sshay-koop.com.tr Open in urlscan Pro
89.19.29.122 Public Scan

Software

nginx /

Resource Hash

679a75330d1f071b9828fd204fcefd6cac3c148762c8eef2ab3f5da4afd8a4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:04 GMT
cache-control: public, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
etag: W/"2.4.0"
content-type: application/javascript

GET
H2 200 main.min.js Show response
canlidoviz.com/public/assets/scripts/ Frame CA8C 580 KB
188 KB 85ms
84ms Script
application/javascript 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://canlidoviz.com/public/assets/scripts/main.min.js?v=53
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: 276cad273f23e447a060ee0e7ab6b73acf12dd45fccccd8eed828ec9a427b264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 18:21:02 GMT
server: nginx
etag: "62a23a0e-911aa"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 191860
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame CA8C 109 KB
43 KB 130ms
50ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-57598401-1

Requested by

Host: canlidoviz.com
URL: https://canlidoviz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38cdfc763f47802141e3926a28e203516bc37188f2f052cc3f5c87efd57711bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43425
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Sep 2022 23:33:04 GMT

GET
H2 200 canlidoviz.js Show response
canlidoviz.com/public/assets/scripts/ Frame CA8C 14 KB
2 KB 85ms
84ms Script
application/javascript 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://canlidoviz.com/public/assets/scripts/canlidoviz.js?v=50
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: 53d60eb3b90bcc48eafcc1536bf07d1185d6e31c8676febd643b2f636f314ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 18:21:02 GMT
server: nginx
etag: "62a23a0e-38bf"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2212
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame CA8C 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 383d1f18e8bcca45da45c952cbe1dba8960898e785991efd486be6ea151edf4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK slider-arrows.png
sshay-koop.com.tr/content/images/ 3 KB
3 KB 74ms
46ms Image
image/png 89.19.29.122
CIZGI

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sshay-koop.com.tr/content/images/slider-arrows.png
Requested by: Host: sshay-koop.com.tr
URL: http://sshay-koop.com.tr/content/css/haykoop.css
Protocol: HTTP/1.1
Server: 89.19.29.122 , Turkey, ASN34619 (CIZGI, TR),
Reverse DNS: 89-19-29-122.cizgi.net.tr
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 56b5f6b2b49939ed9b86f2f628ae3678f9e5b830a45aea7c1dcc8e68a00c9801

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sshay-koop.com.tr/content/css/haykoop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Thu, 29 Sep 2022 23:33:04 GMT
Last-Modified: Thu, 21 Jan 2016 15:36:33 GMT
Server: Microsoft-IIS/10.0
ETag: "5f5dca816154d11:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2707

GET
H/1.1 200
OK tickerSol.png
sshay-koop.com.tr/content/images/icon/ 1 KB
2 KB 71ms
46ms Image
image/png 89.19.29.122
CIZGI

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sshay-koop.com.tr/content/images/icon/tickerSol.png
Requested by: Host: sshay-koop.com.tr
URL: http://sshay-koop.com.tr/content/css/haykoop.css
Protocol: HTTP/1.1
Server: 89.19.29.122 , Turkey, ASN34619 (CIZGI, TR),
Reverse DNS: 89-19-29-122.cizgi.net.tr
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4be9db428f0b3383897338daf3bfff0b8abd922e43dfb1b8f4d191710ec68218

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sshay-koop.com.tr/content/css/haykoop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Thu, 29 Sep 2022 23:33:04 GMT
Last-Modified: Mon, 21 Dec 2015 18:18:39 GMT
Server: Microsoft-IIS/10.0
ETag: "f86c231c3cd11:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1266

GET
H/1.1 200
OK tickerSag.png
sshay-koop.com.tr/content/images/icon/ 1 KB
2 KB 92ms
46ms Image
image/png 89.19.29.122
CIZGI

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sshay-koop.com.tr/content/images/icon/tickerSag.png
Requested by: Host: sshay-koop.com.tr
URL: http://sshay-koop.com.tr/content/css/haykoop.css
Protocol: HTTP/1.1
Server: 89.19.29.122 , Turkey, ASN34619 (CIZGI, TR),
Reverse DNS: 89-19-29-122.cizgi.net.tr
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f52fad70cbf36a74901827036e3f4944894528b01f4e6030999c2196c80d69c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sshay-koop.com.tr/content/css/haykoop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Thu, 29 Sep 2022 23:33:04 GMT
Last-Modified: Mon, 21 Dec 2015 18:18:38 GMT
Server: Microsoft-IIS/10.0
ETag: "271cb631c3cd11:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1265

GET
H/1.1 200
OK modal_kvkk-aydinlatma-metni524.png
sshay-koop.com.tr/upload/slider/ 17 KB
17 KB 47ms
46ms Image
image/png 89.19.29.122
CIZGI

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sshay-koop.com.tr/upload/slider/modal_kvkk-aydinlatma-metni524.png
Requested by: Host: sshay-koop.com.tr
URL: http://sshay-koop.com.tr/
Protocol: HTTP/1.1
Server: 89.19.29.122 , Turkey, ASN34619 (CIZGI, TR),
Reverse DNS: 89-19-29-122.cizgi.net.tr
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dbb9fa5eeb23eb6857b422e7f499a876d7e8e0734e3b9d05fbb2acab2cb00e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sshay-koop.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Thu, 29 Sep 2022 23:33:04 GMT
Last-Modified: Mon, 28 Sep 2020 08:13:13 GMT
Server: Microsoft-IIS/10.0
ETag: "a5472f366f95d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 16961

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame CA8C 214 KB
75 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DPTR7LF05C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57598401-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61f5e66caee084d872b7e6baff5eb5562d84967045d8dd97fdef7d7150096fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76456
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Sep 2022 23:33:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame CA8C 49 KB
20 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57598401-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 23:01:59 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 1865
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 30 Sep 2022 01:01:59 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame CA8C 44 KB
44 KB 157ms
76ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://canlidoviz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 276150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 18:50:34 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ Frame CA8C 31 KB
31 KB 104ms
36ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://canlidoviz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 19:00:06 GMT
x-content-type-options: nosniff
age: 275578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31320
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 19:00:06 GMT

GET
H2 200 / Show response
socket.canlidoviz.com/socket.io/ Frame CA8C 104 B
352 B 47ms
46ms XHR
text/plain 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.canlidoviz.com/socket.io/?EIO=3&transport=polling&t=OEBcBOS

Requested by

Host: socket.canlidoviz.com
URL: https://socket.canlidoviz.com/socket.io/socket.io.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),

Reverse DNS

Software

nginx /

Resource Hash

edff66f6d50104bd4ba30c4110cb300a1b13681ccdf32fd47be4abbb87f1ca3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://canlidoviz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://canlidoviz.com
date: Thu, 29 Sep 2022 23:33:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-credentials: true
server: nginx
content-length: 104
content-type: text/plain; charset=UTF-8

POST
H2 200 / Show response
socket.canlidoviz.com/socket.io/ Frame CA8C 2 B
236 B 46ms
46ms XHR
text/html 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.canlidoviz.com/socket.io/?EIO=3&transport=polling&t=OEBcBPO&sid=oJGhfxzIMSbDKtLhJR07

Requested by

Host: socket.canlidoviz.com
URL: https://socket.canlidoviz.com/socket.io/socket.io.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),

Reverse DNS

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://canlidoviz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://canlidoviz.com
date: Thu, 29 Sep 2022 23:33:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-credentials: true
server: nginx
content-length: 2
content-type: text/html

GET
H2 200 / Show response
socket.canlidoviz.com/socket.io/ Frame CA8C 2 KB
1 KB 615ms
614ms XHR
text/plain 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.canlidoviz.com/socket.io/?EIO=3&transport=polling&t=OEBcBPO.0&sid=oJGhfxzIMSbDKtLhJR07

Requested by

Host: socket.canlidoviz.com
URL: https://socket.canlidoviz.com/socket.io/socket.io.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),

Reverse DNS

185-28-2-120.rdns.saglayici.net

Software

nginx /

Resource Hash

776221c2e13692c665ceb72a3e35d38ae199c9166df95035193c6dd8cd5d1e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://canlidoviz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://canlidoviz.com
access-control-allow-credentials: true
content-length: 873

GET
H2 200 history Show response
api.canlidoviz.com/items/ Frame CA8C 508 B
773 B 168ms
57ms XHR
application/json 185.28.2.120
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL

https://api.canlidoviz.com/items/history?period=MINUTE&code=USD&marketId=0&startDate=2022-09-29T23:18:04&endDate=2022-09-29T23:33:04

Requested by

Host: canlidoviz.com
URL: https://canlidoviz.com/public/assets/scripts/main.min.js?v=53

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.28.2.120 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),

Reverse DNS

Software

nginx /

Resource Hash

ccc3cc1c510d956b789b08b1b6ec46408c0d924f4c0680f874cf6c3ff98ceef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://canlidoviz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://canlidoviz.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
accept-ranges: bytes
content-length: 508

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame CA8C 80 KB
28 KB 142ms
49ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=canlidoviz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae8ce462f975d0198fb69c9a4c63c17e6fca5ee6e339ee7ae8ab1981acf707e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27723
x-xss-protection: 0
server: sffe
etag: "1349 / 224 of 1000 / last-modified: 1664489179"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 29 Sep 2022 23:33:04 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame CA8C 120 B
283 B 51ms
50ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=canlidoviz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 29 Sep 2022 23:33:04 GMT
last-modified: Wed, 25 Dec 2019 09:23:27 GMT
server: openresty/1.15.8.3
accept-ranges: bytes
content-length: 120
content-type: application/javascript

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame 88C9 891 B
1 KB 50ms
49ms Document
text/html 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=canlidoviz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://canlidoviz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Thu, 29 Sep 2022 23:33:04 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CA8C 162 KB
54 KB 159ms
60ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=canlidoviz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e25abb7b8e5c76b404f9c3eda2d6720484274e04d42b05238290f9411628501a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://canlidoviz.com/
Origin: https://canlidoviz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54462
x-xss-protection: 0
server: cafe
etag: 2888756792597252813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 23:33:04 GMT

GET
H2 200 prebid7.17.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame CA8C 458 KB
170 KB 57ms
56ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.17.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=canlidoviz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 8cff4b51af4ebc1d85959342b81c3182ab8f431e5be281ea03d47df2a854f025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:04 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 20:04:30 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame CA8C 167 KB
43 KB 45ms
13ms Script
application/javascript 13.32.105.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=canlidoviz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-105-95.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:01:15 GMT
content-encoding: gzip
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront), 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
last-modified: Thu, 15 Sep 2022 20:15:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA60-P1
age: 1910
etag: W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: vmq_H5trgl01lW-w3hCb2cozuc_QDJL8a2gtbHrZbAux0tjXOuyBJA==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame CA8C 34 KB
35 KB 258ms
82ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1664494384858&v=https%3A%2F%2Fcanlidoviz.com%2F&r=canlidoviz:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=812x800&l=&y=&w=0&ext=,as,rc0,hf1,vv1&info=&ref=http%3A%2F%2Fsshay-koop.com.tr%2F&rdmt=0.5330354691236452
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=canlidoviz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 1162d9a56039428dc128634179e6aeec2111170ef6cd137201e1e291b65e2658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
server: openresty/1.15.8.3
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://canlidoviz.com
content-type: application/javascript
access-control-allow-credentials: true
content-length: 35303
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 canlidoviz.js Show response
static.virgul.com/theme/mockups/fallback/ Frame CA8C 8 KB
1 KB 47ms
47ms Script
application/x-javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/canlidoviz.js?dts=19264
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=canlidoviz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 22abeb31508871f110516651b8cb79e439100e4917d3ffd9ca5a7d4fbb994d2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 29 Sep 2022 23:33:04 GMT
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 11:48:14 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/x-javascript

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame CA8C 0
309 B 9ms
8ms XHR
text/plain 13.32.105.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fcanlidoviz.com&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-105-95.fra60.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:05:27 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
age: 12457
x-cache: Hit from cloudfront
access-control-allow-origin: https://canlidoviz.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 7Vgwz6h5h5e1a4RP2Q_6bm0yKnTIK_h5FsUJJOqvs9EhWqmeFplB6A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame CA8C 6 KB
3 KB 24ms
8ms XHR
application/javascript 13.32.105.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-105-95.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
date: Thu, 29 Sep 2022 11:20:22 GMT
x-amz-cf-pop: FRA60-P1
age: 65683
x-cache: Hit from cloudfront
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 4EMRB8x1D5SlUa-8QTmoe9ms-6m4ffORKa3mISTs4DyXlibFleVppg==

