
541 B 219ms
217ms Fetch 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 hb Show response
cpm.programattik.com/ 206 B
388 B 198ms
196ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=924&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: cec9f05e32ed5003e26b1ced0ac4945959d01b4a4e8f3f2fa0b8365dc90e34a6

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 206
content-type: application/json; charset=utf-8

POST
H2 200 hb Show response
cpm.programattik.com/ 206 B
388 B 197ms
194ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=920&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: 6b61f18c294eb966dba9d07c25d3ef56f2aca611312aa861c2c47ee696e3464d

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 206
content-type: application/json; charset=utf-8

POST
H2 200 hb Show response
cpm.programattik.com/ 206 B
388 B 197ms
195ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=921&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: 1a7ab6ae151947b7accafeaf393a17c8cde2457761989d398795cc05d997114f

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 206
content-type: application/json; charset=utf-8

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
207 B 69ms
69ms Fetch 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.25.0&cb=19982906080&lsavail=1

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
191 B 148ms
148ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3 204 pb Show response
melon.rtb.pixad.com.tr/ 0
541 B 616ms
615ms Fetch 2606:4700:20::681a:758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://melon.rtb.pixad.com.tr/pb

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

working-on: pxd-k8s
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Pixad-k8s
access-control-allow-methods: POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tx1sTPOKVaD3G6621qtGmXuMQxdhxq4HFVQUDaA1Lvc%2FEc6omNXBkoH176ip%2Fzy9pOsItgs6uO4tRkzmoo2PEa%2BSO6ttY2S4LGt90bQUPF9c7ClUtyiNBU0OyB1Yx5t%2B%2ByG6PbyZ%2BGCuOUn7qXhHEgYW6Hs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://offer01.marketinglungs.online
access-control-allow-credentials: true
cf-ray: 82f6cbb169b602ed-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400

POST
H2 403 2591347 Show response
bs.yandex.ru/prebid/ 27 B
132 B 208ms
203ms Fetch
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2591347?imp-id=1&target-ref=offer01.marketinglungs.online&ssp-id=10500&ssp-cur=TRY
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:12 GMT
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 21:52:12 GMT
x-yandex-req-id: 1701553932930843-425977839715350742800323-production-app-host-sas-pcode-530
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://offer01.marketinglungs.online
content-type: text/html; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Sat, 02 Dec 2023 21:52:12 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 60ms
58ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je3bt0v9103786146&_p=1701553924015&gcd=11l1l1l1l1&dma=0&cid=96863363.1701553925&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1701553925&sct=1&seg=0&dl=https%3A%2F%2Foffer01.marketinglungs.online%2F&dt=Sakatl%C4%B1klar%C4%B1n%20bir%20t%C3%BCrl%C3%BC%20pe%C5%9Fini%20b%C4%B1rakmad%C4%B1%C4%9F%C4%B1%20Arda%27dan%20haber%20var%20-%20Haberler&_s=4&tfd=10245
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK int Show response
lm.serving-sys.com/lm/ 0
195 B 69ms
68ms XHR
text/plain 18.221.11.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/int
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebHtml5Banner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.11.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-11-176.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://offer01.marketinglungs.online
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

GET
H2 200 all Show response
ssp-service.pixad.com.tr/impression/ 1 B
525 B 855ms
437ms XHR
text/html 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-service.pixad.com.tr/impression/all?data=eyJyZXF1ZXN0Ijp7ImN1cnJlbmN5IjoiVFJZIiwic2l6ZXMiOlsiMTYweDYwMCJdLCJwdWJsaXNoZXJOYW1lIjoib2ZmZXIwMS5tYXJrZXRpbmdsdW5ncy5vbmxpbmUiLCJiaWRkZXJzIjpbInJ1Ymljb24iLCJjcml0ZW8iLCJydGJob3VzZSIsInR1cmt0ZWxla29tIiwieWFuZGV4IiwicGl4YWQiLCJhZGYiXSwibWVkaWFUeXBlcyI6WyJuYXRpdmUiLCJ2aWRlbyIsImJhbm5lciJdLCJhZFVuaXRzIjpbIkhhYmVybGVyX0Rlc2t0b3BfTlBfMTYweDYwMF9SaWdodCJdLCJwdWJJZCI6IjQzMjc3MTYwMTAiLCJ0b2tlbiI6IklOU184NmIyMzEzOS03OGRiLTc3MzItOTRlNy0zM2U4NzRiMjJiNzAifSwicmVzcG9uc2UiOltdfQ==

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

working-on: pxd-k8s
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Pixad-k8s
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLmH8%2F6e%2BEb14aUVeUYN6dAoF8SjRuIzbAYtP7uuFJ5aSDS7JAJK5b6myOZrrawuzJATHzHUmmII3WZtQVNJ7o1PTUNmWwYjHN3m0XvFXza2rtPzXbTMEMjjoZtjVY1YLb6JKaeDg%2BHjOdX4mJpOwUF2KfD12w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-ray: 82f6cbb3bd2002ed-MIA
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 478ms
59ms Preflight
application/json 2620:100:a001::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foffer01.marketinglungs.online%2F&domain=offer01.marketinglungs.online&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://offer01.marketinglungs.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 02 Dec 2023 21:52:12 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 174026
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foffer01.marketinglungs.online%2F&domain=offer01.marketinglungs.online&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Xs38M3xpT0pTVEVnNDkyNks0NFVaUEp1RVNSMk94V3NnV3F5c1ZKcjJ2bG1FeGVDOHhUdWEwRGVrQzlyeW9GWWpzWEl0cWwra2dZNVMwN3F1RTJReEFXZ1J5M0UzM0JERDFEOWNQN1dqb245MTl3YVZqRFk2UDdTYTJLVk...

392 B
672 B

85ms
61ms

Fetch
application/json

74.119.119.139

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Xs38M3xpT0pTVEVnNDkyNks0NFVaUEp1RVNSMk94V3NnV3F5c1ZKcjJ2bG1FeGVDOHhUdWEwRGVrQzlyeW9GWWpzWEl0cWwra2dZNVMwN3F1RTJReEFXZ1J5M0UzM0JERDFEOWNQN1dqb245MTl3YVZqRFk2UDdTYTJLVkJUeVAyeWZFYTJqUTczL2V4NmRzSmxjU09vYmR2aGFnemhYTzJETFVLcHFKdmk3TW1ES1VRUW9rWnAzZ3BPNEh2bW1JZnoxd3RlUHVGTlMrZS8vMXlBNGttS1RHbFhQYk12cVgrOEpqWW95S2lLMTU0bWtFUk5ZbE96emdaYTBpN2pESDBYeCthditkcnYvTEY3ZkZrUDVkNGgzbDBXZz09fA&cppv=2

Protocol

Server

74.119.119.139 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

c9a5b6c01745dab5aa5c587505b72fb6d7a94e718a3bf9187a848c23b0089e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 583530
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://offer01.marketinglungs.online
location: https://mug.criteo.com/sid?cpp=Xs38M3xpT0pTVEVnNDkyNks0NFVaUEp1RVNSMk94V3NnV3F5c1ZKcjJ2bG1FeGVDOHhUdWEwRGVrQzlyeW9GWWpzWEl0cWwra2dZNVMwN3F1RTJReEFXZ1J5M0UzM0JERDFEOWNQN1dqb245MTl3YVZqRFk2UDdTYTJLVkJUeVAyeWZFYTJqUTczL2V4NmRzSmxjU09vYmR2aGFnemhYTzJETFVLcHFKdmk3TW1ES1VRUW9rWnAzZ3BPNEh2bW1JZnoxd3RlUHVGTlMrZS8vMXlBNGttS1RHbFhQYk12cVgrOEpqWW95S2lLMTU0bWtFUk5ZbE96emdaYTBpN2pESDBYeCthditkcnYvTEY3ZkZrUDVkNGgzbDBXZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 264746
content-length: 0
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
430 B 559ms
142ms Fetch
application/json 162.19.138.120

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 -, , ASN (),

Reverse DNS

Software

Resource Hash

1de60550f4ce94177080ca7d071c09240d5b62be4c4c4e4949bea203b851e388

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7F9D 281 B
555 B 483ms
79ms Document
text/html 23.217.173.107

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.173.107 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 02 Dec 2023 21:52:13 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user-sync Show response
cpm.programattik.com/ Frame 5957 604 B
885 B 196ms
195ms Document
text/html 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/user-sync?zone=921&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D921%26uid%3D%7BUID%7D
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: a0c1e266821b43ce48d1e4f5bdddc63193481eac6ea4f837e5c0852a30400ec5

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store
content-length: 604
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 21:52:13 GMT
server: nginx

GET
H2 200 user-sync Show response
cpm.programattik.com/ Frame 4D40 604 B
886 B 197ms
196ms Document
text/html 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/user-sync?zone=924&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D924%26uid%3D%7BUID%7D
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: 5e8d5a959eb7a0cc0895a961eed714ca1fdb17411fe415fd85d379b39aa1afe4

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store
content-length: 604
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 21:52:13 GMT
server: nginx

GET
H2 200 user-sync Show response
cpm.programattik.com/ Frame 8EEF 604 B
886 B 197ms
197ms Document
text/html 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/user-sync?zone=920&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D920%26uid%3D%7BUID%7D
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: fadd32d7f64a542eecea60bf3a1092f0a0b61717c4b298ef0a123b17a0e2d25c

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store
content-length: 604
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 21:52:13 GMT
server: nginx

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 504ms
118ms Script
text/javascript 2620:100:a001::4

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Dec 2023 21:52:13 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
191 B 150ms
149ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:13 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 403 2591347 Show response
bs.yandex.ru/prebid/ 27 B
291 B 199ms
197ms Fetch
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2591347?imp-id=1&target-ref=offer01.marketinglungs.online&ssp-id=10500&ssp-cur=TRY
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 21:52:13 GMT
x-yandex-req-id: 1701553933128371-1163216274154067896200317-production-app-host-sas-pcode-110
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://offer01.marketinglungs.online
content-type: text/html; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Sat, 02 Dec 2023 21:52:13 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
207 B 61ms
61ms Fetch 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.25.0&cb=22231075721&lsavail=1

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 hb Show response
cpm.programattik.com/ 206 B
388 B 197ms
195ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=924&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: 8f16ad983895043cfbcf3a48b2e2f0409ef3c7218f0ac51456c4f537c1e10f82

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:13 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 206
content-type: application/json; charset=utf-8

POST
H2 200 hb Show response
cpm.programattik.com/ 206 B
388 B 196ms
195ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=920&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: 095f8ebd86f4f3646e6c2e7e6647dd4d13c609dccc59f8b0a1719ec0a59e6272

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:13 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 206
content-type: application/json; charset=utf-8

POST
H2 200 hb Show response
cpm.programattik.com/ 206 B
388 B 197ms
196ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=921&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: 36fa5d7967fad1b93bfdbb5016fdbd9000639d407c6f8a2e7dc6bf544cc6c4f8

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:13 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 206
content-type: application/json; charset=utf-8

POST
H3 204 pb Show response
melon.rtb.pixad.com.tr/ 0
541 B 362ms
361ms Fetch 2606:4700:20::681a:758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://melon.rtb.pixad.com.tr/pb

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

working-on: pxd-k8s
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Pixad-k8s
access-control-allow-methods: POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YUcWzH3vAGIj8wIEAjQz%2FS7kqt67jT2fJR2aohQm%2Fi9bKQybbINDCIm9bErMSdW%2FNjuTv76P8UReSr6aiLkxWuQ9YR4DSyra589mKyDEM%2F0rfU3o5MDBVxE9YnlTGZVD0ikg8CdhzVoYsgNMUz0CTrIQkU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://offer01.marketinglungs.online
access-control-allow-credentials: true
cf-ray: 82f6cbb45e0202ed-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
541 B 224ms
224ms Fetch 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
485 B 69ms
66ms Fetch
application/json 69.173.151.96
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: c39ebca9d11f0316453a061a9ba092777904a15a204935ed2503674b30211516

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.4.0
Content-Type: application/json
access-control-allow-origin: https://offer01.marketinglungs.online
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 477 B
534 B 68ms
67ms Fetch
application/json 2602:803:c002:200::52
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25100&site_id=458252&zone_id=2685414&size_id=9&rp_schain=1.0,1!admatic.com.tr,adm-pub-140550463727,1,,,&eid_pubcid.org=eeee416d-ef58-46b2-ac7f-3a4dce2b1c32%5E1&rf=https%3A%2F%2Foffer01.marketinglungs.online%2F&tg_i.domain=offer01.marketinglungs.online&tg_i.page=https%3A%2F%2Foffer01.marketinglungs.online%2F&tg_i.name=https%3A%2F%2Foffer01.marketinglungs.online&tg_i.pbadslot=INS_83a9658a-d559-13fe-d7d1-3279f865ff5e&tk_flint=px_pbjs_lite_v8.25.0&l_pb_bid_id=94128531db6ead2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=INS_83a9658a-d559-13fe-d7d1-3279f865ff5e&m_ch_mobile=%3F0&slots=1&rand=0.8260252236997383
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 00b81270249020ab4b6675acde19b60fc5c275266b5ced0b39963f8e754a6f64

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 477
expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H3 204 pb
melon.rtb.pixad.com.tr/ Frame 0
0 435ms
434ms Preflight 2606:4700:20::681a:758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://melon.rtb.pixad.com.tr/pb

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://offer01.marketinglungs.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: POST
access-control-allow-origin: https://offer01.marketinglungs.online
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f6cbb199ce8db8-MIA
date: Sat, 02 Dec 2023 21:52:13 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iknFg8KFI1IpnLtUlfWKjVwpda1nRFDdlBmNUxP9gkx%2BraDNLU1Y0xbOOYo7Y1diBXqLTtyxUc%2FRufj6%2BxmAFl6Kmp4tcNS0S0yhh94xMG8TPcTuX7RsJty%2BiJsMciXAdjf4NFWjdTFKQfJ%2BED76Jrnfn3o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
working-on: pxd-k8s
x-powered-by: Pixad-k8s

GET
H2

200

user-sync
rtb.programattik.com/ Frame 5957
Redirect Chain

https://an.yandex.ru/mapuid/turktelekomrtb/
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=22816F12538E1162

42 B
131 B

658ms
200ms

Image
image/gif

85.111.6.50

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=22816F12538E1162
Requested by: Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=921&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D921%26uid%3D%7BUID%7D
Protocol: H2
Server: 85.111.6.50 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cpm.programattik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:14 GMT
cache-control: no-store
server: nginx
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sat, 02 Dec 2023 21:52:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=22816F12538E1162
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 02 Dec 2023 21:52:13 GMT

GET
H2

200

user-sync
cpm.programattik.com/ Frame 5957
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D921%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D921%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=8943889173777265884
https://cpm.programattik.com/user-sync?zone=921&dsp=8&t=image&uid=0ee40cbf-cf2f-5351-9e4d-55f7fb26f2fa

42 B
208 B

197ms
197ms

Image
image/gif

85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cpm.programattik.com/user-sync?zone=921&dsp=8&t=image&uid=0ee40cbf-cf2f-5351-9e4d-55f7fb26f2fa
Requested by: Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=921&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D921%26uid%3D%7BUID%7D
Protocol: H2
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cpm.programattik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:13 GMT
cache-control: no-store
server: nginx
content-length: 42
content-type: image/gif

Redirect headers

location: https://cpm.programattik.com/user-sync?zone=921&dsp=8&t=image&uid=0ee40cbf-cf2f-5351-9e4d-55f7fb26f2fa
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

user-sync
rtb.programattik.com/ Frame 4D40
Redirect Chain

https://an.yandex.ru/mapuid/turktelekomrtb/
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=22816F12538E1162

42 B
0

632ms
199ms

Image
image/gif

85.111.6.50

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=22816F12538E1162
Requested by: Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=924&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D924%26uid%3D%7BUID%7D
Protocol: H2
Server: 85.111.6.50 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cpm.programattik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:14 GMT
cache-control: no-store
server: nginx
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sat, 02 Dec 2023 21:52:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=22816F12538E1162
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 02 Dec 2023 21:52:13 GMT

GET
H2

200

user-sync
cpm.programattik.com/ Frame 4D40
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D924%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D924%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=7823609789727419562
https://cpm.programattik.com/user-sync?zone=924&dsp=8&t=image&uid=0ee40cbf-cf2f-5351-9e4d-55f7fb26f2fa