GET
H3 200 pubads_impl_2022092601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame CA8C 379 KB
128 KB 96ms
32ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131426
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 08:39:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Sep 2023 16:19:08 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/ Frame CA8C 348 KB
114 KB 147ms
73ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=canlidoviz.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7416465ae0ca7cc8c6fa1699a452aa0643a89364bcbd1ba3ef8739cd496a0afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117019
x-xss-protection: 0
server: cafe
etag: 9582801383191640512
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 23:33:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/ Frame E4C4 10 KB
5 KB 116ms
36ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://canlidoviz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 10:17:36 GMT
etag: 9671129459699598864
expires: Thu, 13 Oct 2022 10:17:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 canlidoviz.js Show response
static.virgul.com/theme/mockups/sites/ Frame CA8C 2 KB
3 KB 49ms
48ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/canlidoviz.js?dts=462359
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=canlidoviz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 3d8b0284fc6ea2bc729b755d9881e2ded9aad3ccca4a1b71e1709b5378435bae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
last-modified: Wed, 07 Sep 2022 08:25:12 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 2439

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame CA8C 14 KB
4 KB 119ms
33ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=canlidoviz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:04:44 GMT
content-encoding: gzip
age: 1701
x-guploader-uploadid: ADPycdsNnMw10NuPfq9dQ5oH1uhbYExG2MlrLUnAx8qFh67rC3MdTNlXJdjTVrWXCFRygiPVYaC2TJQOKUUcG6_NfqkSEryyVo3n
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 9
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3690
last-modified: Tue, 05 Apr 2022 17:08:24 GMT
server: UploadServer
etag: "1f39af8c4109e6a95d6895228aab0692"
vary: Accept-Encoding
x-goog-generation: 1649178504809914
x-goog-hash: crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-meta-last-modified: 2022-07-11T15:04:42.732Z
x-goog-stored-content-length: 3690
x-goog-meta-cache-control: public, max-age=230400
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame CA8C 0
212 B 49ms
49ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1664494385122&v=https%3A%2F%2Fcanlidoviz.com%2F&r=154035@154041:canlidoviz&userId=vnet9532f9a7-7ee7-485b-912a-6ed73dc88f58&tp=&os=&call=&vd=0&ses=0&dim=812x800&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=http%3A%2F%2Fsshay-koop.com.tr%2F&rdmt=0.6985500118399313
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://canlidoviz.com
date: Thu, 29 Sep 2022 23:33:05 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame CA8C 379 KB
127 KB 217ms
85ms Script
text/javascript 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: sshay-koop.com.tr
URL: http://sshay-koop.com.tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4a906ee5a7813bab2a5967955b0db04212fe34db0c16af43256717922709a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129452
x-xss-protection: 0
expires: Thu, 29 Sep 2022 23:33:05 GMT

GET
H2 200 DisplayVast2.css
c1.imgiz.com/player_others/html5/ Frame CA8C 3 KB
1 KB 384ms
47ms Stylesheet
text/css 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/DisplayVast2.css
Requested by: Host: sshay-koop.com.tr
URL: http://sshay-koop.com.tr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 8795e40deabda34358403b88788a921cf3bf0c29612f3f20fe6436769edadb6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 08:54:35 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
expires: Thu, 06 Oct 2022 23:33:05 GMT

GET
H2 200 DisplayVast2.js Show response
c1.imgiz.com/player_others/html5/ Frame CA8C 78 KB
22 KB 384ms
48ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/DisplayVast2.js
Requested by: Host: sshay-koop.com.tr
URL: http://sshay-koop.com.tr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: f40b9b5de0182cd4d16ba760057e6ef676be11a883d70694bafa363227cdc50c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
content-encoding: gzip
last-modified: Wed, 17 Nov 2021 11:57:31 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Thu, 06 Oct 2022 23:33:05 GMT

GET
H2 200 zoneview
ng.virgul.com/ Frame CA8C 0
212 B 51ms
47ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1664494385230&v=https%3A%2F%2Fcanlidoviz.com%2F&r=154145:canlidoviz&userId=vnet9532f9a7-7ee7-485b-912a-6ed73dc88f58&tp=&os=&call=&vd=0&ses=0&dim=812x800&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=http%3A%2F%2Fsshay-koop.com.tr%2F&rdmt=0.620813387337747
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://canlidoviz.com
date: Thu, 29 Sep 2022 23:33:05 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame CA8C 483 B
868 B 65ms
26ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
x-amz-version-id: 1664182876788516
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txac4c56ce13c94b3e8f3f6-0063316a9c
age: 311443
x-amz-id-2: txac4c56ce13c94b3e8f3f6-0063316a9c
last-modified: Mon, 26 Sep 2022 09:01:16 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3c5PzlxAGLc2v%2FI6ovjhe7ccYKlLirxcHnxbJHPNseG%2FIPcAiJQFz2rWDe7WiNbnGpxRzz%2FRce4pMepilTiPuuX0I9HX3k4OpEXRH09GrvEnwdqiArXP%2BLNc%2FI0y2CHwARVooWt2rdo2RETZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 752885944ae4bbcd-FRA

POST
H2 204 prebid Show response
mp.4dex.io/ Frame CA8C 0
264 B 60ms
30ms XHR
text/plain 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://canlidoviz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:05 GMT
x-err: Parsing the Prebid Request. adrequest and manager domains do not match
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://canlidoviz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7528859448e06940-FRA
expires: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame CA8C 63 KB
24 KB 32ms
32ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ee9bb1d978b9a9fb9f4f8c9207bf5634ca7aebc061cf57fdd52d5a7f3da06bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1656
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24269
x-xss-protection: 0
server: cafe
etag: 4950350485823022677
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 00:05:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame CA8C 107 B
792 B 147ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=canlidoviz.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame CA8C 107 B
549 B 126ms
45ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=canlidoviz.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CA8C 24 KB
10 KB 309ms
309ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4001312048053500&correlator=1326108957101437&eid=31068458%2C31069181%2C31069837%2C31061691%2C31061692%2C31068921&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fif&iu_parts=21728129623%3A22677896321%2Cweb_canlidoviz_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x600%7C300x250%7C336x280%7C160x600%7C120x600%7C120x240%7C300x800%7C250x250%7C200x200%7C160x160&fluid=height&ifi=2&adks=1593023553&sfv=1-0-38&fsapi=false&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dcanlidoviz%26mt%3D1664494384858%26pager%3D1%2540site_geneli%2540canlidoviz%253Asite_geneli%26host%3Dcanlidoviz.com%26url%3Dhttps%253A%252F%252Fcanlidoviz.com%252F%26targetCtr%3D0%26pid%3Dvnet9532f9a7-7ee7-485b-912a-6ed73dc88f58%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&ppid=vnet9532f9a77ee7485b912a6ed73dc88f58&sc=1&cdm=canlidoviz.com&abxe=1&dt=1664494385311&lmt=1664494385&dlt=1664494384366&idt=901&adxs=256&adys=3201&biw=-12245933&bih=-12245933&isw=812&ish=800&scr_x=-12245933&scr_y=-12245933&ucis=yajtj2z00g5g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=https%3A%2F%2Fcanlidoviz.com%2F&ref=http%3A%2F%2Fsshay-koop.com.tr%2F&top=http%3A%2F%2Fsshay-koop.com.tr%2F&rumc=4001312048053500&rume=1&frm=24&vis=1&psz=772x0&msz=786x0&fws=388&ohw=772&ga_vid=783448751.1664494385&ga_sid=1664494385&ga_hid=1948958020&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

cafe /

Resource Hash

0903b25ba441dd6472e817d11f1cadd1cd7a779e9ff7904a90ef52f8d06b6229

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10024
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://canlidoviz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F64 6 KB
4 KB 204ms
44ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://canlidoviz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 23:33:05 GMT
expires: Fri, 29 Sep 2023 23:33:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tag Show response
pandg.tapad.com/ Frame 0A82 13 B
249 B 132ms
38ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?referrer_url=http%3A%2F%2Fsshay-koop.com.tr%2F&page_url=https%3A%2F%2Fcanlidoviz.com%2F&owner=P%26G&bp_id=noktacommedya&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://canlidoviz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2384 603 B
67 B 133ms
58ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=http%3A%2F%2Fsshay-koop.com.tr%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1664494385085&bpp=4&bdt=719&idt=274&shv=r20220927&mjsv=m202209260101&ptt=9&saldr=aa&nras=1&correlator=8546766804829&rume=1&frm=24&ife=1&pv=2&ga_vid=783448751.1664494385&ga_sid=1664494385&ga_hid=1948958020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=812&ish=800&ifk=93694653&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C31061691%2C31061692%2C31068921&oid=2&pvsid=4001312048053500&tmod=607179032&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C812%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.9gsbcpjrjv3&fsb=1&dtd=287

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=canlidoviz.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://canlidoviz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 23:33:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
socket.canlidoviz.com/socket.io/ Frame CA8C 878 B
1 KB 936ms
935ms XHR
text/plain 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.canlidoviz.com/socket.io/?EIO=3&transport=polling&t=OEBcBZx&sid=oJGhfxzIMSbDKtLhJR07

Requested by

Host: socket.canlidoviz.com
URL: https://socket.canlidoviz.com/socket.io/socket.io.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),

Reverse DNS

Software

nginx /

Resource Hash

b71f230c204e11bdd95ee7b3b18754e44ee00df08cfc017c961d312c57058cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://canlidoviz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://canlidoviz.com
date: Thu, 29 Sep 2022 23:33:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-credentials: true
server: nginx
content-length: 878
content-type: text/plain; charset=UTF-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CA8C 25 KB
10 KB 291ms
291ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4001312048053500&correlator=2578336642627516&eid=31068458%2C31069181%2C31069837%2C31061691%2C31061692%2C31068921&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fif&iu_parts=21728129623%3A22677896321%2Cweb_canlidoviz_anasayfa_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160&fluid=height&ifi=3&adks=3723194487&sfv=1-0-38&fsapi=false&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dcanlidoviz%26mt%3D1664494384858%26pager%3D1%2540site_geneli%2540canlidoviz%253Asite_geneli%26host%3Dcanlidoviz.com%26url%3Dhttps%253A%252F%252Fcanlidoviz.com%252F%26targetCtr%3D0%26pid%3Dvnet9532f9a7-7ee7-485b-912a-6ed73dc88f58%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&ppid=vnet9532f9a77ee7485b912a6ed73dc88f58&sc=1&cdm=canlidoviz.com&abxe=1&dt=1664494385413&lmt=1664494385&dlt=1664494384366&idt=901&adxs=20&adys=2150&biw=-12245933&bih=-12245933&isw=812&ish=800&scr_x=-12245933&scr_y=-12245933&ucis=ekgxhfs7qzxw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=https%3A%2F%2Fcanlidoviz.com%2F&ref=http%3A%2F%2Fsshay-koop.com.tr%2F&top=http%3A%2F%2Fsshay-koop.com.tr%2F&rumc=4001312048053500&rume=1&frm=24&vis=1&psz=772x-1&msz=812x-1&fws=388&ohw=772&ga_vid=783448751.1664494385&ga_sid=1664494385&ga_hid=1948958020&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f92bb34fe623f1063dc9859e67a32b3177cae0c63a1d49adc2af6c90338ff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10572
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://canlidoviz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame CA8C 73 KB
23 KB 51ms
21ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8055949c765c65e219aec8e387c224544044c6e38dff199de1c52d8a219addfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
x-amz-version-id: 1664182876082916
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txeb2523f05c5a4228a5051-0063316aa1
age: 311437
x-amz-id-2: txeb2523f05c5a4228a5051-0063316aa1
last-modified: Mon, 26 Sep 2022 09:01:16 GMT
server: cloudflare
etag: W/"def38d7482d5ca96063df889ba7bcc30"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BMoqLwjk6XEFxrbZEnxYnB00RncZV9lvODbGOxIHW1%2BOzbBsF6fX2EsZJlh5%2BNyXz6BFo%2BOQi9s3lBGyRhflPafJmdw67QIfd0qhq1VVS50FHH3oOKSAjpP5SHJCWz%2F%2BrraXFTP7cLuDufd"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 752885951f19901f-FRA
access-control-allow-headers: Authorization