42 B
208 B

199ms
199ms

Image
image/gif

85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cpm.programattik.com/user-sync?zone=924&dsp=8&t=image&uid=0ee40cbf-cf2f-5351-9e4d-55f7fb26f2fa
Requested by: Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=924&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D924%26uid%3D%7BUID%7D
Protocol: H2
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cpm.programattik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:13 GMT
cache-control: no-store
server: nginx
content-length: 42
content-type: image/gif

Redirect headers

location: https://cpm.programattik.com/user-sync?zone=924&dsp=8&t=image&uid=0ee40cbf-cf2f-5351-9e4d-55f7fb26f2fa
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

user-sync
rtb.programattik.com/ Frame 8EEF
Redirect Chain

https://an.yandex.ru/mapuid/turktelekomrtb/
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=22816F12538E1162

42 B
131 B

633ms
201ms

Image
image/gif

85.111.6.50

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=22816F12538E1162
Requested by: Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=920&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D920%26uid%3D%7BUID%7D
Protocol: H2
Server: 85.111.6.50 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cpm.programattik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:14 GMT
cache-control: no-store
server: nginx
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sat, 02 Dec 2023 21:52:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=22816F12538E1162
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 02 Dec 2023 21:52:13 GMT

GET
H2

200

user-sync
cpm.programattik.com/ Frame 8EEF
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D920%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D920%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-7337898234490049693
https://cpm.programattik.com/user-sync?zone=920&dsp=8&t=image&uid=0ee40cbf-cf2f-5351-9e4d-55f7fb26f2fa

42 B
208 B

199ms
198ms

Image
image/gif

85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cpm.programattik.com/user-sync?zone=920&dsp=8&t=image&uid=0ee40cbf-cf2f-5351-9e4d-55f7fb26f2fa
Requested by: Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=920&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D920%26uid%3D%7BUID%7D
Protocol: H2
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cpm.programattik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:13 GMT
cache-control: no-store
server: nginx
content-length: 42
content-type: image/gif

Redirect headers

location: https://cpm.programattik.com/user-sync?zone=920&dsp=8&t=image&uid=0ee40cbf-cf2f-5351-9e4d-55f7fb26f2fa
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 all Show response
ssp-service.pixad.com.tr/impression/ 1 B
304 B 435ms
434ms XHR
text/html 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-service.pixad.com.tr/impression/all?data=eyJyZXF1ZXN0Ijp7ImN1cnJlbmN5IjoiVFJZIiwic2l6ZXMiOlsiMTYweDYwMCJdLCJwdWJsaXNoZXJOYW1lIjoib2ZmZXIwMS5tYXJrZXRpbmdsdW5ncy5vbmxpbmUiLCJiaWRkZXJzIjpbInJ1Ymljb24iLCJjcml0ZW8iLCJydGJob3VzZSIsInR1cmt0ZWxla29tIiwieWFuZGV4IiwicGl4YWQiLCJhZGYiXSwibWVkaWFUeXBlcyI6WyJuYXRpdmUiLCJ2aWRlbyIsImJhbm5lciJdLCJhZFVuaXRzIjpbIkhhYmVybGVyX0Rlc2t0b3BfTlBfMTYweDYwMF9MZWZ0Il0sInB1YklkIjoiNDMyNzcxNjAxMCIsInRva2VuIjoiSU5TX2EwNTBiNGFlLWRiM2MtMmRmZC1mOTY0LTFlNGQwNGI5MTdmNCJ9LCJyZXNwb25zZSI6W119

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

working-on: pxd-k8s
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Pixad-k8s
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jamJ2y0abOCkjV15bXE%2BhbEj3gOR%2FDObwM6pD04Fxk5MOM7%2BLjbWVAHMFH3%2BxABeD6%2FgmV7K%2FZfEbs0pQzqlrnjO91GHQLa6mITU3MeRaSroZjwVnlRIbUkguqrWI3u3%2FqsxwhZ16tzKBrYPnEowImbLbF5ogg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-ray: 82f6cbb44dfe02ed-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7F9D 46 KB
13 KB 82ms
82ms Script
text/html 23.217.173.107

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.173.107 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 967955e0fe2f5def1affe5e2189e858bf82c9f989074b242dcb5643e42912101

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 21:52:13 GMT
Content-Encoding: gzip
Last-Modified: Sat, 02 Dec 2023 18:12:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73238
Connection: keep-alive
Content-Length: 13236
Expires: Sun, 03 Dec 2023 18:12:51 GMT

OPTIONS
H3 204 pb
melon.rtb.pixad.com.tr/ Frame 0
0 171ms
170ms Preflight 2606:4700:20::681a:758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://melon.rtb.pixad.com.tr/pb

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://offer01.marketinglungs.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: POST
access-control-allow-origin: https://offer01.marketinglungs.online
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f6cbb46e628db8-MIA
date: Sat, 02 Dec 2023 21:52:13 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VxnKKh3HfyncIUY94OAeHtD7ehpC%2BO66NDFi2w5YgEBZRImXb%2B0iyO9UgSki5neVZM9Oo00uUSTCMkEcKu2fQGEERXpIZqsCoI0cz44Wm4XJtYCqeVN8Vy0iHGd%2FYNj66WDDfMoxIOKGUzYm%2BC5VIkNORc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
working-on: pxd-k8s
x-powered-by: Pixad-k8s

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
207 B 61ms
60ms Fetch 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.25.0&cb=11064803218&lsavail=1

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H3 204 pb Show response
melon.rtb.pixad.com.tr/ 0
542 B 346ms
345ms Fetch 2606:4700:20::681a:758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://melon.rtb.pixad.com.tr/pb

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

working-on: pxd-k8s
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Pixad-k8s
access-control-allow-methods: POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RwH%2FOkLSkcbDWEpb4pKg6iNbl%2FVEiJ9JpG%2FdPS3r%2BrCpC017rO1%2FIcpj7OIWDK135irhtdFjx%2F3vuwVnjEnvQbrH6Vd3NO0D8SES4J7SnpelOeacugEBmNqsA3OtBh1oPwMGpcyvkY9DQkZ2IJMqGgB7ls%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://offer01.marketinglungs.online
access-control-allow-credentials: true
cf-ray: 82f6cbb57f5702ed-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
485 B 64ms
63ms Fetch
application/json 69.173.151.96
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: d8c430f8587b51405921013e271ff114e00291c8b5a410dcc5fd35cff2d35a63

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.4.0
Content-Type: application/json
access-control-allow-origin: https://offer01.marketinglungs.online
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 477 B
511 B 64ms
64ms Fetch
application/json 2602:803:c002:200::52
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25100&site_id=458252&zone_id=2685414&size_id=9&rp_schain=1.0,1!admatic.com.tr,adm-pub-140550463727,1,,,&eid_pubcid.org=eeee416d-ef58-46b2-ac7f-3a4dce2b1c32%5E1&rf=https%3A%2F%2Foffer01.marketinglungs.online%2F&tg_i.domain=offer01.marketinglungs.online&tg_i.page=https%3A%2F%2Foffer01.marketinglungs.online%2F&tg_i.name=https%3A%2F%2Foffer01.marketinglungs.online&tg_i.pbadslot=INS_006921a9-369e-3ec1-4614-d3c5d953c1ca&tk_flint=px_pbjs_lite_v8.25.0&l_pb_bid_id=1064908a3f5dc6af&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=INS_006921a9-369e-3ec1-4614-d3c5d953c1ca&m_ch_mobile=%3F0&slots=1&rand=0.0787590570051031
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2238af42f6284a551d85a38cdae594e6ae4b4f6fb79a0a84d35927ffc6bea05b

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 477
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb Show response
cpm.programattik.com/ 233 B
415 B 195ms
194ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=924&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: b621d80b22b9495a48fd341fb24041d4e5f3275306270528efed09d00d530e41

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:13 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 233
content-type: application/json; charset=utf-8

POST
H2 200 hb Show response
cpm.programattik.com/ 233 B
415 B 195ms
195ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=920&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: 902da469947c87a4a051fdb2b5e465350b700911d33dc3c404b4df8138f1df24

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:13 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 233
content-type: application/json; charset=utf-8

POST
H2 200 hb Show response
cpm.programattik.com/ 233 B
415 B 196ms
195ms Fetch
application/json 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=921&v=1.6
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: 9a4ca34751026ba8a02555aa2c1adc10061ce1a7e66a278be53220e9b0081e72

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:13 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
content-length: 233
content-type: application/json; charset=utf-8

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
541 B 280ms
279ms Fetch 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://offer01.marketinglungs.online
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
191 B 147ms
147ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:13 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 403 2591347 Show response
bs.yandex.ru/prebid/ 27 B
134 B 198ms
198ms Fetch
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2591347?imp-id=1&target-ref=offer01.marketinglungs.online&ssp-id=10500&ssp-cur=TRY
Requested by: Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 21:52:13 GMT
x-yandex-req-id: 1701553933589767-1380239144993580145700322-production-app-host-sas-pcode-141
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://offer01.marketinglungs.online
content-type: text/html; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Sat, 02 Dec 2023 21:52:13 GMT

GET
H2 200 sync.html Show response
static.pixad.com.tr/ Frame 916B 6 KB
3 KB 127ms
53ms Document
text/html 2606:4700:20::ac43:4a93

General

Check archive.org

Show headers Download Go to

Full URL: https://static.pixad.com.tr/sync.html
Requested by: Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a93 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d02f6d915634a573d2e322d6e71e65f6d316ca8f3ce6463bade96011ae6b65dc

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cdn-cache: HIT
cdn-cachedat: 12/01/2023 17:05:17
cdn-edgestorageid: 876
cdn-fileserver: 606
cdn-proxyver: 1.04
cdn-pullzone: 1145655
cdn-requestcountrycode: US
cdn-requestid: aa3a8b1cad915345b36cb88d8358fe32
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-status: 200
cdn-storageserver: DE-662
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status: DYNAMIC
cf-ray: 82f6cbb4f86567e7-MIA
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 21:52:13 GMT
last-modified: Thu, 23 Nov 2023 20:44:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otOjKWgSyvu5hD28Q3GSkpKB0PuN6NP6i%2FoIaYF56k2MInXAi%2BWRWuivQkDIsG06YFtK5XUa9J9%2B7p3OfoG2u5VChAAMuPnLH7D5auPty63C3XbCoP3qMy0CRyC8%2BZHOHy0vc9vtya9sje0uBOME5wc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
289 B 436ms
142ms Fetch
application/json 162.19.138.116

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 -, , ASN (),

Reverse DNS

Software

Resource Hash

fffc0cf39fad44df6d63e1987d7e659ee2aebf8b8b6b7217a31e6ecd48f6d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CFB5 15 KB
6 KB 80ms
65ms Document
text/html 2620:100:a001::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=offer01.marketinglungs.online

Requested by

Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://offer01.marketinglungs.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:52:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 324799
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 195ms
75ms XHR
text/javascript 2620:100:a001::4

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Dec 2023 21:52:13 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 7F9D 7 B
808 B 194ms
66ms XHR
application/json 8.43.72.97

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
Expires: 0

GET
H2 200 all Show response
ssp-service.pixad.com.tr/impression/ 1 B
319 B 440ms
432ms XHR
text/html 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-service.pixad.com.tr/impression/all?data=eyJyZXF1ZXN0Ijp7ImN1cnJlbmN5IjoiVFJZIiwic2l6ZXMiOlsiNjgweDQwMCJdLCJwdWJsaXNoZXJOYW1lIjoib2ZmZXIwMS5tYXJrZXRpbmdsdW5ncy5vbmxpbmUiLCJiaWRkZXJzIjpbInJ1Ymljb24iLCJjcml0ZW8iLCJydGJob3VzZSIsInR1cmt0ZWxla29tIiwieWFuZGV4IiwicGl4YWQiXSwibWVkaWFUeXBlcyI6WyJuYXRpdmUiLCJ2aWRlbyIsImJhbm5lciJdLCJhZFVuaXRzIjpbIjE5OTA3NTE4MjgiXSwicHViSWQiOiI0MzI3NzE2MDEwIiwidG9rZW4iOiJJTlNfZGVmOGRkZjYtYzI5Zi02MDhmLTZmN2ItNzliZjk4NDVlNjE1In0sInJlc3BvbnNlIjpbXX0=

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

working-on: pxd-k8s
date: Sat, 02 Dec 2023 21:52:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Pixad-k8s
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YH17RL%2FJFIDdIm3Q2gt2lyzSUBv8iatQOocLL1sZe9tTFlm4Eu%2Fe9VPiwYx24xjYYtcDAnzJOej0xubHRd4pvdR3FSf9T7vt5mftMDH07OJIl9OhwuSOvI5pecVbtLoSSPX2TrTan%2FcuxMXCXYZOqWtptjqMnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-ray: 82f6cbb54f1b02ed-MIA
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 186ms
64ms Preflight
application/json 74.119.119.139

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 02 Dec 2023 21:52:12 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 162715
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame CFB5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=marketinglungs.online&sn=ChromeSyncframe&so=0&topUrl=offer01.marketinglungs.online&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=_Itc6Hx2ZUVwSmpNU0pWZHpweldrMGZ6UEhEaWxhcTY3WFZVOVJoREJIM0ZMNWYvd0lUOVNreVdERWc5bUxseDFVYmtqWlZ5aGxaSXlTaU1JNlI4QXE3NDMvLzJSUDB1RkYrcGx5RzdkUjZpMXdsckQ1QlZycm1KTUNvWm...

452 B
672 B

185ms
62ms

Fetch
application/json

74.119.119.139

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_Itc6Hx2ZUVwSmpNU0pWZHpweldrMGZ6UEhEaWxhcTY3WFZVOVJoREJIM0ZMNWYvd0lUOVNreVdERWc5bUxseDFVYmtqWlZ5aGxaSXlTaU1JNlI4QXE3NDMvLzJSUDB1RkYrcGx5RzdkUjZpMXdsckQ1QlZycm1KTUNvWmExaTFlWVRQem1RMG9tNjFRVXFaNVRERTRiZ0FpeXpMaUhwM0J4VGhBSW1mQXFyNFU4NTNsY29UdmRSbFV3Ritsd24wQVNrdEg4TC9qVmk5ZXltQlZ6OEh4UW1oRXFVY1AyNHBDN1FRSHhGVERRTDF1djB4UThvSFVCb3RKaTNkZUdHYmQwNldXcGFWakJicWVaVjVxaEo0ZENxQUpnVlNaWUY2c0gzbG1SdmMzYlNDNGdiND18&cppv=2

Protocol

Server

74.119.119.139 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

9b11fa91d80ae475650b6865a14bb0efe782fb8398c42c76ac59ef193c444bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1939428
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=_Itc6Hx2ZUVwSmpNU0pWZHpweldrMGZ6UEhEaWxhcTY3WFZVOVJoREJIM0ZMNWYvd0lUOVNreVdERWc5bUxseDFVYmtqWlZ5aGxaSXlTaU1JNlI4QXE3NDMvLzJSUDB1RkYrcGx5RzdkUjZpMXdsckQ1QlZycm1KTUNvWmExaTFlWVRQem1RMG9tNjFRVXFaNVRERTRiZ0FpeXpMaUhwM0J4VGhBSW1mQXFyNFU4NTNsY29UdmRSbFV3Ritsd24wQVNrdEg4TC9qVmk5ZXltQlZ6OEh4UW1oRXFVY1AyNHBDN1FRSHhGVERRTDF1djB4UThvSFVCb3RKaTNkZUdHYmQwNldXcGFWakJicWVaVjVxaEo0ZENxQUpnVlNaWUY2c0gzbG1SdmMzYlNDNGdiND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 478032
content-length: 0
expires: 0

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 916B 20 KB
7 KB 146ms
73ms Script
text/javascript 2606:4700::6810:3965

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: static.pixad.com.tr
URL: https://static.pixad.com.tr/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://static.pixad.com.tr/
Origin: https://static.pixad.com.tr
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:13 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 82f6cbb5fcd85f1f-MIA

POST
H2 200 381.json Show response
id5-sync.com/g/v2/ Frame 916B 625 B
1 KB 430ms
143ms XHR
application/json 162.19.138.120

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/381.json?gdpr_consent=&gdpr=0

Requested by

Host: static.pixad.com.tr
URL: https://static.pixad.com.tr/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 -, , ASN (),

Reverse DNS

Software

Resource Hash

26d73deb3cba83c39110bf2f6e02eec840e91b731d98cd84877d0f5169723812

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://static.pixad.com.tr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://static.pixad.com.tr
date: Sat, 02 Dec 2023 21:52:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2

200

sid Show response
mug.criteo.com/ Frame 916B
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fstatic.pixad.com.tr&domain=static.pixad.com.tr&bundle=&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=0HQV23xIaXlQUGhZZVdZSFYwQU5qNmNVL1FHT2p5dWZ2c0oySjRXbzJLWnNEVVNRVEprYUE3WkdvUERQMWtUNTJMVzlJU1dod25WbStyLzU4MHJIdVRPVlp3QWF6QkxTRTRCc21MVkkyNDdlR240QXhkRjVHMjN4YmFFYz...