GET
H3 200 container.html Show response
7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7661 6 KB
3 KB 110ms
36ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://canlidoviz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 23:33:05 GMT
expires: Fri, 29 Sep 2023 23:33:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 94A7 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://canlidoviz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 23:33:05 GMT
expires: Fri, 29 Sep 2023 23:33:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7661 0
0 77ms
77ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4ExJMSs2Y63QF5HCgAenrbTABui-mJRcoKWzyf0IwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODKgAane3uECyAEJqQIc1NWbiq-BPuACAKgDAaoE9AFP0AYoZv1MA0JThJznCoIueI84Jk8kZKz1Y5n-dDJ3pR2zVo_NX1a5joL6FjW0sit0kLHbunlPKjQ7dmGZr_42MoPLIzsdGoL7KdgyIRrUBgHoVhtFn2yUc9bBU7-OMAjEONJZIdFzCS0ALYRBiSpMZ1mYB-cWzzfr0vQ8NouuRArp2MWzOqOUWvp3Yp1-rM3G_C8In81pZ8-O2Q0rOceV_PgNYnnLXnZyNxSwaAReFz3rLfDKb0wJm_8YUrgUdL_fMIgXuhk1t5J7fXM4O_RE-v8j7K7d5AZTfO-ABgwsu4JjKqccH0Q5cNLABNsXHjk1AqtX4AQBgAaKoJXAnbSu59sBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=G1S56apHYAI&uach_m=[UACH]&cid=CAQSLQCsnQUxuxHRSjuHsaEcQtcD-sD_Sj5azkw6mpCD_w-pjO1fGGfCTfojKGchqRgBIBM
Requested by: Host: sshay-koop.com.tr
URL: http://sshay-koop.com.tr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 7661 2 KB
2 KB 135ms
20ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=50277989;rtbwp=YzYrMQAF6C0K4CERAA0Wpxv41YuNAHlqdFinIQ;rtbdata=v4NggfA3el9GIe_VQzN1ASM08S0_vdfcsfmofzQ80-20YZb3u7zdwo1CZmiWiYQsH_YfgimrVMYX31lCfVwY7QvTnyVX017CvpjpJGWIcSIF_64gP2taMdL0Le26NiaVKYn8hTqZDzJPNVJBcG-4IYC1FgiDTxRsBRvnSpVwQ6QkvuS9VCRQTIwbnvX5EA_TWZbZjAX34Uc20uNNXZ-TbN6w_rTfDh8ACEP_-d3uqBzlrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBeihy17cMAys1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C8e4tMSs2Y63QF5HCgAenrbTABui-mJRcoKWzyf0IwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODKgAane3uECyAEJqQIc1NWbiq-BPuACAKgDAaoE9wFP0AYoZv1MA0JThJznCoIueI84Jk8kZKz1Y5n-dDJ3pR2zVo_NX1a5joL6FjW0sit0kLHbunlPKjQ7dmGZr_42MoPLIzsdGoL7KdgyIRrUBgHoVhtFn2yUc9bBU7-OMAjEONJZIdFzCS0ALYRBiSpMZ1mYB-cWzzfr0vQ8NouuRArp2MWzOqOUWvp3Yp1-rM3G_C8In81pZ8-O2Q0rOceV_PgNYnnLXnZyNxSwaAReFz3rLfDKb0wJm_8YUrgUdL_fMIgXuhk1t5J7fXM4O7ZG222_dA-xTqd3ugf7x8xIr4iqIIkEyZfJCxMKqcU7BqeIu8f9rMhv4AQBgAaKoJXAnbSu59sBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_2-AK5yUIjw-zf7_K1XPGbs5Fbdlg&client=ca-pub-7983651257838282&adurl=

Requested by

Host: 7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com
URL: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ada7c4c6d3a76aedbc1cd4df32a6a5118b994b66c603c31ee84e408eef8f569b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1692
expires: -1

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 7661 3 KB
1 KB 196ms
78ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com
URL: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 23:11:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 7661 17 KB
8 KB 165ms
47ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com
URL: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 23:14:51 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7661 22 KB
7 KB 198ms
81ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com
URL: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 15:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Sep 2023 15:28:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7661 140 KB
44 KB 135ms
49ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com
URL: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 23:33:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 94A7 0
0 83ms
83ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrBfBMSs2Y7DJHeu2x_AP3PGYsAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODKgAdW20uoDyAEJqQITXKPayWWwPuACAKgDAaoE-gFP0IdHtS4gsH-aKyMHiysgncXN9kVVdfzccvhv-ONoaj0cj_3m7nAFNsSQZ4Znxx_vxSBfY1E1PbC-hOk_pATHHUl_8_FBWxVmUj2EVPRzgwIdlqtWXhfmM2Wv7EHVFeNMxG3nGSyLcqLB32ACalEDr3DqqSx39wjhiAbr8smxbOtPqaWzJHnL7U-7ST9VbexSjbtjZZ-Jyt4oRzzXJRZ6auzl9ZC_4c5qNHu9T09fZDOCsG5w5BCJGVef6MGcqh4CxxOOePKDKp_F_DT1NMgrvpfcoDfE2CyzfRMNaimF13bfVG2ELI3zhkhV3h6VHwqVcSwbppM0zZyD4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=6_zOMQEQ55M&uach_m=[UACH]&cid=CAQSLQCsnQUx70Wld9YTFXkRgLq20gUNqSo5olatkeqHRyv-OjIapVQ54Sli-KMoSxgBIBM
Requested by: Host: sshay-koop.com.tr
URL: http://sshay-koop.com.tr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 94A7 0
0 75ms
16ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kpCTFOv_CsoH-gGdg2ICAgAAALQIpxviwGyWIMrzdRAwKzZjjqH2qVmONjQuH7MAEgAA&wp=YzYrMQAHZLAIEdtrAAY43EjSMXI9kMvDzZaxyw

Requested by

Host: sshay-koop.com.tr
URL: http://sshay-koop.com.tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 258703
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 96E9 236 KB
62 KB 334ms
192ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YzYrMQAHZLAIEdtrAAY43EjSMXI9kMvDzZaxyw&u=%7Cc1aHsv4HlFeeJrDIy0UuQhjOaIbv18uGAYPAoL%2BgIRQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Czly3PUDiEYKfobJVWZIjayH6jaUAGAAapy8sx7V-DXL_A0iIoIQlVUSxwPh5fkGquOxNDGGrqSgsgiBa2kZLmG_ohAWt3mvRLupcMyXOImoybbmYJi2sZjgJyoCrqFaxRH0yi7sue-EAIPqeVI4yew7Yd8UJhWfRROTbmzE_PfS-hJcpt15J0GRVDx9iPahZ3O25rKUOeHwrd8QnKUx-XmVCTB_PaUKZM2YHQBIGzyb-egKLRveg2Z9neTKs42U_yq3OuF6bK8dXPHXxHFK1eIOqPezJU602pBJVjMjXWbWg1O74aN0LK_nQBmUb2-K0QGG8ztbCuoRbAg1jvTVOM2XgrUkXet_uPT8lzzeV7cVymvvi6yfIgadxEAyBiQbaGJS6iL6oEY-mnZBeSGCgD9UKT_6ZYyh1bAiBcPtInelAf64Y5aNjqwSoSsLN96fmMmh2IigsH7qXeyC8xhs74eZIJmOz6X0px2yRdX5DECO_OYwPMZZ_PcnkhKgMkOGfZNnbxArCB10Mzb5RMCjgZGLTAAJk52QI_pax4bAccnHO7bxXM-rcU09NkoKxWDrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsSI0MSs2Y7DJHeu2x_AP3PGYsAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODKgAdW20uoDyAEJqQITXKPayWWwPuACAKgDAaoE_QFP0IdHtS4gsH-aKyMHiysgncXN9kVVdfzccvhv-ONoaj0cj_3m7nAFNsSQZ4Znxx_vxSBfY1E1PbC-hOk_pATHHUl_8_FBWxVmUj2EVPRzgwIdlqtWXhfmM2Wv7EHVFeNMxG3nGSyLcqLB32ACalEDr3DqqSx39wjhiAbr8smxbOtPqaWzJHnL7U-7ST9VbexSjbtjZZ-Jyt4oRzzXJRZ6auzl9ZC_4c5qNHu9T09fZDOCsG5w5BCJGVef6MGcqh4CxxOOePKDKp_F_DT1NMgrvpfcoHXG-b408o8e1bWRdKbi8pWNOIdFjGZNXKpdIqxnzjI3vhaeSY885FD14AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ojXCOY10LububgkcZLE4tgP3BYA%26client%3Dca-pub-7983651257838282%26adurl%3D

Requested by

Host: 7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com
URL: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

083bcee0b0c0d3cc38ed24e23461e388c112ffb0839970597228086bbbde9d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 23:33:05 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2y8EActd-u_GKL1RRL6DWbkD0J-RYo6lnMWS7Y12e6pNvO7ZL9VdDt4MfxWV-bf_KHGoBXkQMvJiJlsmThspKCy4SikAeuZY3umX254iYCtCkVDD3b8Z_nmoPtvSzBtNWHwE94SwrYMXKCGdBJTsbV0dXcXth7bSlzhlu3lBlm0HI_W0-Nzpe-uN0z3sc-_aBneHddiDm7aAxrouyYn4CASrrwlYv3zYHEA3QNbnW5E4y-9GiLThnm91XEmFgv37jqX900CTj4-yX9VY"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 177481034
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 94A7 3 KB
1 KB 188ms
76ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com
URL: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 23:11:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 94A7 17 KB
7 KB 185ms
73ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com
URL: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 23:14:51 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 94A7 22 KB
7 KB 226ms
115ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com
URL: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 15:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Sep 2023 15:28:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94A7 140 KB
44 KB 196ms
116ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com
URL: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 23:33:05 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 7661 33 KB
16 KB 160ms
20ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=50277989;rtbwp=YzYrMQAF6C0K4CERAA0Wpxv41YuNAHlqdFinIQ;rtbdata=v4NggfA3el9GIe_VQzN1ASM08S0_vdfcsfmofzQ80-20YZb3u7zdwo1CZmiWiYQsH_YfgimrVMYX31lCfVwY7QvTnyVX017CvpjpJGWIcSIF_64gP2taMdL0Le26NiaVKYn8hTqZDzJPNVJBcG-4IYC1FgiDTxRsBRvnSpVwQ6QkvuS9VCRQTIwbnvX5EA_TWZbZjAX34Uc20uNNXZ-TbN6w_rTfDh8ACEP_-d3uqBzlrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBeihy17cMAys1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C8e4tMSs2Y63QF5HCgAenrbTABui-mJRcoKWzyf0IwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODKgAane3uECyAEJqQIc1NWbiq-BPuACAKgDAaoE9wFP0AYoZv1MA0JThJznCoIueI84Jk8kZKz1Y5n-dDJ3pR2zVo_NX1a5joL6FjW0sit0kLHbunlPKjQ7dmGZr_42MoPLIzsdGoL7KdgyIRrUBgHoVhtFn2yUc9bBU7-OMAjEONJZIdFzCS0ALYRBiSpMZ1mYB-cWzzfr0vQ8NouuRArp2MWzOqOUWvp3Yp1-rM3G_C8In81pZ8-O2Q0rOceV_PgNYnnLXnZyNxSwaAReFz3rLfDKb0wJm_8YUrgUdL_fMIgXuhk1t5J7fXM4O7ZG222_dA-xTqd3ugf7x8xIr4iqIIkEyZfJCxMKqcU7BqeIu8f9rMhv4AQBgAaKoJXAnbSu59sBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_2-AK5yUIjw-zf7_K1XPGbs5Fbdlg&client=ca-pub-7983651257838282&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 141d0c16f846671454c7819c37fafe483ceb63aecb14695abd4a911d67df3d49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 11:10:06 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 01 Oct 2022 02:39:33 GMT

GET
DATA 200
OK truncated
/ Frame 94A7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3dba06217c5f414e9016c43ef8172e24f145bf1be6191b55d57d90d9192ae79b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62275d5be4b072d15e9ec3de
ng.virgul.com/tck/imp/ Frame CA8C 0
212 B 47ms
47ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/imp/62275d5be4b072d15e9ec3de?scm=https&g=1&t=cpc_annotation&sdr=240000&tp=&r=154145@site_geneli@canlidoviz:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1&info=&os=&mt=1664494384858&userId=vnet9532f9a7-7ee7-485b-912a-6ed73dc88f58
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://canlidoviz.com
date: Thu, 29 Sep 2022 23:33:06 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 7661 7 KB
4 KB 20ms
20ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=50277989;rtbwp=YzYrMQAF6C0K4CERAA0Wpxv41YuNAHlqdFinIQ;rtbdata=v4NggfA3el9GIe_VQzN1ASM08S0_vdfcsfmofzQ80-20YZb3u7zdwo1CZmiWiYQsH_YfgimrVMYX31lCfVwY7QvTnyVX017CvpjpJGWIcSIF_64gP2taMdL0Le26NiaVKYn8hTqZDzJPNVJBcG-4IYC1FgiDTxRsBRvnSpVwQ6QkvuS9VCRQTIwbnvX5EA_TWZbZjAX34Uc20uNNXZ-TbN6w_rTfDh8ACEP_-d3uqBzlrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBeihy17cMAys1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C8e4tMSs2Y63QF5HCgAenrbTABui-mJRcoKWzyf0IwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODKgAane3uECyAEJqQIc1NWbiq-BPuACAKgDAaoE9wFP0AYoZv1MA0JThJznCoIueI84Jk8kZKz1Y5n-dDJ3pR2zVo_NX1a5joL6FjW0sit0kLHbunlPKjQ7dmGZr_42MoPLIzsdGoL7KdgyIRrUBgHoVhtFn2yUc9bBU7-OMAjEONJZIdFzCS0ALYRBiSpMZ1mYB-cWzzfr0vQ8NouuRArp2MWzOqOUWvp3Yp1-rM3G_C8In81pZ8-O2Q0rOceV_PgNYnnLXnZyNxSwaAReFz3rLfDKb0wJm_8YUrgUdL_fMIgXuhk1t5J7fXM4O7ZG222_dA-xTqd3ugf7x8xIr4iqIIkEyZfJCxMKqcU7BqeIu8f9rMhv4AQBgAaKoJXAnbSu59sBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_2-AK5yUIjw-zf7_K1XPGbs5Fbdlg&client=ca-pub-7983651257838282&adurl=;js=1;adfxid=1x;10379;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=http%3A%2F%2Fsshay-koop.com.tr

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

624812c5fa753b7e46e00b14e0e1c78f1265e3851f7d82c0622329069ade1285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3162
expires: -1

GET
DATA 200
OK truncated
/ Frame 7661 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5eb988ef81462610dd3bc6f1e9da99463d4df86a7f3dee1db3450e4142155a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 96E9 2 KB
1 KB 51ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzYrMQAHZLAIEdtrAAY43EjSMXI9kMvDzZaxyw&u=%7Cc1aHsv4HlFeeJrDIy0UuQhjOaIbv18uGAYPAoL%2BgIRQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Czly3PUDiEYKfobJVWZIjayH6jaUAGAAapy8sx7V-DXL_A0iIoIQlVUSxwPh5fkGquOxNDGGrqSgsgiBa2kZLmG_ohAWt3mvRLupcMyXOImoybbmYJi2sZjgJyoCrqFaxRH0yi7sue-EAIPqeVI4yew7Yd8UJhWfRROTbmzE_PfS-hJcpt15J0GRVDx9iPahZ3O25rKUOeHwrd8QnKUx-XmVCTB_PaUKZM2YHQBIGzyb-egKLRveg2Z9neTKs42U_yq3OuF6bK8dXPHXxHFK1eIOqPezJU602pBJVjMjXWbWg1O74aN0LK_nQBmUb2-K0QGG8ztbCuoRbAg1jvTVOM2XgrUkXet_uPT8lzzeV7cVymvvi6yfIgadxEAyBiQbaGJS6iL6oEY-mnZBeSGCgD9UKT_6ZYyh1bAiBcPtInelAf64Y5aNjqwSoSsLN96fmMmh2IigsH7qXeyC8xhs74eZIJmOz6X0px2yRdX5DECO_OYwPMZZ_PcnkhKgMkOGfZNnbxArCB10Mzb5RMCjgZGLTAAJk52QI_pax4bAccnHO7bxXM-rcU09NkoKxWDrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsSI0MSs2Y7DJHeu2x_AP3PGYsAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODKgAdW20uoDyAEJqQITXKPayWWwPuACAKgDAaoE_QFP0IdHtS4gsH-aKyMHiysgncXN9kVVdfzccvhv-ONoaj0cj_3m7nAFNsSQZ4Znxx_vxSBfY1E1PbC-hOk_pATHHUl_8_FBWxVmUj2EVPRzgwIdlqtWXhfmM2Wv7EHVFeNMxG3nGSyLcqLB32ACalEDr3DqqSx39wjhiAbr8smxbOtPqaWzJHnL7U-7ST9VbexSjbtjZZ-Jyt4oRzzXJRZ6auzl9ZC_4c5qNHu9T09fZDOCsG5w5BCJGVef6MGcqh4CxxOOePKDKp_F_DT1NMgrvpfcoHXG-b408o8e1bWRdKbi8pWNOIdFjGZNXKpdIqxnzjI3vhaeSY885FD14AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ojXCOY10LububgkcZLE4tgP3BYA%26client%3Dca-pub-7983651257838282%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Sep 2023 23:33:06 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 96E9 2 KB
1 KB 44ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Sep 2023 23:33:06 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 96E9 308 B
637 B 37ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 24 Sep 2023 23:33:06 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 96E9 293 B
621 B 38ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 24 Sep 2023 23:33:06 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 96E9 43 B
348 B 109ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=MPl4PaakDsbZ4BraU9MWJoTlYqA-WZpxM00yG_d7emtXQUgPKpecbZNDp_w04KG7XEDGu5LwrxUa5LVJyFxlH850C-xnnakTDLM6e21lC4-4q9HGUMdoco6osK6hOFXMJWCwAIJ_72cwrFbdzlTPclCpj0M6ukBdrD0qawNjr9FKWLVhWyDrnz9vxTTP87TKe7I8_pr1bVgpft6d_vcawOg7aWNWn4kvDKLJvve4QZznY1YqZyRh-gjGusqm-_QmwpHW-i_I_EGImsvrsHMITztRKOWW5UDtsadSuO03UrqwKqFKnX9Squl7QkJjKnvlZz8tTMMWNo93CF0t_v4LEusR1gfHDbPydURAlR6tXoIt-VWOilEv1kml79mIgCEWyF5_jwtEZk9-4pxt_NJ9U-vacxwYYRorD2FKnLCNBbaPZN3b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3553882
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 96E9 44 B
753 B 192ms
112ms Image
image/gif 2600:9000:223c:800:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1664494385
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzYrMQAHZLAIEdtrAAY43EjSMXI9kMvDzZaxyw&u=%7Cc1aHsv4HlFeeJrDIy0UuQhjOaIbv18uGAYPAoL%2BgIRQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Czly3PUDiEYKfobJVWZIjayH6jaUAGAAapy8sx7V-DXL_A0iIoIQlVUSxwPh5fkGquOxNDGGrqSgsgiBa2kZLmG_ohAWt3mvRLupcMyXOImoybbmYJi2sZjgJyoCrqFaxRH0yi7sue-EAIPqeVI4yew7Yd8UJhWfRROTbmzE_PfS-hJcpt15J0GRVDx9iPahZ3O25rKUOeHwrd8QnKUx-XmVCTB_PaUKZM2YHQBIGzyb-egKLRveg2Z9neTKs42U_yq3OuF6bK8dXPHXxHFK1eIOqPezJU602pBJVjMjXWbWg1O74aN0LK_nQBmUb2-K0QGG8ztbCuoRbAg1jvTVOM2XgrUkXet_uPT8lzzeV7cVymvvi6yfIgadxEAyBiQbaGJS6iL6oEY-mnZBeSGCgD9UKT_6ZYyh1bAiBcPtInelAf64Y5aNjqwSoSsLN96fmMmh2IigsH7qXeyC8xhs74eZIJmOz6X0px2yRdX5DECO_OYwPMZZ_PcnkhKgMkOGfZNnbxArCB10Mzb5RMCjgZGLTAAJk52QI_pax4bAccnHO7bxXM-rcU09NkoKxWDrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsSI0MSs2Y7DJHeu2x_AP3PGYsAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODKgAdW20uoDyAEJqQITXKPayWWwPuACAKgDAaoE_QFP0IdHtS4gsH-aKyMHiysgncXN9kVVdfzccvhv-ONoaj0cj_3m7nAFNsSQZ4Znxx_vxSBfY1E1PbC-hOk_pATHHUl_8_FBWxVmUj2EVPRzgwIdlqtWXhfmM2Wv7EHVFeNMxG3nGSyLcqLB32ACalEDr3DqqSx39wjhiAbr8smxbOtPqaWzJHnL7U-7ST9VbexSjbtjZZ-Jyt4oRzzXJRZ6auzl9ZC_4c5qNHu9T09fZDOCsG5w5BCJGVef6MGcqh4CxxOOePKDKp_F_DT1NMgrvpfcoHXG-b408o8e1bWRdKbi8pWNOIdFjGZNXKpdIqxnzjI3vhaeSY885FD14AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ojXCOY10LububgkcZLE4tgP3BYA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: nq6-RRgkGVYMMToZlKOFLPiCTcc83TOBYao4ij3A3PAna2AAdrv_Ag==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 7661 63 KB
24 KB 32ms
31ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com
URL: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ee9bb1d978b9a9fb9f4f8c9207bf5634ca7aebc061cf57fdd52d5a7f3da06bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1657
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24269
x-xss-protection: 0
server: cafe
etag: 4950350485823022677
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 00:05:29 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 96E9 12 KB
6 KB 28ms
23ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Sep 2023 23:33:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 96E9 11 KB
11 KB 79ms
15ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=356&s=RvgLKdjxsCa071ptabsHOAat

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cdeac9e009d394737c133d4f4692a8fe3ee3c88df825af37b647e2610b9082e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30779956
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11301
expires: Thu, 21 Sep 2023 05:32:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 96E9 2 KB
2 KB 78ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDZH-GmbH-71233DE-2201071435.gif%3Feb%3D1&v=3&w=800&s=vpGm_seSEYg5jupcMbmNinfn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2133809
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1540
expires: Mon, 24 Oct 2022 16:16:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 96E9 2 KB
2 KB 79ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoFormel-D-Group-3583DE-2008190935.gif%3Feb%3D1&v=3&w=800&s=VqTak-1PQuSgw4NtqaFRO-V1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=991307
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1672
expires: Tue, 11 Oct 2022 10:54:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 96E9 1 KB
2 KB 91ms
27ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2Flogohidden-professionals-GmbH-97267DE.gif%3Feb%3D1&v=3&w=800&s=V_ZNrXFScZltk3WSrE71MkfL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3871e6719f71319cad9f0c2b4f262518c8deb142d03078bd7539e5d72da33de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1061946
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1306
expires: Wed, 12 Oct 2022 06:32:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 96E9 10 KB
11 KB 91ms
28ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoYAYLA-Turk-Lebensmittelvertrieb-GmbH-312155DE-2208231615.gif%3Feb%3D1&v=3&w=800&s=8QiAEuwkM06GPXyz0X2LNxPF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5611a32f53b81db2a4397c10991d95d46790240b6a80229a4ce0f92cea31c683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=2250891
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10590
expires: Wed, 26 Oct 2022 00:47:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 96E9 2 KB
2 KB 89ms
26ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZiraat-Bank-International-AG-32289DE.gif%3Feb%3D1&v=3&w=800&s=c1MT4LGB4YhAAQkCKq3-4Smj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

46828483ec079cc92c83b884b3877eeb436873054e8b06ca40fb16ad7ea7ef9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1076957
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1810
expires: Wed, 12 Oct 2022 10:42:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 96E9 1 KB
1 KB 15ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoMercedes-Benz-AG-237414DE-2106010949.gif%3Feb%3D1&v=3&w=800&s=JIAYYix35VmzVzG5CogYs-G7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

9a73fe4f2b3f00d5f680adb3d4affae2a924b6ae4e8d3ea009c36f2f9177c0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2434791
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1052
expires: Fri, 28 Oct 2022 03:52:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 96E9 4 KB
4 KB 15ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2Flogoflaschenpost-SE-135518DE-2203221217.gif%3Feb%3D1&v=3&w=800&s=LxKWyT9X311LSo1mO3NfNPaP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f6c744cbc83d7f0b5d62c6951a13ca155b823fe1c3c724304804abb5d7a8f746