431 B
696 B

154ms
63ms

XHR
application/json

74.119.119.139

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=0HQV23xIaXlQUGhZZVdZSFYwQU5qNmNVL1FHT2p5dWZ2c0oySjRXbzJLWnNEVVNRVEprYUE3WkdvUERQMWtUNTJMVzlJU1dod25WbStyLzU4MHJIdVRPVlp3QWF6QkxTRTRCc21MVkkyNDdlR240QXhkRjVHMjN4YmFFYzdZSVhYRkZYZlNyVWRZMll0a2txSGc1MGpmT1JMV0RtRGNsaXZ2M0h0cWR2U1Y1NEVNWmppcDRLWVdsUzZzbXl6T0d2a2Z5TnBmYzc3M0xPby9oSEZqK295SWo1K1BXdmxUMEhtcGZLanNZcE9yRmg2b2VZVnRKNWE4a1RPaEdhVnZYK0N3aEpCMEdLZmJnQUZ5WXp5bUdUOXBGZjJNUjZPVlBiUkRoZDJITFIyMnBpaU5Mdz18&cppv=2

Requested by

Host: static.pixad.com.tr
URL: https://static.pixad.com.tr/sync.html

Protocol

Server

74.119.119.139 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

8ad1f5f139627a3d72a844dc5977935df41bfffea9da6791038b15a063e2de8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.pixad.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2867703
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://static.pixad.com.tr
location: https://mug.criteo.com/sid?cpp=0HQV23xIaXlQUGhZZVdZSFYwQU5qNmNVL1FHT2p5dWZ2c0oySjRXbzJLWnNEVVNRVEprYUE3WkdvUERQMWtUNTJMVzlJU1dod25WbStyLzU4MHJIdVRPVlp3QWF6QkxTRTRCc21MVkkyNDdlR240QXhkRjVHMjN4YmFFYzdZSVhYRkZYZlNyVWRZMll0a2txSGc1MGpmT1JMV0RtRGNsaXZ2M0h0cWR2U1Y1NEVNWmppcDRLWVdsUzZzbXl6T0d2a2Z5TnBmYzc3M0xPby9oSEZqK295SWo1K1BXdmxUMEhtcGZLanNZcE9yRmg2b2VZVnRKNWE4a1RPaEdhVnZYK0N3aEpCMEdLZmJnQUZ5WXp5bUdUOXBGZjJNUjZPVlBiUkRoZDJITFIyMnBpaU5Mdz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 312695
content-length: 0
expires: 0

GET /
id.ad-plus.com.tr/ Frame 916B 0
0

GET
H2 200 all
ssp-service.pixad.com.tr/impression/ 1 B
302 B 446ms
445ms XHR
text/html 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-service.pixad.com.tr/impression/all?data=eyJyZXF1ZXN0Ijp7ImN1cnJlbmN5IjoiVFJZIiwic2l6ZXMiOlsiMTYweDYwMCJdLCJwdWJsaXNoZXJOYW1lIjoib2ZmZXIwMS5tYXJrZXRpbmdsdW5ncy5vbmxpbmUiLCJiaWRkZXJzIjpbInJ1Ymljb24iLCJjcml0ZW8iLCJydGJob3VzZSIsInR1cmt0ZWxla29tIiwieWFuZGV4IiwicGl4YWQiLCJhZGYiXSwibWVkaWFUeXBlcyI6WyJuYXRpdmUiLCJ2aWRlbyIsImJhbm5lciJdLCJhZFVuaXRzIjpbIjE3MDM4NDEyNTQiXSwicHViSWQiOiI0MzI3NzE2MDEwIiwidG9rZW4iOiJJTlNfODNhOTY1OGEtZDU1OS0xM2ZlLWQ3ZDEtMzI3OWY4NjVmZjVlIn0sInJlc3BvbnNlIjpbXX0=

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

working-on: pxd-k8s
date: Sat, 02 Dec 2023 21:52:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Pixad-k8s
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uo5iMUo6w2piiW%2Fz3WW5lqdhtJr5l%2BQjc5z76ZFLEqi%2Fhi%2BGGsVXYDbMWHfnk5QCajAr1ByN1xHGl9cVqvzWS1zbWUw2VpgZb7rQNI0cutBzAVCd25WnV8zkY0fS%2Bv3BD%2FWFa8mNQNV1wiCAqSMFxvr7V6JxNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-ray: 82f6cbb6989e02ed-MIA
alt-svc: h3=":443"; ma=86400

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 7F9D
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPOLA0UJ-1F-7IAN

0
729 B

246ms
106ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPOLA0UJ-1F-7IAN
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 21:52:13 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 419994B1F81345B69BB878B8B0E57439 Ref B: MIAEDGE2605 Ref C: 2023-12-02T21:52:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLjeXPH9kUpAHvAv2mFQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPOLA0UJ-1F-7IAN
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET

ecm3
s.amazon-adsystem.com/ Frame 7F9D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LPOLA0UJ-1F-7IAN&ex=d-rubiconproject.com&status=ok

0
0

GET

token
pixel.rubiconproject.com/ Frame 7F9D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5WpUuWq9RbaJ0WA9Ly07Kg&rk=usync-na

0
0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 7F9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEENsvtVW845naz8WLfiCFo&google_cver=1

42 B
873 B

202ms
63ms

Image
image/gif

8.43.72.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEENsvtVW845naz8WLfiCFo&google_cver=1
Protocol: HTTP/1.1
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEENsvtVW845naz8WLfiCFo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET dcm
aax-eu.amazon-adsystem.com/s/ Frame 7F9D 0
0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 7F9D
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/dtGxdHzy2Xyf-vk2f5x4Ncn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NEh5aHNE2oKUb6kkYE_897TSbsO5t7WM_nOnmQ--~A

42 B
873 B

64ms
64ms

Image
image/gif

8.43.72.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NEh5aHNE2oKUb6kkYE_897TSbsO5t7WM_nOnmQ--~A
Protocol: HTTP/1.1
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 02 Dec 2023 21:52:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NEh5aHNE2oKUb6kkYE_897TSbsO5t7WM_nOnmQ--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 7F9D
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=285a14f2-8c15-43fe-9b5d-4d795c724cf0&gdpr=0&gdpr_consent=&expires=30

42 B
873 B

68ms
67ms

Image
image/gif

8.43.72.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=285a14f2-8c15-43fe-9b5d-4d795c724cf0&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=285a14f2-8c15-43fe-9b5d-4d795c724cf0&gdpr=0&gdpr_consent=&expires=30
date: Sat, 02 Dec 2023 21:52:14 GMT
server: Kestrel
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F9D
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjBhZjY2MDE4MDRkZDAwYmI5M2I0NmM4ZDUxNTEzNTkwYTFmZDRjOA

170 B
188 B

65ms
64ms

Image
image/png

173.194.209.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjBhZjY2MDE4MDRkZDAwYmI5M2I0NmM4ZDUxNTEzNTkwYTFmZDRjOA

Protocol

Server

173.194.209.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

vg-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 21:52:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjBhZjY2MDE4MDRkZDAwYmI5M2I0NmM4ZDUxNTEzNTkwYTFmZDRjOA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET

pixel
cm.g.doubleclick.net/ Frame 7F9D
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBPTEEwVUotMUYtN0lBTg==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOFjKEoxUArkEykj-mUSfI8&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBPTEEwVUotMUYtN0lBTg==&google_push=

0
0

GET

tap.php
pixel.rubiconproject.com/ Frame 7F9D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEPTE7K104AABZ6Ubb8zw&expires=30

0
0

GET

v1
match.sharethrough.com/sync/ Frame 7F9D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPOLA0UJ-1F-7IAN

0
0

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 7F9D 0
0

GET

sync
ups.analytics.yahoo.com/ups/58160/ Frame 7F9D
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPOLA0UJ-1F-7IAN&redir=true