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=364104
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3706
expires: Tue, 04 Oct 2022 04:41:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 96E9 2 KB
2 KB 23ms
22ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoMeyer-logistics-GmbH-252009DE-2010121220.gif%3Feb%3D1&v=3&w=800&s=IMkTGPGrzT9FVipR0n_xoIo7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

dc4c6fa14927db521dc0ccd28e68c171f6434ab317bc04ae5da0765e007453c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=2013130
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1791
expires: Sun, 23 Oct 2022 06:45:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 96E9 4 KB
5 KB 18ms
18ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoALDI-Nord-67503DE.gif%3Feb%3D1&v=3&w=800&s=Wo6NatkDtDW2fY1DLR3ceyx1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5cd38d861db3fb969bbd70a1073f6b4d7092e7d5975379be9bffb1e385242f51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=561110
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4560
expires: Thu, 06 Oct 2022 11:24:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 96E9 2 KB
3 KB 22ms
21ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FO%2Flogoodelo-GmbH-91319DE.gif%3Feb%3D1&v=3&w=800&s=7-SAm00CYikC5JCBnXizs2H4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1424b2c737c731a525e5779dd4a0571dcaee16dcada31875727dcc2e158d9662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=385911
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2498
expires: Tue, 04 Oct 2022 10:44:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 96E9 2 KB
2 KB 19ms
18ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoFRamo-Morat-GmbH-Co-KG-7298DE.gif%3Feb%3D1&v=3&w=800&s=PtGD4Sb3WHh07Uf4B7pQnhbM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

2d63f39144b503999dea0aa5171d0f867ca9cfa50a4e30de061b738379e1d75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1874816
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1922
expires: Fri, 21 Oct 2022 16:20:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 96E9 5 KB
5 KB 23ms
22ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoDACHSER-SE-4891DE-2003241016.gif%3Feb%3D1&v=3&w=800&s=-NKa3pfVJKd0lBXy__JFn_5j&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d8f169f581e9e8d07c8e5a0cec347ca2a1e05452725c9bbc3063808a0a720c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=113891
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4666
expires: Sat, 01 Oct 2022 07:11:17 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 96E9 0
128 B 53ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=2y8EActd-u_GKL1RRL6DWbkD0J-RYo6lnMWS7Y12e6pNvO7ZL9VdDt4MfxWV-bf_KHGoBXkQMvJiJlsmThspKCy4SikAeuZY3umX254iYCtCkVDD3b8Z_nmoPtvSzBtNWHwE94SwrYMXKCGdBJTsbV0dXcXth7bSlzhlu3lBlm0HI_W0-Nzpe-uN0z3sc-_aBneHddiDm7aAxrouyYn4CASrrwlYv3zYHEA3QNbnW5E4y-9GiLThnm91XEmFgv37jqX900CTj4-yX9VY&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 29 Sep 2022 23:33:05 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 96E9 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Sep 2023 23:33:06 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 96E9 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Sep 2023 23:33:06 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 7661 85 KB
36 KB 31ms
31ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 77c67801c7995f4eaec6d68deb332882a6a342ad407d6eb25f8ffbf54c92bde7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 11:10:06 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 01 Oct 2022 02:39:39 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7661 0
327 B 99ms
29ms Ping
image/gif 2a00:1450:400b:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~l8nozc57&chm=1&c=4001312048053500&ctx=2&qqid=CO2syeSUu_oCFREh4AodpxYNaA&met.4=fb.3n~lb.d2~ol.dr~idt.fw~dt.-95&met.3=733.d3~742.d3~748.db~739.dp~738.dp~749.dp_2~735.dx_1~113.gj_4~112.gj_4&met.1=1.l8nozboo~6.1~7.1~8.1~9.2~10.22~11.2~12.23~13.33~14.36~15.35~16.dp~17.dp~18.dp~19.dp~20.dp~21.dr&met.7=CBsQCBgBMHE47wNQAVhKYAFoS3BveNAagAGkGIgBzi-wAQG4AQM~CCEQBBgBIIUBKIUBMNMBOE4~CBsQCiCGATiIAQ~CB4QChgBIIYBKIYBMMwCOMYBaPwBcMoCePsMgAHPCogBsRWwAQG4AQM~CBwQChgBIIYBKIYBMMQCOL4BQIcBSIcBUIcBWPsBYLUBaPwBcKsCeK09gAGBO4gB04kBsAEBuAED~CBEQChgBIIYBKIYBMO4COOgBaPwBcMwCeJo5gAHuNogB47MBsAEBuAED~CCoQChgBIIcBKIcBMNACOMkB~CBsQCiCPAjioAQ~CBsQCiC8AzgV~CCgQChgBIPQDKPQDMJUEOCFo9QNwlAR4-b8BgAHNvQGIAeD2A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400b:c01::5e Dublin, Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 7661 35 B
503 B 20ms
20ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=50277989&csi=yEQsDpKYkF570-cgSGfM5dy9ahl2U4uwV_Rq4FPP_w7rygPkIxxfkwpm6wuaSrVP8LdsF3IPlJCDxm-5eracFWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 48780241.png
s1.adform.net/Banners/48780241/ Frame 7661 91 KB
92 KB 25ms
25ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/48780241/48780241.png?bv=1
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 32967fd80403172ed9c41002f302103ac47d0a156d53a7f6011ec2576de71fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Thu, 26 May 2022 20:55:50 GMT
server: nginx
x-amz-request-id: tx00000caac32d5b3cd5297-00633616ae-3293c1b6-default
etag: "61592e381a2287dc01ea857822325fd2"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 93346

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CA8C 14 KB
11 KB 140ms
58ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ae6416f3a848f53827eb46dd3f0d147d5193af43ba58ac8aa0d1ef9b6426beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 94A7 63 KB
24 KB 31ms
31ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com
URL: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ee9bb1d978b9a9fb9f4f8c9207bf5634ca7aebc061cf57fdd52d5a7f3da06bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1657
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24269
x-xss-protection: 0
server: cafe
etag: 4950350485823022677
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 00:05:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA8C 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=canlidoviz.com&doc=complete&pg_h=3780&pg_w=812&pg_hs=3780&c=2&aa_c=0&av_h=250&av_w=772&av_a=193000&s=800.188&all_s=800.188&b=329.391&all_b=329.391&d=0.132&all_d=0.132&ard=0.126&all_ard=0.126&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
socket.canlidoviz.com/socket.io/ Frame CA8C 2 KB
1 KB 985ms
985ms XHR
text/plain 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.canlidoviz.com/socket.io/?EIO=3&transport=polling&t=OEBcBoo&sid=oJGhfxzIMSbDKtLhJR07

Requested by

Host: socket.canlidoviz.com
URL: https://socket.canlidoviz.com/socket.io/socket.io.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),

Reverse DNS

Software

nginx /

Resource Hash

41861446f5c51ac0c5fab0af78a81cb7b2a9c153ef0641222761f4aa7e53546d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://canlidoviz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://canlidoviz.com
access-control-allow-credentials: true
content-length: 900

GET
H2 200 13.jpg
canlidoviz.com/public/static/images/ Frame CA8C 8 KB
8 KB 48ms
48ms Image
image/jpeg 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canlidoviz.com/public/static/images/13.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: 14740ac658fca7df6c4375ccc802917acca88d63ad1b2d229d8b22f69a0b03f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Thu, 09 Jun 2022 18:21:02 GMT
server: nginx
etag: "62a23a0e-2081"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8321
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a1Banner_320-1.gif
work.mertosman.com/canlidoviz/assets/images/sponsors/ Frame CA8C 154 KB
155 KB 389ms
21ms Image
image/gif 2606:4700:3034::6815:3a5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://work.mertosman.com/canlidoviz/assets/images/sponsors/a1Banner_320-1.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3a5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a15cd346a33641a0588832ea689c1316698ac2520644597ed5797e8b09c3b03f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 818896
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 158071
last-modified: Wed, 08 Apr 2020 13:38:37 GMT
server: cloudflare
etag: "5e8dd3dd-26977"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJLXc1Bbk%2F0XkuEk0etkuoqk8UuP9zhcJq05C4uPcEcDQA4Ln4AGBKRcmNOLfJk6ePdgQNd%2F3%2FiOFYXVQgzUn4oR3dsuYAb6xScmJtCEloIQ0s%2B2znL6SPEwEgES734RzzvjG2bl4R1b%2Fb4ZZqUV53Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7528859d1c1d9b71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
canlidoviz.com/public/assets/images/ Frame CA8C 4 KB
4 KB 92ms
91ms Image
image/png 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canlidoviz.com/public/assets/images/logo.png
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/public/assets/scripts/main.min.js?v=53
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: 59507c03fcd7e5c75a6cf94019e97336bdba6133997854d340ca0a4dc190bb02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Thu, 09 Jun 2022 18:21:01 GMT
server: nginx
etag: "62a23a0d-f64"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3940
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_googleplay.png
canlidoviz.com/public/assets/images/ Frame CA8C 2 KB
2 KB 93ms
93ms Image
image/png 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canlidoviz.com/public/assets/images/icon_googleplay.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: 75af9761db652a47343699b02a0dd85d6d1ac0aa71ef4f46688536396c0b7c18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Thu, 09 Jun 2022 18:21:01 GMT
server: nginx
etag: "62a23a0d-7c5"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1989
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_googleplay-dark.png
canlidoviz.com/public/assets/images/ Frame CA8C 2 KB
2 KB 92ms
92ms Image
image/png 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canlidoviz.com/public/assets/images/icon_googleplay-dark.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: 8d1b35eb8588c9dd53c7ef98ea90168c896299641248d5f46caf8bca8aab2d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Thu, 09 Jun 2022 18:21:01 GMT
server: nginx
etag: "62a23a0d-84d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2125
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_appstore.png
canlidoviz.com/public/assets/images/ Frame CA8C 1 KB
1 KB 91ms
90ms Image
image/png 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canlidoviz.com/public/assets/images/icon_appstore.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: 17d9ac19c676ab7443d407dbc3f6a56d60ad90014d47a34121b90ef046eb44c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Thu, 09 Jun 2022 18:21:01 GMT
server: nginx
etag: "62a23a0d-470"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1136
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_appstore-dark.png
canlidoviz.com/public/assets/images/ Frame CA8C 1 KB
1 KB 91ms
91ms Image
image/png 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canlidoviz.com/public/assets/images/icon_appstore-dark.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: b9a58b049615d9ecfb9206d073ae0e00869ad752a5c1a0cb1cc8f653a8e35c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Thu, 09 Jun 2022 18:21:01 GMT
server: nginx
etag: "62a23a0d-43e"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1086
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 94A7 0
17 B 88ms
28ms Ping
image/gif 2a00:1450:400b:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~l8nozc90&chm=1&c=4001312048053500&ctx=2&qqid=CPClz-SUu_oCFWvbEQgd3DgGFg&met.4=fb.1q~lb.8h~ol.h7~idt.gp~dt.-8c&met.3=733.8m~742.8l_1~748.91~749.94~739.9b~735.9e_1~738.h7~113.ic_1~112.ib_1&met.1=1.l8nozbqp~6.0~7.0~8.0~9.0~10.0~12.2~13.15~14.16~15.1c~16.9b~17.9b~18.9b~19.h7~20.h7~21.h7&met.7=CBsQCBgBMCo46wRoAnApeNAagAGkGIgBzi-wAQG4AQM~CCEQBBgBIEAoQDCUAThU~CBsQBCBAOEw~CBsQBSBCOOsC~CB4QChgBIEIoQjCAAji-AWizAXD-AXj7DIABzwqIAbEVsAEBuAED~CBwQChgBIEIoQjD-ATi8AWizAXD7AXitPYABgTuIAdOJAbABAbgBAw~CBEQChgBIEMoQzCsAjjpAWizAXClAniaOYAB7jaIAeOzAbABAbgBAw~CCoQChgBIEMoQzCjAjjgAQ~CCgQChgBIO8EKO8EMJAFOCFo8ARwjwV4-b8BgAHNvQGIAeD2A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400b:c01::5e Dublin, Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7638b20b191bc31265336335c534c55d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13.jpg
canlidoviz.com/public/static/images/ Frame CA8C 8 KB
8 KB 48ms
47ms Image
image/jpeg 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canlidoviz.com/public/static/images/13.jpg
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/public/assets/scripts/main.min.js?v=53
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: 14740ac658fca7df6c4375ccc802917acca88d63ad1b2d229d8b22f69a0b03f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Thu, 09 Jun 2022 18:21:02 GMT
server: nginx
etag: "62a23a0e-2081"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8321
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
canlidoviz.com/public/assets/images/ Frame CA8C 4 KB
4 KB 46ms
46ms Image
image/png 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canlidoviz.com/public/assets/images/logo.png
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/public/assets/scripts/main.min.js?v=53
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: 59507c03fcd7e5c75a6cf94019e97336bdba6133997854d340ca0a4dc190bb02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Thu, 09 Jun 2022 18:21:01 GMT
server: nginx
etag: "62a23a0d-f64"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3940
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_googleplay-dark.png
canlidoviz.com/public/assets/images/ Frame CA8C 2 KB
2 KB 47ms
47ms Image
image/png 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canlidoviz.com/public/assets/images/icon_googleplay-dark.png
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/public/assets/scripts/main.min.js?v=53
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: 8d1b35eb8588c9dd53c7ef98ea90168c896299641248d5f46caf8bca8aab2d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Thu, 09 Jun 2022 18:21:01 GMT
server: nginx
etag: "62a23a0d-84d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2125
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_googleplay.png
canlidoviz.com/public/assets/images/ Frame CA8C 2 KB
2 KB 47ms
47ms Image
image/png 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canlidoviz.com/public/assets/images/icon_googleplay.png
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/public/assets/scripts/main.min.js?v=53
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: 75af9761db652a47343699b02a0dd85d6d1ac0aa71ef4f46688536396c0b7c18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Thu, 09 Jun 2022 18:21:01 GMT
server: nginx
etag: "62a23a0d-7c5"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1989
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_appstore.png
canlidoviz.com/public/assets/images/ Frame CA8C 1 KB
1 KB 47ms
46ms Image
image/png 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canlidoviz.com/public/assets/images/icon_appstore.png
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/public/assets/scripts/main.min.js?v=53
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: 17d9ac19c676ab7443d407dbc3f6a56d60ad90014d47a34121b90ef046eb44c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Thu, 09 Jun 2022 18:21:01 GMT
server: nginx
etag: "62a23a0d-470"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1136
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_appstore-dark.png
canlidoviz.com/public/assets/images/ Frame CA8C 1 KB
1 KB 47ms
47ms Image
image/png 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canlidoviz.com/public/assets/images/icon_appstore-dark.png
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/public/assets/scripts/main.min.js?v=53
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 185-28-2-121.rdns.saglayici.net
Software: nginx /
Resource Hash: b9a58b049615d9ecfb9206d073ae0e00869ad752a5c1a0cb1cc8f653a8e35c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
last-modified: Thu, 09 Jun 2022 18:21:01 GMT
server: nginx
etag: "62a23a0d-43e"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1086
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CA8C 17 KB
6 KB 231ms
133ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 23:33:06 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0144 13 KB
5 KB 48ms
47ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://canlidoviz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34860
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 13:52:06 GMT
expires: Fri, 29 Sep 2023 13:52:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 03BD 783 B
1 KB 128ms
47ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

39cf7e6910f174d30de1134cd8d7faecf9f76b8d558d21d329cc1b1cb7a3484f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EfIVXtizc6Wv3IUGRxjEBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://canlidoviz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-EfIVXtizc6Wv3IUGRxjEBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 23:33:06 GMT
expires: Thu, 29 Sep 2022 23:33:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 a1Banner_320-1.gif
work.mertosman.com/canlidoviz/assets/images/sponsors/ Frame CA8C 154 KB
155 KB 23ms
12ms Image
image/gif 2606:4700:3034::6815:3a5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://work.mertosman.com/canlidoviz/assets/images/sponsors/a1Banner_320-1.gif
Requested by: Host: canlidoviz.com
URL: https://canlidoviz.com/public/assets/scripts/main.min.js?v=53
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3a5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a15cd346a33641a0588832ea689c1316698ac2520644597ed5797e8b09c3b03f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 818842
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 158071
last-modified: Wed, 08 Apr 2020 13:38:37 GMT
server: cloudflare
etag: "5e8dd3dd-26977"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64X%2FqjjFf%2BNcdkKZyVvat2RESPu8mAByqC1IpQ%2FM95j6YewpULaT5lRNPNMqvkFsD6zkR4hCYf0GjT0CHn4DTXCT%2FoOH3efdESaTydEtB1wSQHhlS%2B7DtTByiQjQ1dQpoEz6p91pYTckn98uTxqvezY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7528859d5a2092a7-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0144 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 13:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 13:56:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 03BD 0
0 71ms
70ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=4001312048053500&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0144 0
10 B 47ms
47ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Z7G4ng
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 61f7f03fe4b0684a79f4ddf4
ng2.virgul.com/tck/imp/ Frame CA8C 0
212 B 167ms
47ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/61f7f03fe4b0684a79f4ddf4?scm=240000&g=1&t=google_banner&sdr=https&tp=&r=154035@site_geneli@canlidoviz:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1&info=&os=&mt=1664494384858&userId=vnet9532f9a7-7ee7-485b-912a-6ed73dc88f58
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://canlidoviz.com
date: Thu, 29 Sep 2022 23:33:07 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 bridge3.535.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 51AF 686 KB
221 KB 145ms
49ms Document
text/html 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.535.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55b7f27b4b18bf30e493441f813da36c9ec12619bbfb7b583a68914d8d6e83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://canlidoviz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 121321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226445
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 13:51:06 GMT
expires: Thu, 28 Sep 2023 13:51:06 GMT
last-modified: Wed, 28 Sep 2022 13:46:28 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame CA8C 44 KB
17 KB 170ms
49ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Sep 2022 23:33:07 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame CA8C 107 B
122 B 121ms
45ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=canlidoviz.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame CA8C 107 B
122 B 121ms
46ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=canlidoviz.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 / Show response
socket.canlidoviz.com/socket.io/ Frame CA8C 3 B
249 B 98ms
98ms XHR
text/plain 185.28.2.121
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.canlidoviz.com/socket.io/?EIO=3&transport=polling&t=OEBcC2c&sid=oJGhfxzIMSbDKtLhJR07

Requested by

Host: socket.canlidoviz.com
URL: https://socket.canlidoviz.com/socket.io/socket.io.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.28.2.121 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),

Reverse DNS

Software

nginx /

Resource Hash

62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://canlidoviz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://canlidoviz.com
date: Thu, 29 Sep 2022 23:33:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: text/plain; charset=UTF-8

POST
H3 204 csi
csi.gstatic.com/ Frame CA8C 0
17 B 29ms
28ms Ping
image/gif 2a00:1450:400b:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~l8nozbim&c=4001312048053500&e=31068458%2C31069181%2C31069837%2C31061691%2C31061692&ctx=1&met.9=1.q6~2.wi~9.0~3_2.xw~7_2.0~9.0~3_6.10m~7_6.0~4_2.16j~5_2.16q~4_6.18q~5_6.18t~6_2.1km~6_6.1q3&met.3=782.ri~1001.rh_1__1~164.rj~165.rg_4~166.r7_n~1032.z2~216.z2_3~215.z1_3~112.10t_1~416.1hc~413.1i8~416.1ka~415.1km~413.1ks~415.1q3~113.1q8_2~195.2dq&met.10=1_1.ILIJEAAIABgAKAA~1_2.INIJEAAIABj___________8BKAA~1_3.IKEKEAAIABgAKAA~1_6.IKoKEAAIABj___________8BKAA&met.1=1.l8nozaht~6.4j~7.4j~8.4j~9.4j~10.4j~12.4k~13.7a~14.7b~15.7h~16.f4~17.gc~18.gc~19.1q3~20.1q3~21.1q5~22.f5~23.f5&qqid.1=CO2syeSUu_oCFREh4AodpxYNaA&qqid.3=CPClz-SUu_oCFWvbEQgd3DgGFg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400b:c01::5e Dublin, Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CA8C 0
0 74ms
73ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092601&jk=4001312048053500&bg=!TE-lTwvNAAYIxsuQKMY7ACkAdvg8WnXDS0xKKYeTnvWlr_QItmhwjhP9hy_1Fa2OrWT8yAy7yWYr_gIAAABpUgAAAAJoAQeZArHa3jsuX_Oh_ZJ8GQiUgVn2vLTmt88PmPUwTbk5FSSAhQGY2HUOiv9aOEOuGTdgDAGgk9eDjBYCseveuXpecJ_kPfJ-1qhkW9BK8n80fC4HWGdTiZwc3wEZwHHD-lSiDTVShRztREGRdFt2rAFZbH_uHfkIZGAlP2padgO90EaQ6Yg_PTVRtgFx7wt9c3CoEnx5eDooBSQvB5XfK0gb0ddn13BbhwRL0UPrzpVdXqqyNXRmuo0sbmX5Wv8vlgIfUwIeaYKz2iH5aupGaGEN4NYKF-5IVJqFTEz-kusBqUXw1JP9Yddoi1IiwYMzQ46qY6J5r7XJpS3MZZcnJh5kJpoHHdDEauRZzV0pavxYeUIRb8jeOfCTWuDF6hKIxsM3PrGzDqdSna-oNhKeML43mJpqgPDvGXIyM173lxAaczN382ABp-_oGSkNr77xNRNNXPyMK-1LARpcT0hx2B8C5BQPeYXsFiwM5cYxDBfWeVAn2abCrxftAG9Ng5ENeXpP0hoNp3LtHX0AfaOVJi4AHsIuHXyq8DuDaed5MOAwqkejEGNmvNE52pNMwyPjcbV-jam5fRMcd8tISuBn2HiULjcpKB6GkdvLnSMSJvPUgk9xVPNuof98ki-Pm2T6xnPhCT6hM1hZ7NZo5u-pCYyibOqqrMQnpSmZi5aFAHtAE2zZBEuABp4nomb970RSQ6Ixcq1LGe1uuAX0K2CZbQ5yiYOWq87WrCrxotU3maonIlNBxpb9PoKWeT1u8FGDR4HDEANhcXfIfM_qnrvTNG8ZfDtlq-ULLb4vsPvsQUHVWKUl-ZraZe9C3iwn4B3ySSY0XjWRcFDDHYlikkUX9bAtqXC1Khaus97ce8mxT0B0x9AWmt1QIHCup0PYXuhi6r9K5jEWqazvynhtkOVcGa1ANbCvwA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 51AF 61 KB
10 KB 500ms
328ms XHR
text/xml 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21728129623%2C22677896321%2Fweb_canlidoviz_preroll&description_url=http%3A%2F%2Fcanlidoviz.com&env=vp&correlator=3221576888409941&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&ppid=vnet9532f9a77ee7485b912a6ed73dc88f58&cust_params=site%3Dcanlidoviz%26env%3Dweb%26mt%3D1664494384858%26r%3D154143%40site_geneli%40canlidoviz%3Asite_geneli%26info%3D%26targetCtr%3D0%26viewable%3D2%26site%3Dcanlidoviz%26plm%3Dnull%26pid%3Dvnet9532f9a7-7ee7-485b-912a-6ed73dc88f58%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&vpmute=1&sdkv=h.3.535.0&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=3377199166&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.535.0&sid=031D3D3C-D42D-44A5-A18C-72D76A18BB9C&nel=0&eid=418572006%2C44731964%2C44733378%2C44748969%2C44760950%2C44765701&ref=http%3A%2F%2Fsshay-koop.com.tr%2F&url=http%3A%2F%2Fsshay-koop.com.tr%2F&dt=1664494387626&scor=4456173360428329&ged=ve4_td4_tt1_pd4_la4000_er1638.256.1791.556_vi0.0.800.812_vp0_eb16747

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.535.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a55844a331d3371aeab5c8b2b43fe4332c92aad436d409507f2f9a2825f5aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9564
x-xss-protection: 0
google-lineitem-id: 6116274420,5842719256
pragma: no-cache
server: cafe
google-creative-id: 349134118753,138373119469
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 61fba1f6e4b028f916d19dc1
ng2.virgul.com/tck/imp/ Frame CA8C 0
212 B 48ms
48ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/61fba1f6e4b028f916d19dc1?scm=240000&g=1&t=google_banner&sdr=https&tp=&r=154041@site_geneli@canlidoviz:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1&info=&os=&mt=1664494384858&userId=vnet9532f9a7-7ee7-485b-912a-6ed73dc88f58
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://canlidoviz.com
date: Thu, 29 Sep 2022 23:33:07 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 / Show response
track.adform.net/serving/videoad/ Frame 51AF 22 KB
4 KB 22ms
21ms XHR
text/xml 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/videoad/?bn=58185459&v=4&rtbwp=YzYrMwANY4oK4D0yAASnYu_RuPlJC9GpEFMc4g&rtbdata=v4NggfA3el9De3DM6lDerJRk9zaDdpo2ftTdeQvC2U2_rUqmJ9-L_A6lzVbaIVSCtFuajlFsiUrJiF8uqoPJoDoYUiR5h1GrbD3JirrEGogMhMfG-lhwsnDDtyY5yCk2KgjYV9FskEWVCVADe0-Ai1_RNnlJtp2nAatKiwAno9ZuvHDn0LLDPhEuVWClu4ZDl7K-bzcOZwW6oXPLUGW8mjMtxjghLja8ZR0i_NG-hD1Fn-3K_ycwFgGNDC_PZjuBl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oxKVQtn-NDVMg2