0
0

GET token
token.rubiconproject.com/ Frame 7F9D 0
0

GET sync.php
pixel.rubiconproject.com/exchange/ Frame 7F9D 0
0

POST
H2 200 381.json Show response
id5-sync.com/g/v2/ 625 B
1 KB 143ms
142ms Fetch
application/json 162.19.138.120

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/381.json

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 -, , ASN (),

Reverse DNS

Software

Resource Hash

25b65430fe6033ea39913c293a3069328a0be559a00d68d694c198eed6ee3f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offer01.marketinglungs.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://offer01.marketinglungs.online
date: Sat, 02 Dec 2023 21:52:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 all Show response
ssp-service.pixad.com.tr/impression/ 1 B
302 B 175ms
174ms XHR
text/html 2606:4700:20::681a:658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-service.pixad.com.tr/impression/all?data=eyJyZXF1ZXN0Ijp7ImN1cnJlbmN5IjoiVFJZIiwic2l6ZXMiOlsiMTYweDYwMCJdLCJwdWJsaXNoZXJOYW1lIjoib2ZmZXIwMS5tYXJrZXRpbmdsdW5ncy5vbmxpbmUiLCJiaWRkZXJzIjpbInJ1Ymljb24iLCJjcml0ZW8iLCJydGJob3VzZSIsInR1cmt0ZWxla29tIiwieWFuZGV4IiwicGl4YWQiLCJhZGYiXSwibWVkaWFUeXBlcyI6WyJuYXRpdmUiLCJ2aWRlbyIsImJhbm5lciJdLCJhZFVuaXRzIjpbIjU4NTI2NjkyNzEiXSwicHViSWQiOiI0MzI3NzE2MDEwIiwidG9rZW4iOiJJTlNfMDA2OTIxYTktMzY5ZS0zZWMxLTQ2MTQtZDNjNWQ5NTNjMWNhIn0sInJlc3BvbnNlIjpbXX0=

Requested by

Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1701553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Pixad-k8s

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://offer01.marketinglungs.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

working-on: pxd-k8s
date: Sat, 02 Dec 2023 21:52:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Pixad-k8s
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0Iwy9fjmxI%2B0aAxB%2BOlvME07n2XJQp03v1H80klMj%2Fm2ctrG4QNGgzNvfQypx%2F6M9qbuH0hJqAGL1uvGlnANCyKuvXxfx07FX3dWEY%2BqGNHmKslFg%2Fb11SyQfJE4kMiIlwWxmgzdb3glK0ije4TewXHK6N3ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-ray: 82f6cbb7a9fb02ed-MIA
alt-svc: h3=":443"; ma=86400

GET user-synced
cpm.programattik.com/ Frame 5957 0
0

GET user-synced
cpm.programattik.com/ Frame 8EEF 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d.haberler.com
URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Aral%25C4%25B1k%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D

Domain: d.haberler.com
URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A2%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Aral%25C4%25B1k%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D

Domain: 58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr
URL: https://58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr/api/collect

Domain: melon.rtb.pixad.com.tr
URL: https://melon.rtb.pixad.com.tr/pb

Domain: id.ad-plus.com.tr
URL: https://id.ad-plus.com.tr/?token=0.02pqunt1r10b

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/ecm3?id=LPOLA0UJ-1F-7IAN&ex=d-rubiconproject.com&status=ok

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5WpUuWq9RbaJ0WA9Ly07Kg&rk=usync-na

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBPTEEwVUotMUYtN0lBTg==&google_push=

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEPTE7K104AABZ6Ubb8zw&expires=30

Domain: match.sharethrough.com
URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPOLA0UJ-1F-7IAN

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPOLA0UJ-1F-7IAN&redir=true

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=37556&a=1

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=primis

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn

Domain: cpm.programattik.com
URL: https://cpm.programattik.com/user-synced?zone=921&uid=T4976103011441001642

Domain: cpm.programattik.com
URL: https://cpm.programattik.com/user-synced?zone=920&uid=T3077114811835336525

Verdicts & Comments Add Verdict or Comment

315 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
offer01.marketinglungs.online/	1970-01-20 16:40:40	Name: readNewsIdList Value: ,16582970
.marketinglungs.online/	1970-01-20 16:40:40	Name: _gid Value: GA1.2.473021874.1701553925
.marketinglungs.online/	1970-01-20 16:39:13	Name: _gat Value: 1
offer01.marketinglungs.online/	1970-01-20 16:40:40	Name: enable_page_level_ads Value: 1
.marketinglungs.online/	1970-01-21 02:15:13	Name: _ga Value: GA1.1.96863363.1701553925
offer01.marketinglungs.online/	1970-01-20 16:40:40	Name: ClientCountryCode Value:
offer01.marketinglungs.online/	1970-01-20 16:49:18	Name: smartbanner2 Value: p2
.serving-sys.com/	1970-01-20 17:22:25	Name: u2 Value: c07a1fa9-7be0-4a51-a39c-18a0fd3eaa454PJ07g
.doubleclick.net/	1970-01-21 02:15:13	Name: IDE Value: AHWqTUk-GeubRD40-AY5gPM1Saky6eLpcUBdqIE6tq6qM_zQ3vo8Xpv7Rbuol6H2ypA
.marketinglungs.online/	1970-01-21 02:15:13	Name: _ga_FFKENFZBJW Value: GS1.1.1701553925.1.0.1701553927.58.0.0
.adentifi.com/	1970-01-21 02:15:13	Name: adtheorent[cuid] Value: cuid_09f8cb31-915d-11ee-ace1-1297b61989fd
.mediago.io/	1970-01-21 01:24:49	Name: __mguid_ Value: 9d9fcb00f4066cff140txu00lpol9xmw
.smaato.net/	1970-01-20 17:09:28	Name: SCM Value: 21a0414e51
.smaato.net/	1970-01-20 17:09:28	Name: SCMt Value: 21a0414e51
.smartadserver.com/	1970-01-21 02:09:28	Name: pid Value: 2489155417980436563
.dotomi.com/	1970-01-20 16:39:13	Name: DotomiTest Value: 2076bb9f8d04131b
.serving-sys.com/	1970-01-20 17:22:25	Name: A6 Value: 116hzDzYYw1007kQ000010000
.serving-sys.com/	1970-01-20 17:22:25	Name: eyeblaster Value: RES=32
.uuidksinc.net/	1970-01-21 01:24:49	Name: jcsuuid Value: x4rlXV9QNK7B6MeO1AdD
.taboola.com/	1970-01-21 01:24:49	Name: t_gid Value: 5a497f5b-c826-48ee-ac02-24b52799ac44-tuctc652c88
.taboola.com/	1970-01-21 01:24:49	Name: t_pt_gid Value: 5a497f5b-c826-48ee-ac02-24b52799ac44-tuctc652c88
.c.appier.net/	1970-01-21 01:24:49	Name: _auid Value: -ZfRskHWDg2T0uCoCKdrZQ
.c.appier.net/	1970-01-20 17:22:25	Name: _gu Value: CAESEHEi7aRJr66GtR03YlT3XOM
.marketinglungs.online/	1970-01-21 01:24:49	Name: _pubcid Value: eeee416d-ef58-46b2-ac7f-3a4dce2b1c32
.marketinglungs.online/	1970-01-21 01:24:49	Name: _pubcid_cst Value: zix7LPQsHA%3D%3D
.rubiconproject.com/	1970-01-21 01:24:49	Name: khaos Value: LPOLA0UJ-1F-7IAN
.rubiconproject.com/	1970-01-21 01:24:49	Name: audit Value: 1\|mFVHqHkj5bGgcZD4rJ8w7KS5Bv7H1ouoxdnNVF8ci153P6ESP+XTHb2Pz+8abb5Kxyz+8VDFlPjrRAyY2EmtEGUjZbDToK7SkiP96hjFabcwx43cxWE3oef6BC089xKFIo8tEQuGXfEbsm1clVNMrQ==
.yandex.ru/	1970-01-21 02:15:13	Name: yandexuid Value: 3727243091701553932
cpm.programattik.com/	1969-12-31 23:59:59	Name: DSP2F_94 Value: 5
cpm.programattik.com/	1969-12-31 23:59:59	Name: DSP2F_53 Value: 8
cpm.programattik.com/	1969-12-31 23:59:59	Name: SSPZ Value: 920
cpm.programattik.com/	1970-01-20 17:22:25	Name: ADKUID Value: T3077114811835336525