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.535.0_en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

da2199750b7c9f75ace0ad63934361e5f44136e5b20ebd04ece17d62e89bd598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:33:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://imasdk.googleapis.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 3685

POST
H3 204 csi
csi.gstatic.com/ Frame 51AF 0
17 B 29ms
28ms Ping
image/gif 2a00:1450:400b:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~l8nozd6m&c=8546766804829&slotId=4273383402414.5&qqid=CL213-WUu_oCFTI94AodYqcE0g&gqid=Mys2Y6jZMoPzgAe275j4AQ&fb=ima_html5-lima&sdkv=h.3.535.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.2&wta=1&ghmsh_eids=418572006%2C44731964%2C44733378%2C44748969%2C44760950%2C44765701&vmfc=7&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.535.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400b:c01::5e Dublin, Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 51AF 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 51AF 0
27 B 73ms
72ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssidU_LiJEuok28WltPsAe_cFHJ9nfOswdhsd---pbwrdbiH3sy_X_g8FJY67qztXekt3FPaFx5suXba6BoEvfPMH6FK8F-7BeAZu4yIdNFcQvvT-wncgU-ySlXqAEDPc_pS8dxutR0h4ed_AuIklh-LXSQ0BLXQXZ5uerqWRLjwwdR-u3ktQnkZurI43tZn6jIl720B5SdPmfL4J__gKL3iwX8UtY8RGmjgz43zIphcCqsv3-6M-_V3tHAYqMKJPB0Y3fM3YJywt3bqzW6WEMiwkQDF1Y5vqFN5VAeAIWRG-_K5QOvte16ofq4SeomMz5hU1wB0mCdr9fLMHbmJjEfHAQwirCqRuDP1ppoy1Qsdd8LP8NkaZYpB8Ml-_rSWCGPcSBa_7r3_BZk7YrhxgHVHcASoVmS8lfT4iX0JaYH6fGDNspRB_JEj7Vjdl6pT8PENwQ8QUjmBVEtu9UbFF9yXVyZbcYmV6RxdwaPWiOZLj2qV6GsqBJ0JdnFfO-RW7YerWC1hjzCCzyrAf74yurm4OL0UVQ6InCIse8oOoijR2tslUPhA9InoLvsulpb7PBxFPpl2g93O1HcaGZpDsy67q3wZXiYbkQ5GuCTDk98ZxAORhYerNxyQCcFmtq_-5UNaHvSe4DGjiZ8OUX026lvsiL5bSq1EwNlLDHWfw6fh8w_C3varLoCOOO2Q5lTNmyhK1Fa_1Wm0q0N5bq1M-mJdQXL1PYU-I6dlB8FeEUWLYU9PTQt_AbCimyQhF1R2-KGwnX7kZdIvn5fLYFw0enSWwyB93ZzuWGgx889ruyW-s8UT0F4H14B35SzNhvBcZGNNqqd4FkaexsFzc8K7Kc-A58qDpmRV28MEHyh7KngZo_s6Tu_TPBsv6GhG-VgZQv3HFobtNcmTgj6Spk1thFNSLI-uxpJmGhWjTB8GbPT17jxZ3AplxOFEwmV3gddW94GaUOMEd7LPn491zjW7wOtuat4VJwYmPiz3adsJjn4RimJndfnkLdomWms30bLSyZU9tx-oUnPsKObJg9oIRDwdPeofTaG6weKy5383zjEYE6bExY0ZgbzMQLsQZgfnS8AS0QaohQ_rJCbGQuHXeT5E4Ix20beRgusvWiWeUx6-6efQyUEvBUlOFHXQ18EyIIyOlca6wDFUGzHwPq2sdpECKM0xUMjd_6wUkbFe8PM9Ivq44OuNcj0mSwReAQNBeZSdNq_fupmgXhAsqfNI-n59ZU3w5CPPC3yTed6IA4Uk9xhINieY2Abrs-mDzc6Fog_cQ2rXv9Aka2U4n-IdPMgSFQC5DJWV4hDJg&sai=AMfl-YT4nJgIA6S70YPXTcl3U9arEHYyfnEnH-uv-Qh35Ce9wWawIkxOcituDjHYA1KAG7v1E_lX61_T5MU-1oB3GyzH3dK7nZT03w1uG7foa7w0oIW3yBg6k2mnn3VxvQF51LHzOWSTN6zyF_T0wWq3_SR7JRkLOwIeG15jUaZKlYb6iFHDhNDG_5xPW-8KCaqnIcrB7yUbBlEnvVBzqV2YHf8sqI564mpxQEXeoHZLYlIabZFojMPY1JD5HpcyDXHZz59G8LzFt1ARwyuIEtoSrTYzSXLdYBAf&sig=Cg0ArKJSzGRWXBYtBNI0EAE&uach_m=[UACH]&sdkv=h.3.535.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MTE2Mjc0NDIwQIQECpgBCAESEHRyYWNrLmFkZm9ybS5uZXQaBkFkZm9ybSAEKiQxM2E0NmRkOC05NWU5LTQ1YmMtODRkOS0yYWI0OWE4MzAxNzIyCDU1NTYyMzM0OiQxM2E0NmRkOC05NWU5LTQ1YmMtODRkOS0yYWI0OWE4MzAxNzJAGFIgCOUGEBIlAAAcQigBOgd1bmtub3duQgd1bmtub3duUAAYAQ..&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 29 Sep 2022 23:33:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3 204 csi
csi.gstatic.com/ Frame CA8C 0
17 B 29ms
29ms Ping
image/gif 2a00:1450:400b:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~l8nozbmw&c=8546766804829&slotId=4273383402414.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400b:c01::5e Dublin, Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 count Show response
logger.virgul.com/ Frame CA8C 0
117 B 490ms
47ms XHR
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=start&g=m&r=outside::::&o=:NaN:0::&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/DisplayVast2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://canlidoviz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 29 Sep 2022 23:33:08 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H2 206 11766570.webm
s1.adform.net/Banners/Elements/Files/139426/ Frame CA8C 240 KB
0 24ms
23ms Media
video/webm 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/139426/11766570.webm?bv=0&ADFAssetID=11766570
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://canlidoviz.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 29 Sep 2022 23:33:08 GMT
last-modified: Wed, 21 Sep 2022 07:30:28 GMT
server: nginx
x-amz-request-id: tx000008315dadc13522998-0063361a59-32939b85-default
etag: "4c0b67645b94cdd3679019b816b8dd40"
x-cache-status: HIT
content-type: video/webm
access-control-allow-origin: *
Content-Range: bytes 0-4251538/4251539
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
Content-Length: 4251539

GET
H2 206 11766570.webm
s1.adform.net/Banners/Elements/Files/139426/ Frame CA8C 24 KB
24 KB 78ms
76ms Media
video/webm 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/139426/11766570.webm?bv=0&ADFAssetID=11766570
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 71d3f659717caa58914e28837b44122d9a694ab398bef4f86a9aededa1178647

Request headers

Referer: https://canlidoviz.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Range: bytes=4227072-

Response headers

date: Thu, 29 Sep 2022 23:33:08 GMT
last-modified: Wed, 21 Sep 2022 07:30:28 GMT
server: nginx
x-amz-request-id: tx000003ce16751f1079572-0063362b34-32939b85-default
etag: "4c0b67645b94cdd3679019b816b8dd40"
x-cache-status: MISS
content-type: video/webm
access-control-allow-origin: *
Content-Range: bytes 4227072-4251538/4251539
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
Content-Length: 24467

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 51AF 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 51AF 42 B
64 B 265ms
73ms Image
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 51AF 0
27 B 102ms
101ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPWnaxfNMonvjXvjSSYxTtUVVlAK0SlMzP0IOaXNg14NgBi8cj_CY_R-FIKprWtGpj4VxxImeM5Pon7LglKTETozf6j038hzo2ggbnIeOq5isvDmbEfv42qM4vgdLQARZpMJBTqDqNw37Mh8wqxAst31c3BhJPZpBsjBRE-UqTYbsHIK07UfhDtYAf-pmMNebzCyOSvG_TLc3CeM802mEagKMB0H1bE5EVyAv2F2Hh5VWIH655i0VzW8usQyJzeZysiOfrCgANSanmgfIXpuY6S1OdiLYB87Zk_3-osav1xWGJbr2IUvEm-zMp4y41yyeJ1zP3NcgKaWSGvwnDj64iuIgGuI--le9oguJnJaWK8f4pPM2xTW-tV50v6yxUukMzvp6_A72i51vZVyNahm5CaX_4_xMh4aGWpVEaRw9EEgQr92qn1XoX_AxHnfb9_sxQwZLV-EaGTTeSTiFL6qzIOVTLmvgtuMtOcGabZiW2yAMbmDBWvM3VooK_wpxLxHtRV8cMmgLY4PbF0xHowX10iNa2QSSiMQs1qTwpGu26UA-E1HiukGNv-b8aYAWIX5SohjVC-SkTZdm6kCviFBGubMlWu3kfBC8pZh80FWlbqMWXdMrnleslQpWPOdC8gUdnnaq9h1PHby238tKN21q6HbVy3K-OkPd8DjGdfOlD6F0Xx2xV-E5SPCHwGOAPEVYrYjKa63ZTkJ8YSuPnx9-WLKE_Nyuy4ZZpHs8QbX_a52gEfw3BGFOWPExIjFQedW6-Wq6rljEd8I3hu3QdhoDpEU_VvOvNkCqWR0iQ-jCBZiGho7uQPjXZ9_eNGfSMpjAcn10fp5H0fDLMTyd-_pGv56ZUIeRoBoloRbZg8BJemDgnsTwkJftw5-cODGfrJkqbYEUO0BFvm_ce6pnBlhLJodvjr2qVNNRDi7AIvtVWGluwJDMPNDVYXyBKaCWKBYFG7EJ2OX-Ox8Lpf1ioFja-HkuueiktebztluDvACKXGPJIeSCMNK1UZnTAJdRUNP4mKCAQXFiLZ3fyFmViI-pcmq1iurwNtIeRSAzOe1K-WyAnvb3MMMkY-rOHhMJuDLhQoAWOPSz_WFDTGdFNjTYGrYxtTKxA6B8sOQVkU58YZ6nJvvhc_1YUTpErlhq8d8m_oDx5v4RAcGVsqMiJcxi7mFT7t6lk-5NLk_AtX4qWdzOD8QNjdv57-OyHb6920LZ4NXSmPgVzk9P74m91WYmbLsvR7qvMAE08cMOnJcEuk1UhSRi_MjSwhkI0Ilh1itZETlQltYqjilssAX7hM2I0W4-pouHBEC3uM580V3K0Ng&sai=AMfl-YQUVyT96ZeVnJbjJ15lDc1wTp9iGltLoeIQIlqugV62d2xzhhL--VZKLbRJc2TM-Ecd7ZHoczk4uxpt9dwaJW0SEw-WEk3oVCzPegKzG1O0VJ_ifNOJqN76oByGfJc2X_ofyyfg4tcCR1KKfjXnrAOrye2fUNTB7GbMgq9JTQy7OlimtRNoCl6hmTWQmzq8Rtns_oYG-DTi_6KguSzMIvoZZbEwCSY61Am1NiMiEHt_EsSKxGBPE0QpyEXMG00ud9Ol_V_T_Vfo02RPgxUt-BXt&sig=Cg0ArKJSzMJFSgdf4UApEAE&uach_m=[UACH]&sdkv=h.3.535.0&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 29 Sep 2022 23:33:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 /
track.adform.net/videoad/impr/ Frame 51AF 35 B
395 B 27ms
22ms Image
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/videoad/impr/?bn=58185459;rotseqno=1;smid=0;1x1inv=1;srctype=3;unloadid=3865711560985652080;idata=t2QRBhVk0u9ZGFH2I6acz7jwzm1zAcdtb1e9sGzrPCXHu89WE0HJ1KA1qmJehcQLGGmcFGS9veUDvP-67D9Y4w2;rtbwp=YzYrMwANY4oK4D0yAASnYu_RuPlJC9GpEFMc4g;rtbdata=v4NggfA3el9De3DM6lDerJRk9zaDdpo2ftTdeQvC2U2_rUqmJ9-L_A6lzVbaIVSCtFuajlFsiUrJiF8uqoPJoDoYUiR5h1GrbD3JirrEGogMhMfG-lhwsnDDtyY5yCk2KgjYV9FskEWVCVADe0-Ai1_RNnlJtp2nAatKiwAno9ZuvHDn0LLDPhEuVWClu4ZDl7K-bzcOZwW6oXPLUGW8mjMtxjghLja8ZR0i_NG-hD1Fn-3K_ycwFgGNDC_PZjuBl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oxKVQtn-NDVMg2;videoserverside=0;videoip=-1;videoua=-1;ord=633761