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://offer01.marketinglungs.online/1x1.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://offer01.marketinglungs.online/1x1.gif Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://offer01.marketinglungs.online/ Message: Access to XMLHttpRequest at 'https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Aral%25C4%25B1k%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D' from origin 'https://offer01.marketinglungs.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Aral%25C4%25B1k%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://offer01.marketinglungs.online/ Message: Access to XMLHttpRequest at 'https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A2%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Aral%25C4%25B1k%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D' from origin 'https://offer01.marketinglungs.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A2%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Aral%25C4%25B1k%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://offer01.marketinglungs.online/static/js/ah_2.js?v=0.02.113 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://offer01.marketinglungs.online/mstatic/assets/js/lazyload.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7367856165470296&output=html&h=400&slotname=1990751828&adk=3248589758&adf=2561670484&pi=t.ma~as.1990751828&w=680&lmt=1701553926&rafmt=12&format=680x400&url=https%3A%2F%2Foffer01.marketinglungs.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701553926410&bpp=1&bdt=2784&idt=354&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C160x600%2C160x600%2C300x600&correlator=2970609412432&frm=20&pv=2&ga_vid=96863363.1701553925&ga_sid=1701553927&ga_hid=1167668152&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1480&ady=2468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3191001187206789&tmod=1316844980&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=1&fsb=1&dtd=360 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bs.yandex.ru/prebid/2591347?imp-id=1&target-ref=offer01.marketinglungs.online&ssp-id=10500&ssp-cur=TRY Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bs.yandex.ru/prebid/2591347?imp-id=1&target-ref=offer01.marketinglungs.online&ssp-id=10500&ssp-cur=TRY Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bs.yandex.ru/prebid/2591347?imp-id=1&target-ref=offer01.marketinglungs.online&ssp-id=10500&ssp-cur=TRY Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bs.yandex.ru/prebid/2591347?imp-id=1&target-ref=offer01.marketinglungs.online&ssp-id=10500&ssp-cur=TRY Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bs.yandex.ru/prebid/2591347?imp-id=1&target-ref=offer01.marketinglungs.online&ssp-id=10500&ssp-cur=TRY Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr
a.c.appier.net
aax-eu.amazon-adsystem.com
ads.betweendigital.com
adx.adform.net
an.yandex.ru
analytics.google.com
bidder.criteo.com
bs.serving-sys.com
bs.yandex.ru
c.keltis.com
cdn.jsdelivr.net
cdn.p.analitik.bik.gov.tr
cm.g.doubleclick.net
cpm.programattik.com
d.haberler.com
dclk-match.dotomi.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
i.hbrcdn.com
id.ad-plus.com.tr
id5-sync.com
imasdk.googleapis.com
izlehls.haberler.com
lb.eu-1-id5-sync.com
lm.serving-sys.com
match.adsrvr.org
match.sharethrough.com
melon.rtb.pixad.com.tr
mts0.google.com
mug.criteo.com
offer01.marketinglungs.online
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
px.ads.linkedin.com
rtb.adentifi.com
rtb.programattik.com
s.ad.smaato.net
s.amazon-adsystem.com
s.hbrcdn.com
s.uuidksinc.net
s0.2mdn.net
secure-ds.serving-sys.com
ssbsync.smartadserver.com
ssp-service.pixad.com.tr
static.cdn.pixad.com.tr
static.cloudflareinsights.com
static.criteo.net
static.pixad.com.tr
stats.g.doubleclick.net
sync.ipredictive.com
sync.taboola.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.haberler.com
58ad7b06-cced-4351-b75f-fbf78e85432d.collector.p.analitik.bik.gov.tr
aax-eu.amazon-adsystem.com
cm.g.doubleclick.net
cpm.programattik.com
d.haberler.com
id.ad-plus.com.tr
match.sharethrough.com
melon.rtb.pixad.com.tr
pixel.rubiconproject.com
s.amazon-adsystem.com
sync.ipredictive.com
token.rubiconproject.com
ups.analytics.yahoo.com
141.226.224.48
162.19.138.116
162.19.138.120
172.104.105.5
172.240.127.131
173.194.209.154
18.221.11.176
185.184.8.90
185.185.51.170
195.181.165.140
2001:4860:4802:36::181
212.68.47.11
23.217.173.107
23.57.90.106
23.83.76.68
2600:1f18:4e9:5a05:e182:13ad:2937:20d
2600:9000:2505:f800:1b:5138:8a40:93a1
2602:803:c002:200::52
2606:4700:20::681a:658
2606:4700:20::681a:758
2606:4700:20::ac43:4a93
2606:4700::6810:3965
2606:ae80:1451:20::1720
2607:f8b0:4006:81e::2004
2607:f8b0:4023:1::61
2607:f8b0:4023:1::8b
2607:f8b0:4024:c00::5e
2607:f8b0:4024:c01::5e
2607:f8b0:4024:c01::64
2607:f8b0:4024:c01::9c
2607:f8b0:4024:c02::64
2607:f8b0:4024:c02::84
2607:f8b0:4024:c02::9d
2607:f8b0:4024:c09::5f
2607:f8b0:4024:c09::94
2607:f8b0:4024:c09::9b
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:1ec:21::14
2a02:6b8::90
2a04:4e42:400::485
3.132.70.167
3.81.188.147
31.220.27.134
35.208.249.213
35.71.131.137
37.157.6.254
46.20.149.250
69.173.151.96
74.119.119.139
77.223.135.226
77.92.138.125
8.43.72.97
85.111.6.48
85.111.6.50
89.117.77.90
0027461b424e3121ccf1cdf583171334ad059b78de9e7c32a748e9489421df10
00b81270249020ab4b6675acde19b60fc5c275266b5ced0b39963f8e754a6f64
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
023b881adfdfbd01a5c162f6a497f4ac793bec2dee6c664e011fe2505365af95
04189eb76e9f64cfbe4887b49b259b4184306225b10139800bba7d3dce4e2151
04b88b2037b57f16cbba896afb5189fba7379438336a69cdc36e9f158ed85ccc
059d42589e2143481e88a37bab21bcacbc5797045f9fe8c1d66fb17514186c14
095f8ebd86f4f3646e6c2e7e6647dd4d13c609dccc59f8b0a1719ec0a59e6272
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c684661cbf2d9b048095c8012c485037ad53f4ac57a2109b3e8155002970ecb
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f2bb0591c3166bb83f8600b99048a3d5e25ba5dd904df5971d8e4d2da2d4b31
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
174ee81fe3239c66218623548b7dce74bdfaebbb783c59a84826f1689a056d74
1a7ab6ae151947b7accafeaf393a17c8cde2457761989d398795cc05d997114f
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1de60550f4ce94177080ca7d071c09240d5b62be4c4c4e4949bea203b851e388
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2238af42f6284a551d85a38cdae594e6ae4b4f6fb79a0a84d35927ffc6bea05b
22a2251d406dde7956601090cefa2f2280bbc168d0c6d1ed76caa4f93967e881
25b65430fe6033ea39913c293a3069328a0be559a00d68d694c198eed6ee3f12
26d73deb3cba83c39110bf2f6e02eec840e91b731d98cd84877d0f5169723812
275ae68d7e6a744bfa1bfb3d8fd72518dc3144a5d2e9c67c380f640b9c5305d8
2a689ccabc2668e13126715b0b9ea6829af15218f5445e6f595c3a04c8f8276c
2ba02499f7b3de5f87bdcc85dbf9eee3ad1ce5813a667fecc852000c5af793dd
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
30c26578fa0df200478a3fe63c5cd23995195d646707e6602ef527c0587b1695
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32868a1bf80d19678eb0651409c76b377427788cf2ba1dd6aefc3f0c9fdd796c
32b679dc268024db0eb471f5e2bb7f610705692d7c81e6b9eb238637a0bf1b2e
36fa5d7967fad1b93bfdbb5016fdbd9000639d407c6f8a2e7dc6bf544cc6c4f8
38fef29f574de08187a7106ae4c811897913ac25f71c3a04390162439319c551
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d3dcb9df7355755d17d153a2b140c73bce475e8bcf4d5d8901a9947d12ff72b
3e50125f4db9ce6fdcbe37c5c16dae37f0aea8d9faa90d41ed46dade88d361ad
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
47e6de7aa7cb396d543583e8870c8fc721d7a1f7105421d10e9967b67e72a4df
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
4d1384b647f253b924594830c31e53ee5af63dda537e4a0ea185784267f7c19f
4fe9a85e96820eb6c30f9f493d816c0684f67d467a5999eb8b9c5bc8331eae38
51b42074adc78d3a6e9e45b60e8f366ed5dc028a84e4bbcf7811e7d42e188510
52c60926de4e2ecac39a3cd11b1808c425a84bd32e5b76aa0551be74a03ffdbe
53df0dccf74e4bea979151e193fb73e9a06ac816529f3e3fa2361b29144f9e45
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
581ab691b98611e1768b91ed3dda81dd3dd021f3123c7a2cb1e6052bf991062c
59fe999c1a9f6631f1a9cc3d7993edfeaa79a968779626bbb4d8fcf1c85da674
5a61b567228651c8a39e04543ae547f53a033918d9fe992c55793edfe6e12ceb
5a787d539cf38c44227edae3b32f9baffcccf721d2ada015b732e11bac0db170
5a895cc442dae0e56223b9b1848fcc3292b360e23801953c055e0035bd78001a
5dc43a014199e20c3bce2297332063d5714004e4fc729c5ad7decff476ba00b1
5dd5eb02318555d9db5ff2f1f4d1e0d9c94b685f302bfc68ba93b7df01b9a6cc
5e8d5a959eb7a0cc0895a961eed714ca1fdb17411fe415fd85d379b39aa1afe4
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
673313e96a0534f9af92ca33def0f1116ba8935661c63ff6f644303cc3f2e834
69243cba8f1d4cf91955556e24044c73d02285bb8e3c9166aca3a7853d5ec9d5
6b61f18c294eb966dba9d07c25d3ef56f2aca611312aa861c2c47ee696e3464d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dd150f7d1f81aff7f9166bdcd3a180a545f202c54d91140a438a61259e7894a
6f74952253d6a5b3808b4b3a1c9854c9b1cb2b849f9f1542ce148f8ca78ffa85
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
72e403d91c5872380fc6e8e7ea0271c9e745b2f580382e0bfde996c6e0169922
73c379d75be2202585d1f33f3c8047654e4f0ad9911e0eae1de2df5d1ee168f9
74060c2cee39f6cd2b8e3391da6498ac183035f1ae83d53e9c535fe9fffbb734
78aabd0f88afcf773d40ad4fdc7aa00b7dd20da3309b2011ba7848f8d4bab0d5
7a661914044f0f673b117d130630c1b0dcd94601b3bcd336bc7b7d99986d3338
7ab1ddc9fb494d565a1526c1d56cd90495b3e680abdad7ff4cb2f58d7e516882
7ae0b8e3f80fd2c97dea35c4a3643b17368ea41e6e63f083065bfb2a38caf37c
8004f0b0e633ad89b94118deadc491ee26c8f37a3ea335286d04c65cfba9fa55
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ab35ac6bc54b61452906c1c99641547a8ea08869d7d25b6f7baa872009035f2
8ad1f5f139627a3d72a844dc5977935df41bfffea9da6791038b15a063e2de8e
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8e2c49db07018a59ab49b67849718cd1cfe72bec77de478771f5e70a7327cb88
8f16ad983895043cfbcf3a48b2e2f0409ef3c7218f0ac51456c4f537c1e10f82
902da469947c87a4a051fdb2b5e465350b700911d33dc3c404b4df8138f1df24
91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691
94f151a7964f65d87bcaf4b5758d541c80a8fba0bb34d8ddc5ab9f8f4122f7c4
967955e0fe2f5def1affe5e2189e858bf82c9f989074b242dcb5643e42912101
9a4ca34751026ba8a02555aa2c1adc10061ce1a7e66a278be53220e9b0081e72
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b11fa91d80ae475650b6865a14bb0efe782fb8398c42c76ac59ef193c444bf0
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a00c9034ee0a006bbcbf6330329e4385b15248468cce6ec66f4aee0487d3edf1
a0c1e266821b43ce48d1e4f5bdddc63193481eac6ea4f837e5c0852a30400ec5
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a31c0f521383b5af47e97dd2165a021f278415a4910b39297f83be8e2842bf7b
a54f7d1e58192baa46dfe1e3d2080b8050c55bea6d271d64ed578ff9cb366b1a
a79f658e21388c2f1c9237816ccb4d86b311b7a97420c764d5c8beddd53f3e9b
a92dc734eb44af87131ac84082bbd0795faf2b35aeb5a71a613da370dee9cfa9
aa68a43e51b9ea57a5071c185941cb1957c62fa9551e537b44d6a945e14e338d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae8266b08b009d1e8a33cc15ef3836034632fd32f86a09c57bfd62eadfa85fca
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af9899a393c086ef1507641bc6ed14e6d86f6478d6d1fbd701598918a24b0df8
b1f1881d36e033f8a3a3c2d76a8cee754ed1f5bf38cd2b8616489997ebd4cb0f
b621d80b22b9495a48fd341fb24041d4e5f3275306270528efed09d00d530e41
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b6d5ce14b069d40cb5859aa9fdeeb16368192644526d6353cf773f040edc9ad3
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
ba559d2e4fcccdf3b3756a53ff01e36fddc8a3566f0863e2902bf959915e6a27
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd7d28af9f6a20ab4e7470da46177f185920a3dcf1c4d44ca359b51738fc8595
c08460d7dd465cdfe32fe4d47eec5e648cfbb65cf91a52bca93328a6df0ed8b3
c39ebca9d11f0316453a061a9ba092777904a15a204935ed2503674b30211516
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
c4d10966cd0fd6c72712c62b5ee6e4df243ee39eabc4eb00308d6cb3c246e864
c5151b8cf46d2a6f145bed7ed4f04cc68aebcb3e53fac281810eaa53f89a6873
c9a5b6c01745dab5aa5c587505b72fb6d7a94e718a3bf9187a848c23b0089e13
cec9f05e32ed5003e26b1ced0ac4945959d01b4a4e8f3f2fa0b8365dc90e34a6
d02f6d915634a573d2e322d6e71e65f6d316ca8f3ce6463bade96011ae6b65dc
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7b57d66afbe39520418a8832d590f40b1c372c001acbab8cf1d67b0a40b447b
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
d8c430f8587b51405921013e271ff114e00291c8b5a410dcc5fd35cff2d35a63
da0a441a0f712ea0bd34d84dc2bf0aa62b7f209797560b6d14daec1117881606
dc76506c14bbde915bb28360675dffe1badb633bdc22373f23cd37f3b6052923
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df07ccf700d212fb49981f2ead496207fd80ec648533f8b5cc9db302b13b9d0e
e1c8d28729ea3d708c29245bb05a41f306f2e82ddd4e6a363ca52622969723d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e553fdc563b5f1d66512546c468631ca4b7884f21898ec5c18af891580cccd2a
ea05768bcc4d81c5988df2a07e8b02ff9c1ffb6cbd077e1318b29e66fecd9663
eaab0174d0698b264be4cfa5e242ad62d30e61cca2cfe8598a04552be818e9d3
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
edb5dfa80e943ca38bdd46e50c783342d7450ecdc27ce9fb0f4ba4f21b17abf8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8dae1e199f3902868da53b08751ce0137283a69a5a0b415ab8cbb084296c04e
fadd32d7f64a542eecea60bf3a1092f0a0b61717c4b298ef0a123b17a0e2d25c
fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583
fffc0cf39fad44df6d63e1987d7e659ee2aebf8b8b6b7217a31e6ecd48f6d317

offer01.marketinglungs.online Open in urlscan Pro 89.117.77.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

248 Requests

84 %HTTPS

49 %IPv6

43 Domains

70 Subdomains

49 IPs

7 Countries

2351 kBTransfer

10872 kBSize

32 Cookies

62 Outgoing links

Redirected requests

248 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 42 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

offer01.marketinglungs.online Open in urlscan Pro
89.117.77.90 Public Scan

Screenshot
Live screenshot

Full Image

248
Requests

84 %
HTTPS

49 %
IPv6

43
Domains

70
Subdomains

49
IPs

7
Countries

2351 kB
Transfer

10872 kB
Size

32
Cookies

248 HTTP transactions
42 data transactions