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 /
track.adform.net/videoad/event/ Frame 51AF 35 B
303 B 25ms
19ms Image
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/videoad/event/?bn=58185459&event=40&time=0&banner=55562334&imprid=3865711560985652080&rnd=633761&icid=5650432848156652717&icidt=638000911881841039&rtbwp=YzYrMwANY4oK4D0yAASnYu_RuPlJC9GpEFMc4g&rtbdata=v4NggfA3el9De3DM6lDerJRk9zaDdpo2ftTdeQvC2U2_rUqmJ9-L_A6lzVbaIVSCtFuajlFsiUrJiF8uqoPJoDoYUiR5h1GrbD3JirrEGogMhMfG-lhwsnDDtyY5yCk2KgjYV9FskEWVCVADe0-Ai1_RNnlJtp2nAatKiwAno9ZuvHDn0LLDPhEuVWClu4ZDl7K-bzcOZwW6oXPLUGW8mjMtxjghLja8ZR0i_NG-hD1Fn-3K_ycwFgGNDC_PZjuBl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oxKVQtn-NDVMg2&eData=na9tOZdUlsYDxkWCZErT5J7ajRnpNj1HYaJU2uM20Nk4ciL_JUS9Pn8Ej12pCkj1vnYKVfOTquMau94oJsHc8Q2&videoserverside=0&videoip=-1&videoua=-1&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 51AF 42 B
64 B 54ms
50ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrJz-Mys2Y4rHNbL6gAfizpKQDei-mJRcoKWzyf0IwI23ARABIABgleKQgqAHggEdY2EtdmlkZW8tcHViLTc5ODM2NTEyNTc4MzgyODKgAane3uECyAEFqQIc1NWbiq-BPuACAKgDAZgEAKoE9gFP0Bi1XtQFl6zGAx5AWlDuDg8UfKSk-pCeXNcQoyE1F-GkA8rG1vjpRUb3XVa7BBsyxqvUl5dZ_X_Hggv_0McLTR5c1kD8-1TwWhdaTA6VfnsO5OJJE2-TRoHPieLwh2J7JRZ9wh6Ai9mOQJXZX0axqUv5V7SJOaSrdLJUkxZMO1WfuY4L6abzy9Acn660nZft-supxk9i4nzy0vAGFSaS1ALzZKytGvF6D9NW1bld_uDkEvrfCIIHVBXDt2yFw19VqryjEPNk3pLiryyJkkBrhtWZ4DnKsarNGuwdGMILZrdWajQUQM0G9BlSc1wVEMpZX0cB1pzgBAGABs3XwoCbr8Ku7gGgBiqoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA8gcCIAHSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&sigh=GU8KuU8OKLc&label=vast_creativeview&ad_mt=0&acvw=sv%3D936%26cb%3Dima%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D39133%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D653%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D88804007%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1664494385577%26ptlt%3D1664494388305%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1664494388215&sdkv=h.3.535.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MTE2Mjc0NDIwQIQECpoBCAESEHRyYWNrLmFkZm9ybS5uZXQaBkFkZm9ybSAEKiQxM2E0NmRkOC05NWU5LTQ1YmMtODRkOS0yYWI0OWE4MzAxNzIyCDU1NTYyMzM0OiQxM2E0NmRkOC05NWU5LTQ1YmMtODRkOS0yYWI0OWE4MzAxNzJAGFIiCOUGEBIlAAAcQigBOgd1bmtub3duQgd1bmtub3duSFVQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 51AF 42 B
64 B 251ms
74ms Image
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BUqoOMys2Y_3PM7L6gAfizpKQDbS5ladGAAAAEAEg37fwaTgBWJrDks2DBGCV4pCCoAeyARFzc2hheS1rb29wLmNvbS50croBCzY0MHgzNjBfeG1syAEF2gEZaHR0cDovL3NzaGF5LWtvb3AuY29tLnRyL5gCgRPAAgLgAgDqAiMvMjE3MjgxMjk2MjMvd2ViX2NhbmxpZG92aXpfcHJlcm9sbPgCg9IekAPIBpgDwAeoAwHQBJBO4AQB0gUGEPThu-QWkAYBoAY7qAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHyBwIgAdIIEQiA4YAQEAEYXTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=DH4A_hBTXCg&label=vast_creativeview&acvw=sv%3D936%26cb%3Dima%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D39133%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D653%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D88804007%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1664494385577%26ptlt%3D1664494388305%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1664494388215&sdkv=h.3.535.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MTE2Mjc0NDIwQIQECpoBCAESEHRyYWNrLmFkZm9ybS5uZXQaBkFkZm9ybSAEKiQxM2E0NmRkOC05NWU5LTQ1YmMtODRkOS0yYWI0OWE4MzAxNzIyCDU1NTYyMzM0OiQxM2E0NmRkOC05NWU5LTQ1YmMtODRkOS0yYWI0OWE4MzAxNzJAGFIiCOUGEBIlAAAcQigBOgd1bmtub3duQgd1bmtub3duSFVQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 51AF 42 B
64 B 78ms
74ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBFOjDi7p43clXL4nxFp8m7e8jGalBCOki8qbpwnaxzuiT8kdDT_MKkXY3KdA83dyngD1MfD8AejtTPHsAC0-ceNhFT3m2niHjIPMDbxbFx5rwNgEumCGHDQ-9rONEA5UeUaPAiw4j_6z0MHP8TNUbx47aJgjpKddf4et2hlbBuQbCYubkui4cYw&sig=Cg0ArKJSzOW0zh_vN_OSEAE&cid=CAQSOwCsnQUxWxXLjxUVwrsYhhRyuK_oigga2N9M6hfzIJpTRHKQn9ksQKv1RTGgIbqqdM4WEBxzv9k2rn5KIBM&id=lidarv&acvw=sv%3D936%26cb%3Dima%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D39133%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D653%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D88804007%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1664494385577%26ptlt%3D1664494388308%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664494388215&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
track.adform.net/videoad/event/ Frame 51AF 35 B
303 B 24ms
20ms Image
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/videoad/event/?bn=58185459&event=25&time=0&banner=55562334&imprid=3865711560985652080&rnd=633761&icid=5650432848156652717&icidt=638000911881841039&rtbwp=YzYrMwANY4oK4D0yAASnYu_RuPlJC9GpEFMc4g&rtbdata=v4NggfA3el9De3DM6lDerJRk9zaDdpo2ftTdeQvC2U2_rUqmJ9-L_A6lzVbaIVSCtFuajlFsiUrJiF8uqoPJoDoYUiR5h1GrbD3JirrEGogMhMfG-lhwsnDDtyY5yCk2KgjYV9FskEWVCVADe0-Ai1_RNnlJtp2nAatKiwAno9ZuvHDn0LLDPhEuVWClu4ZDl7K-bzcOZwW6oXPLUGW8mjMtxjghLja8ZR0i_NG-hD1Fn-3K_ycwFgGNDC_PZjuBl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oxKVQtn-NDVMg2&eData=na9tOZdUlsYDxkWCZErT5J7ajRnpNj1HYaJU2uM20Nk4ciL_JUS9Pn8Ej12pCkj1vnYKVfOTquMau94oJsHc8Q2&videoserverside=0&videoip=-1&videoua=-1&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 51AF 42 B
64 B 54ms
50ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrJz-Mys2Y4rHNbL6gAfizpKQDei-mJRcoKWzyf0IwI23ARABIABgleKQgqAHggEdY2EtdmlkZW8tcHViLTc5ODM2NTEyNTc4MzgyODKgAane3uECyAEFqQIc1NWbiq-BPuACAKgDAZgEAKoE9gFP0Bi1XtQFl6zGAx5AWlDuDg8UfKSk-pCeXNcQoyE1F-GkA8rG1vjpRUb3XVa7BBsyxqvUl5dZ_X_Hggv_0McLTR5c1kD8-1TwWhdaTA6VfnsO5OJJE2-TRoHPieLwh2J7JRZ9wh6Ai9mOQJXZX0axqUv5V7SJOaSrdLJUkxZMO1WfuY4L6abzy9Acn660nZft-supxk9i4nzy0vAGFSaS1ALzZKytGvF6D9NW1bld_uDkEvrfCIIHVBXDt2yFw19VqryjEPNk3pLiryyJkkBrhtWZ4DnKsarNGuwdGMILZrdWajQUQM0G9BlSc1wVEMpZX0cB1pzgBAGABs3XwoCbr8Ku7gGgBiqoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA8gcCIAHSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&sigh=GU8KuU8OKLc&label=part2viewed&ad_mt=0&acvw=sv%3D936%26cb%3Dima%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D39133%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D653%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D88804007%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1664494385577%26ptlt%3D1664494388309%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664494388215&sdkv=h.3.535.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MTE2Mjc0NDIwQIQECpoBCAESEHRyYWNrLmFkZm9ybS5uZXQaBkFkZm9ybSAEKiQxM2E0NmRkOC05NWU5LTQ1YmMtODRkOS0yYWI0OWE4MzAxNzIyCDU1NTYyMzM0OiQxM2E0NmRkOC05NWU5LTQ1YmMtODRkOS0yYWI0OWE4MzAxNzJAGFIiCOUGEBIlAAAcQigBOgd1bmtub3duQgd1bmtub3duSFVQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 51AF 42 B
64 B 250ms
74ms Image
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BUqoOMys2Y_3PM7L6gAfizpKQDbS5ladGAAAAEAEg37fwaTgBWJrDks2DBGCV4pCCoAeyARFzc2hheS1rb29wLmNvbS50croBCzY0MHgzNjBfeG1syAEF2gEZaHR0cDovL3NzaGF5LWtvb3AuY29tLnRyL5gCgRPAAgLgAgDqAiMvMjE3MjgxMjk2MjMvd2ViX2NhbmxpZG92aXpfcHJlcm9sbPgCg9IekAPIBpgDwAeoAwHQBJBO4AQB0gUGEPThu-QWkAYBoAY7qAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHyBwIgAdIIEQiA4YAQEAEYXTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=DH4A_hBTXCg&label=part2viewed&acvw=sv%3D936%26cb%3Dima%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D39133%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D653%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D88804007%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1664494385577%26ptlt%3D1664494388309%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664494388215&sdkv=h.3.535.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MTE2Mjc0NDIwQIQECpoBCAESEHRyYWNrLmFkZm9ybS5uZXQaBkFkZm9ybSAEKiQxM2E0NmRkOC05NWU5LTQ1YmMtODRkOS0yYWI0OWE4MzAxNzIyCDU1NTYyMzM0OiQxM2E0NmRkOC05NWU5LTQ1YmMtODRkOS0yYWI0OWE4MzAxNzJAGFIiCOUGEBIlAAAcQigBOgd1bmtub3duQgd1bmtub3duSFVQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 23:33:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
track.adform.net/videoad/event/ Frame 51AF 35 B
303 B 23ms
20ms Image
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/videoad/event/?bn=58185459&event=34&time=0&banner=55562334&imprid=3865711560985652080&rnd=633761&icid=5650432848156652717&icidt=638000911881841039&rtbwp=YzYrMwANY4oK4D0yAASnYu_RuPlJC9GpEFMc4g&rtbdata=v4NggfA3el9De3DM6lDerJRk9zaDdpo2ftTdeQvC2U2_rUqmJ9-L_A6lzVbaIVSCtFuajlFsiUrJiF8uqoPJoDoYUiR5h1GrbD3JirrEGogMhMfG-lhwsnDDtyY5yCk2KgjYV9FskEWVCVADe0-Ai1_RNnlJtp2nAatKiwAno9ZuvHDn0LLDPhEuVWClu4ZDl7K-bzcOZwW6oXPLUGW8mjMtxjghLja8ZR0i_NG-hD1Fn-3K_ycwFgGNDC_PZjuBl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oxKVQtn-NDVMg2&eData=na9tOZdUlsYDxkWCZErT5J7ajRnpNj1HYaJU2uM20Nk4ciL_JUS9Pn8Ej12pCkj1vnYKVfOTquMau94oJsHc8Q2&videoserverside=0&videoip=-1&videoua=-1&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS