www.odatv4.com Open in urlscan Pro
185.102.219.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.odatv4.com/
Effective URL:
https://www.odatv4.com/
Submission: On January 08 via api (January 8th 2024, 2:29:49 pm UTC) from US — Scanned from DE

Summary HTTP 250 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 98 IPs in 13 countries across 81 domains to perform 250 HTTP transactions. The main IP is 185.102.219.172, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is www.odatv4.com. The Cisco Umbrella rank of the primary domain is 286006.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 4th 2023. Valid for: a year.

This is the only time www.odatv4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.102.219.173 185.102.219.173	60068 (CDN77 ^_^) (CDN77 ^_^)
1	185.102.219.172 185.102.219.172	60068 (CDN77 ^_^) (CDN77 ^_^)
48	195.142.105.13 195.142.105.13	199484 (SAGLAYICI) (SAGLAYICI)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
19	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700:20:... 2606:4700:20::681a:69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	68.71.249.118 68.71.249.118	46562 (PERFORMIVE) (PERFORMIVE)
1	89.187.169.43 89.187.169.43	60068 (CDN77 ^_^) (CDN77 ^_^)
4 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	195.142.105.24 195.142.105.24	199484 (SAGLAYICI) (SAGLAYICI)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	142.132.241.141 142.132.241.141	24940 (HETZNER-AS) (HETZNER-AS)
7	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 12	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1	2a02:6b8::346 2a02:6b8::346	13238 (YANDEX) (YANDEX)
2	34.241.183.25 34.241.183.25	16509 (AMAZON-02) (AMAZON-02)
2	23.211.9.5 23.211.9.5	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.120.203.57 3.120.203.57	16509 (AMAZON-02) (AMAZON-02)
2	164.132.25.184 164.132.25.184	16276 (OVH) (OVH)
1	2607:ae80:192... 2607:ae80:192:1::173	26558 (FREEWHEEL) (FREEWHEEL)
2	18.192.184.174 18.192.184.174	16509 (AMAZON-02) (AMAZON-02)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
3 4	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
6 8	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
6 6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	54.220.142.223 54.220.142.223	16509 (AMAZON-02) (AMAZON-02)
2	92.123.17.8 92.123.17.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	99.81.243.254 99.81.243.254	16509 (AMAZON-02) (AMAZON-02)
1	52.218.109.131 52.218.109.131	16509 (AMAZON-02) (AMAZON-02)
4 5	217.79.178.236 217.79.178.236	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	91.210.226.73 91.210.226.73	48314 (IP-PROJECTS) (IP-PROJECTS)
1 1	139.162.147.24 139.162.147.24	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	52.214.179.171 52.214.179.171	16509 (AMAZON-02) (AMAZON-02)
2	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.66.192.9 18.66.192.9	16509 (AMAZON-02) (AMAZON-02)
2 3	52.16.166.255 52.16.166.255	16509 (AMAZON-02) (AMAZON-02)
2 3	54.220.146.23 54.220.146.23	16509 (AMAZON-02) (AMAZON-02)
1 1	52.208.209.23 52.208.209.23	16509 (AMAZON-02) (AMAZON-02)
2 2	52.57.164.72 52.57.164.72	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.183 216.46.185.183	13649 (ASN-FLEXE...) (ASN-FLEXENTIAL)
2	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:224... 2600:9000:2247:3e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	52.57.138.113 52.57.138.113	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:237... 2600:9000:237d:a200:5:c4ab:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:c	27630 (AS-XFERNET) (AS-XFERNET)
1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	8.2.110.161 8.2.110.161	46636 (NATCOWEB) (NATCOWEB)
2	2600:9000:20c... 2600:9000:20c3:c800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	34.239.37.162 34.239.37.162	14618 (AMAZON-AES) (AMAZON-AES)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	52.1.106.21 52.1.106.21	14618 (AMAZON-AES) (AMAZON-AES)
1	23.215.22.232 23.215.22.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.245.86.66 18.245.86.66	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f14:b4f... 2600:1f14:b4f:4b03:ac04:2015:d9fd:fbf5	16509 (AMAZON-02) (AMAZON-02)
3	54.243.150.2 54.243.150.2	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:223... 2600:9000:223f:1e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.221.168.23 88.221.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.50.131.84 23.50.131.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
1	54.228.30.154 54.228.30.154	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.196.116.41 18.196.116.41	16509 (AMAZON-02) (AMAZON-02)
1	52.1.62.209 52.1.62.209	14618 (AMAZON-AES) (AMAZON-AES)
1	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	3.127.26.122 3.127.26.122	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4280:f67c:5dbe:1df:e791	14618 (AMAZON-AES) (AMAZON-AES)
1	52.17.148.138 52.17.148.138	16509 (AMAZON-02) (AMAZON-02)
10	2600:1f18:1ac... 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.193.51 35.244.193.51	() ()
250	98

1 185.102.219.173 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-173.datapacket.com

www.odatv4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.102.219.172 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-172.datapacket.com

www.odatv4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 195.142.105.13 (Turkey)

ASN199484 (SAGLAYICI, TR)

img.odatv4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.odatv4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:69 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.bildirt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.71.249.118 (Toronto, Canada)

ASN46562 (PERFORMIVE, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.43 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-43.cdn77.com

cdn.p.analitik.bik.gov.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.142.105.24 (Turkey)

ASN199484 (SAGLAYICI, TR)

ad-cdn.bilgin.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.132.241.141 (Jena, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.141.241.132.142.clients.your-server.de

ad.bilgin.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::346 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

adfstat.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.241.183.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-183-25.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.211.9.5 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-9-5.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.203.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-203-57.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 164.132.25.184 (France)

ASN16276 (OVH, FR)
PTR: ip184.ip-164-132-25.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:192:1::173 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.184.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-184-174.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.243.51.122 (Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.51.121 (Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Loerrach, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.172.123 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.142.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-142-223.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.17.8 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-17-8.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.243.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-243-254.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.109.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.79.178.236 (Germany) 4 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm47.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.210.226.73 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.147.24 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: tags2.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.179.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-179-171.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-9.muc50.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.16.166.255 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-166-255.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.220.146.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-146-23.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.209.23 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-209-23.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.164.72 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-164-72.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.183 (Highlands Ranch, United States)

ASN13649 (ASN-FLEXENTIAL, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2247:3e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.138.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-138-113.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:237d:a200:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

bid.underdog.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:c (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.161 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cm-x.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20c3:c800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.239.37.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-37-162.compute-1.amazonaws.com

q.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.1.106.21 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-106-21.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.22.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-232.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-66.fra60.r.cloudfront.net

pix.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:b4f:4b03:ac04:2015:d9fd:fbf5 (Boardman, United States)

ASN16509 (AMAZON-02, US)

ipv6.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.243.150.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-150-2.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:1e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.50.131.84 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-84.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.30.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-30-154.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.116.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-116-41.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.62.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-62-209.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.26.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-26-122.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:f67c:5dbe:1df:e791 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.148.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-148-138.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.193.51 (None, )

ASN- ()

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	odatv4.com 1 redirects www.odatv4.com — Cisco Umbrella Rank: 286006 img.odatv4.com — Cisco Umbrella Rank: 393509 s.odatv4.com — Cisco Umbrella Rank: 482184	1 MB
21	criteo.net static.criteo.net — Cisco Umbrella Rank: 894 csm.eu.criteo.net — Cisco Umbrella Rank: 7743	117 KB
18	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 878 gum.criteo.com — Cisco Umbrella Rank: 597 mug.criteo.com — Cisco Umbrella Rank: 1867 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10138 ads.eu.criteo.com — Cisco Umbrella Rank: 7692 widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 22949 dis.criteo.com — Cisco Umbrella Rank: 943	32 KB
16	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 7751 track.adform.net — Cisco Umbrella Rank: 4333 c1.adform.net — Cisco Umbrella Rank: 1001 dmp.adform.net — Cisco Umbrella Rank: 4001 cm.adform.net — Cisco Umbrella Rank: 1664	42 KB
15	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 1190 static.adsafeprotected.com — Cisco Umbrella Rank: 988 dt.adsafeprotected.com — Cisco Umbrella Rank: 933	105 KB
12	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 338	172 KB
8	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 356 secure.adnxs.com — Cisco Umbrella Rank: 793	7 KB
7	adrta.com q.adrta.com — Cisco Umbrella Rank: 4270 pix.adrta.com — Cisco Umbrella Rank: 5547 ipv6.adrta.com — Cisco Umbrella Rank: 4539 adrta.com — Cisco Umbrella Rank: 2640	14 KB
7	semasio.net 6 redirects uipglob.semasio.net — Cisco Umbrella Rank: 2396 se.semasio.net — Cisco Umbrella Rank: 19184	4 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 17119 tags.adsafety.net — Cisco Umbrella Rank: 65746	10 KB
6	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 6227	4 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2014 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1187 www.google.com — Cisco Umbrella Rank: 6	124 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	514 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
5	udmserve.net udmserve.net — Cisco Umbrella Rank: 5687	6 KB
4	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 505	303 B
4	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1499 image8.pubmatic.com — Cisco Umbrella Rank: 1098 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766	454 B
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796 r.casalemedia.com — Cisco Umbrella Rank: 2571	2 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2266 adfstat.yandex.ru — Cisco Umbrella Rank: 16761	74 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	30 KB
3	underdog.media bid.underdog.media — Cisco Umbrella Rank: 41435	164 KB
3	gstatic.com fonts.gstatic.com	208 KB
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 313	2 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 3399	2 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 3106 load77.exelator.com — Cisco Umbrella Rank: 6128	2 KB
3	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 744 pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 7094 pixel.rubiconproject.com — Cisco Umbrella Rank: 620	692 B
3	google.de www.google.de — Cisco Umbrella Rank: 4002	622 B
3	bildirt.com cdn2.bildirt.com — Cisco Umbrella Rank: 70203	27 KB
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1945	1 KB
2	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 3028	87 B
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 731	279 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 2019 criteo-sync.teads.tv — Cisco Umbrella Rank: 3178	326 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14378	629 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 658	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 594	570 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1620	1 KB
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1173	675 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 1261	646 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2052	928 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 590	291 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004	326 B
2	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4236	470 B
2	360yield.com ad.360yield.com — Cisco Umbrella Rank: 995	397 B
2	bilgin.pro ad-cdn.bilgin.pro — Cisco Umbrella Rank: 227144 ad.bilgin.pro — Cisco Umbrella Rank: 167796	9 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140	187 KB
1	33across.com lexicon.33across.com	250 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3522	38 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3791	398 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 797	35 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 1287	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1607	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1753	882 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 9290	265 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1124	384 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 1385	319 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 2152	99 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 1093	813 B
1	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 1579	513 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1119	356 B
1	mgid.com 1 redirects cm-x.mgid.com — Cisco Umbrella Rank: 6389	561 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1696	399 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2137	9 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 129	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	6 KB
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 40489	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1035	235 B
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 3432	72 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 973	490 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 39122	443 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 19705	849 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 48841	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 3669	264 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 1419	266 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 764	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1645	344 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 958	639 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 5432	38 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 35217	457 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1219	30 KB
1	bik.gov.tr cdn.p.analitik.bik.gov.tr — Cisco Umbrella Rank: 39338
250	81

	Domain	Requested by
43	img.odatv4.com	www.odatv4.com
19	static.criteo.net	www.odatv4.com ads.eu.criteo.com static.criteo.net
10	dt.adsafeprotected.com	ads.eu.criteo.com
9	c1.adform.net	2 redirects track.adform.net c1.adform.net
7	bidder.criteo.com	static.criteo.net bid.underdog.media
6	cm.g.doubleclick.net	6 redirects
6	mc.yandex.com	3 redirects mc.yandex.ru www.odatv4.com
6	www.googletagmanager.com	www.odatv4.com www.googletagmanager.com www.google-analytics.com
5	secure.adnxs.com	4 redirects c1.adform.net
5	cm.adsafety.net	4 redirects c1.adform.net
5	udmserve.net	www.odatv4.com bid.underdog.media
5	s.odatv4.com	www.odatv4.com
4	gum.criteo.com	3 redirects static.criteo.net
4	ups.analytics.yahoo.com	www.odatv4.com ads.eu.criteo.com bid.underdog.media
4	se.semasio.net	3 redirects c1.adform.net
3	cdnjs.cloudflare.com	static.criteo.net
3	static.adsafeprotected.com	pixel.adsafeprotected.com ads.eu.criteo.com
3	adrta.com	pix.adrta.com
3	bid.underdog.media	udmserve.net bid.underdog.media
3	fonts.gstatic.com	www.odatv4.com
3	dmp.adform.net	c1.adform.net
3	dpm.demdex.net	2 redirects ads.eu.criteo.com
3	a.audrte.com	2 redirects c1.adform.net
3	ib.adnxs.com	2 redirects ads.eu.criteo.com
3	uipglob.semasio.net	3 redirects
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	www.google.de	www.odatv4.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	mc.yandex.ru	1 redirects www.odatv4.com
3	cdn2.bildirt.com	www.odatv4.com cdn2.bildirt.com
2	dis.criteo.com	ads.eu.criteo.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	pixel.adsafeprotected.com	1 redirects ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	bid.underdog.media ads.eu.criteo.com
2	q.adrta.com	bid.underdog.media q.adrta.com
2	rules.quantcount.com	secure.quantserve.com
2	e1.emxdgt.com	c1.adform.net ads.eu.criteo.com
2	eb2.3lift.com	c1.adform.net ads.eu.criteo.com
2	redirect.frontend.weborama.fr	2 redirects
2	id5-sync.com	c1.adform.net ads.eu.criteo.com
2	match.adsrvr.org	c1.adform.net bid.underdog.media
2	pm.w55c.net	2 redirects
2	simage2.pubmatic.com	c1.adform.net ads.eu.criteo.com
2	beacon.krxd.net	c1.adform.net ads.eu.criteo.com
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	c1.adform.net ads.eu.criteo.com
2	rtb-csync.smartadserver.com	c1.adform.net ads.eu.criteo.com
2	ad.yieldlab.net	c1.adform.net ads.eu.criteo.com
2	ad.360yield.com	c1.adform.net ads.eu.criteo.com
2	track.adform.net	s2.adform.net
2	www.google.com	www.odatv4.com
2	region1.google-analytics.com	www.googletagmanager.com
2	securepubads.g.doubleclick.net	www.odatv4.com securepubads.g.doubleclick.net
2	pagead2.googlesyndication.com	www.odatv4.com pagead2.googlesyndication.com
2	www.odatv4.com	1 redirects
1	lexicon.33across.com	bid.underdog.media
1	sync-criteo.ads.yieldmo.com	ads.eu.criteo.com
1	criteo-partners.tremorhub.com	ads.eu.criteo.com
1	match.sharethrough.com	ads.eu.criteo.com
1	sync.outbrain.com	ads.eu.criteo.com
1	jadserve.postrelease.com	ads.eu.criteo.com
1	exchange.mediavine.com	ads.eu.criteo.com
1	matching.ivitrack.com	ads.eu.criteo.com
1	r.casalemedia.com	ads.eu.criteo.com
1	visitor.omnitagjs.com	ads.eu.criteo.com
1	cm.adform.net	ads.eu.criteo.com
1	hb.yahoo.net	ads.eu.criteo.com
1	criteo-sync.teads.tv	ads.eu.criteo.com
1	sync-t1.taboola.com	ads.eu.criteo.com
1	pixel.rubiconproject.com	ads.eu.criteo.com
1	contextual.media.net	ads.eu.criteo.com
1	widget.nl3.eu.criteo.com	ads.eu.criteo.com
1	ipv6.adrta.com	pix.adrta.com
1	pix.adrta.com	q.adrta.com
1	servedby.flashtalking.com	ads.eu.criteo.com
1	ads.eu.criteo.com	www.odatv4.com
1	hbopenbid.pubmatic.com	bid.underdog.media
1	prebid.a-mo.net	bid.underdog.media
1	mug.criteo.com
1	cm-x.mgid.com	1 redirects
1	pixel-us-west.rubiconproject.com	www.odatv4.com
1	sync.go.sonobi.com	www.odatv4.com
1	ssum-sec.casalemedia.com	1 redirects
1	image8.pubmatic.com	www.odatv4.com
1	secure.quantserve.com	udmserve.net
1	lh3.googleusercontent.com	www.odatv4.com
1	fonts.googleapis.com
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	tags.adsafety.net	1 redirects
1	ads.smartstream.tv	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	adfstat.yandex.ru	www.odatv4.com
1	server.seadform.net	www.odatv4.com
1	ad.bilgin.pro	ad-cdn.bilgin.pro
1	code.jquery.com	ad-cdn.bilgin.pro
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	s2.adform.net	www.odatv4.com
1	ad-cdn.bilgin.pro	www.odatv4.com
1	cdn.p.analitik.bik.gov.tr	www.odatv4.com
250	118

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
apps.apple.com
play.google.com
bilgin.pro

Subject Issuer	Validity	Valid
*.odatv4.com AlphaSSL CA - SHA256 - G4	`2023-09-04` - `2024-10-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
bildirt.com E1	`2023-12-02` - `2024-03-01`	3 months	crt.sh
udmserve.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.p.analitik.bik.gov.tr RapidSSL TLS RSA CA G1	`2023-05-08` - `2024-05-07`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.bilgin.pro AlphaSSL CA - SHA256 - G4	`2023-05-16` - `2024-06-16`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
adfstat.yandex.ru GlobalSign RSA OV SSL CA 2018	`2023-08-03` - `2024-01-31`	6 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ib-ibi.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-21` - `2024-04-02`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
underdog.media DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-29` - `2024-04-28`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.a-mo.net R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.adrta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-07` - `2024-07-23`	a year	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
itm.ivitrack.com R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-11-27` - `2024-02-25`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.odatv4.com/
Frame ID: ED3B0C4B57486D0F60A9F818882A1DCC
Requests: 125 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 392A3BF339B1F239C2BEB3E7E69E96CE
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 7046E1FB65623AB3B889E68F65626196
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Frame ID: 34CC875E96F60BA7A66C96F181F72808
Requests: 41 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.odatv4.com
Frame ID: EC3592B37594E7A46A21E444B78C4F5E
Requests: 2 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=19147;tid=1;dt=7;p=1;rri=1704724184632_064674_81.95.5.43;mid=48163;zzz=%5B48163%2C1704724184%2C%22JoEke%2FS6EJO66GgiDZd1Qg%22%5D;version=v2.23.3;cb=0.1823880615327096;qqq=29.33088479107097;session=1;style=slider;vis=visible;traffic_info=%7B%7D;gdprApplies=true;consentGiven=false;consentData=undefined
Frame ID: 6EED732B3A8156D191B5DFC2D82307DE
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Frame ID: 91995DD8DBFFC682DA35B68C2735804D
Requests: 24 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=164173&cb=659c06d910623ade7ae7393d6e569e48&r=https%3a%2f%2fwww.odatv4.com%2f&crossorigin=false
Frame ID: 9B8624C4F0E89D79101B25E9CB9A7423
Requests: 1 HTTP requests in this frame

Frame: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/main.html
Frame ID: 46C6187905DA55773987EA011085DF3B
Requests: 13 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qHBcKhIBS-1t1N6txSdfjxiQQ37EtqclKV_65A&google_gid=CAESEOnAkTr5lzCo7Un8NzenDlQ&google_cver=1&google_ula=913071,0
Frame ID: 82B21DE514936B12D530253884D08CC2
Requests: 30 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0A8339A5B25B7822AFD8F57C629D1C22
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ODATV - Haberler, Son Dakika Haberleri ve Güncel Haberler

Page URL History Show full URLs

http://www.odatv4.com/ HTTP 301
https://www.odatv4.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

250
Requests

90 %
HTTPS

31 %
IPv6

81
Domains

118
Subdomains

98
IPs

13
Countries

3400 kB
Transfer

7129 kB
Size

111
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/odatv

Search URL Search Domain Scan URL

URL: https://twitter.com/odatv

Search URL Search Domain Scan URL

URL: https://www.instagram.com/odatvresmi

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCV8cU-Vdj1Cra6a2Eqco7EQ

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/odatv-mobil/id917422876

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.odatv.app&hl=tr

Search URL Search Domain Scan URL

URL: https://bilgin.pro/tr
Title: Bilgin Pro

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@OdatvResmi
Title: Odatv’yi YouTube’ta Takip Et

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.odatv4.com/ HTTP 301
https://www.odatv4.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10242.r1QLgYq-h5jSkLIaGVSZETcCP6sBjHt3KpY7YcttP5ij2szPNy1tM3uA5SxpvLxX.xMVoPYksHRJlWVbZCLNzdOGj94U%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10242.tBKKmeSYIUxsrNLrxx9f3bg6rewNdNDSSrf6WFM-tnAVuunDS3E1G-am2GhzMv-AIYX5OOwqFL6VucGbRSiB2FYHX0Z5dlqsXs929t-PnDNsusYPyusbI3cncW-J-uaP1qAgWbaRCGXdEQR_0MBawYQazxJOTR3_mKDU-RMGhHBlJV176M2tYHRTghkxP6GWHM-3Y-RfA5oGfJp1efvP1Dg74MXhyjOVQJ03eSyhblo%2C.Mzuo0_dIDhV-Nq8U-hyKp_ofMCc%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10242.YOwv4bdJxw0SKFJigwhHq_0g3TNZ1hah74LUMwEJnJ58ovrI_kcvrc0b9fnF1W1naBmWVqdwwmzPbanAvssS1C0GjNWksXj81dVfh7phO2IUD3s_8zE9uVSvT3gZHtOPEJmd_8N0UhWMcJkEQSph7P7-7CuOHyZbMPTm1o6gTFEIVD-dGtxfnM3axYGthk8YA0m3uQVMVX3NDx-M8KWVSQ%2C%2C.ucXs-O79lZFulJu0VpS8Asmr2jk%2C

Request Chain 109

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6279209723220086910&expiration=1705933784 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6279209723220086910&expiration=1705933784&C=1

Request Chain 110

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6279209723220086910&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6279209723220086910&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=6279209723220086910&gdpr=&sInitiator=external HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7321734619008858264&sInitiator=internal&gdpr= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=3867303732981223083&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=ODdCNDdFRjhENURCMkE5RQ&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEH7uGhPkhOasyodKnRC0iHU&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEH7uGhPkhOasyodKnRC0iHU&sInitiator=internal&google_cver=1&gdpr=

Request Chain 112

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6279209723220086910 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6279209723220086910&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 117

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 118

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=6279209723220086910 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120240108143ef06884a2052357509&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=72a899c5b077491d3f92177c6b6f1ef8&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMDgxNDNlZjA2ODg0YTIwNTIzNTc1MDk&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEIgwChFhfv2byYm1RlGDX7E&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM120240108143ef06884a2052357509&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=72a899c5b077491d3f92177c6b6f1ef8 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120240108143ef06884a2052357509 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6279209723220086910

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjI3OTIwOTcyMzIyMDA4NjkxMA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NjI3OTIwOTcyMzIyMDA4NjkxMA&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED4fz_vHuI2IjF1drXLL_Wo&google_cver=1&google_ula=1641347,0

Request Chain 122

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=3867303732981223083&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=6279209723220086910

Request Chain 125

https://a.audrte.com/a?adform_uid=6279209723220086910 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmhhZ3FSNVZvZ2RRTmF6Qm5ZUTRUNmo1dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 126

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6279209723220086910&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6279209723220086910&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=24893392784105999452940283051924063602&noredirect=1

Request Chain 127

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6279209723220086910 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=220133204755002252501

Request Chain 128

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7321734619008858264

Request Chain 130

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=nnxU2nTP1RmQDn5

Request Chain 134

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2694670161 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=izAG2.9WrEOw.jcXKuIfZ.

Request Chain 149

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.50708634 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.50708634 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;apnid=3867303732981223083;cb=0.50708634

Request Chain 151

https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.50708634%3Bindx%3D HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.50708634;indx=ZZwG2F_2A31fJEP77iJZRAAAFCkAAAAB

Request Chain 155

https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;mgid=f5985c12-4a4b-415c-9853-01ffb390cdff

Request Chain 156

https://mc.yandex.com/watch/85990523?wmode=7&page-url=https%3A%2F%2Fwww.odatv4.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A501221099784%3Ahid%3A767857476%3Az%3A60%3Ai%3A20240108152944%3Aet%3A1704724184%3Ac%3A1%3Arn%3A217445165%3Arqn%3A1%3Au%3A1704724184136030921%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C15%2C223%2C49%2C44%2C0%2C%2C423%2C2%2C%2C%2C%2C800%3Aco%3A0%3Acpf%3A1%3Ans%3A1704724183338%3Agi%3AR0ExLjIuNTYxNDEyMjIyLjE3MDQ3MjQxODQ%3D%3Afp%3A785%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704724185%3At%3AODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&t=gdpr(14)clc(0-0-0)mtb(0)rqnt(1)aw(1)rcm(1)pe(1)cs(kccbe)efid(1)ti(1) HTTP 302
https://mc.yandex.com/watch/85990523/1?wmode=7&page-url=https%3A%2F%2Fwww.odatv4.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A501221099784%3Ahid%3A767857476%3Az%3A60%3Ai%3A20240108152944%3Aet%3A1704724184%3Ac%3A1%3Arn%3A217445165%3Arqn%3A1%3Au%3A1704724184136030921%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C15%2C223%2C49%2C44%2C0%2C%2C423%2C2%2C%2C%2C%2C800%3Aco%3A0%3Acpf%3A1%3Ans%3A1704724183338%3Agi%3AR0ExLjIuNTYxNDEyMjIyLjE3MDQ3MjQxODQ%3D%3Afp%3A785%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704724185%3At%3AODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&t=gdpr%2814%29clc%280-0-0%29mtb%280%29rqnt%281%29aw%281%29rcm%281%29pe%281%29cs%28kccbe%29efid%281%29ti%281%29

Request Chain 162

https://gum.criteo.com/sid/json?origin=publishertag&domain=odatv4.com&sn=ChromeSyncframe&so=0&topUrl=www.odatv4.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=AaVQlXxHaURsMVlsbGptYXI4Q1JuVzlkRDFndWhTODFXTzZGT28xakV3UGhsd2tqWDk0ZXpFbDN0NDcvRlJ6KzFZMXNDcWVaWmkzOFM2bGdOeDRYNE1DL1dHTkt1TGdudVN3R2gzUzgvZFVUbkxHemlmM1lrN3hMTWptcXJEUU4rWFR3eklKR1FRbEplMWhHWFluT3ZGRGJ6TnBUUzlRdHNsNndqSmU3ZWdaWWNnWSt0SEh2NTBTZC85eU9FK25aTjNPby9rV1AyWVFkYmI4LzFrK2c4NDQwZjNiYmZHUVM1N2dLcVZoZ3BDeGc2cG43SHBzdWlPLy9HbzhVVExscEZoMGRyWVJGeXVETC8vQWhSMjJoOUdidzFPUT09fA&cppv=2

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qHBcKhIBS-1t1N6txSdfjxiQQ37EtqclKV_65A&google_cm&google_hm=ay1xSEJjS2hJQlMtMXQxTjZ0eFNkZmp4aVFRMzdFdHFjbEtWXzY1QQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qHBcKhIBS-1t1N6txSdfjxiQQ37EtqclKV_65A&google_gid=CAESEOnAkTr5lzCo7Un8NzenDlQ&google_cver=1&google_ula=913071,0

Request Chain 193

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3867303732981223083

Request Chain 205

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=PkXhRG92kcqBCljFdjllcVRXQAEUnM-A

Request Chain 218

https://pixel.adsafeprotected.com/rfw/st/1278201/71854792/skeleton.js?adsafe_url=https%3A%2F%2Fwww.odatv4.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.odatv4.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fads.eu.criteo.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fads.eu.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fu%3D%257CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%252Ff76ws%253D%257C%26c1%3D0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w&adsafe_type=d&adsafe_jsinfo=,id:8b8da6b9-e608-6c13-11b7-557ab422f273,c:IHKVH,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7949887ccd-cd4lm,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:sky1,mtim:136,mot:0,app:0,maw:0,fm:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,fm2:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,idMap:181*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:159,oid:5f8bd044-ae32-11ee-91e3-e2c97e90e09f,v:19.8.466,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 233

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=mKLN8ZkD-_bjjNBIvonpCXf-9uzX2VrQ

250 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.odatv4.com/
Redirect Chain

http://www.odatv4.com/
https://www.odatv4.com/

247 KB
47 KB

239ms
223ms

Document
text/html

185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 2de97ab1e52e910ecd1f4cfde42731c97434a9485e27d165e65f5046ee50ca59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
allow: GET, HEAD, POST
cache-control: max-age=30
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 14:29:43 GMT
pragma: no-cache
server: MerlinCDN
vary: Accept-Encoding
via: HTTP/2.0 Merlin CDN
x-cache-status: EXPIRED
x-edge: de-fra-dp-s03
x-lb-cache: HIT
x-merlin-platform: desktop
x-midtier: nl-naw-ws-s08
x-platform: desktop

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Mon, 08 Jan 2024 14:29:43 GMT
Location: https://www.odatv4.com/
Server: MerlinCDN
Via: HTTP/1.1 Merlin CDN
X-Edge: de-fra-dp-s01

GET
H2 200 toplu-ulasima-zam-taksi-metrobus-minubus-metro-ucreti-aylik-abonman-ne-kadar-oldu-taksiciler-ukomeye-saldirdi-r6ml.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/08/ 122 KB
122 KB 451ms
75ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/08/toplu-ulasima-zam-taksi-metrobus-minubus-metro-ucreti-aylik-abonman-ne-kadar-oldu-taksiciler-ukomeye-saldirdi-r6ml.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: a26c21a6f7829290ccc04356b8f79326b43cc8688af44cf9b7e434d4f1cc1130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="toplu-ulasima-zam-taksi-metrobus-minubus-metro-ucreti-aylik-abonman-ne-kadar-oldu-taksiciler-ukomeye-saldirdi-r6ml.webp"
content-length: 124428
x-request-id: 4xbzImlOnm6gDo3hEU-fM
x-rocket-cachestatus: HIT

GET
H2 200 home.css
s.odatv4.com/assets/web/css/pages/ 23 KB
7 KB 414ms
38ms Stylesheet
text/css 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to

Full URL: https://s.odatv4.com/assets/web/css/pages/home.css?id=3c812161dc9e5b485e68ec6f588b0fc6
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 87c433bb7e62f40cfcdf4015678e9e6ed606a95fd4f9ab2d6fd79d9e4caf9610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: gzip
expires: Wed, 07 Feb 2024 14:29:44 GMT
last-modified: Sun, 07 Jan 2024 13:19:43 GMT
server: nginx
x-rocket-node: edge125.ist.tr.eu.rocketcdn.com
etag: W/"659aa4ef-5b6b"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-mastercachestatus: HIT

GET
H2 200 app.js Show response
s.odatv4.com/assets/web/js/ 22 KB
5 KB 45ms
40ms Script
application/javascript 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to

Full URL: https://s.odatv4.com/assets/web/js/app.js?id=467473b7883e5e8e0f99de098df48029
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 7641f878b43499fe0704b8000d27907fc76647c093dbb267fee9d7db1e27ad3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: gzip
expires: Wed, 07 Feb 2024 14:29:44 GMT
last-modified: Sat, 06 Jan 2024 12:30:31 GMT
server: nginx
x-rocket-node: edge125.ist.tr.eu.rocketcdn.com
etag: W/"659947e7-57f5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-mastercachestatus: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 83ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3263801491371855

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86a18d009ea8cc9e71ef5996c1eab7bfc7972dcb7e8760f9930e2b10b1e9219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.odatv4.com/
Origin: https://www.odatv4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51545
x-xss-protection: 0
server: cafe
etag: 12596122842742985189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 14:29:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
95 KB 60ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LCBC0RGKV6

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17329acd2ee5bae535ba4f21005aa2e15a6d7f2dbec2faa9d79da30ed0f1cbd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 14:29:44 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
29 KB 122ms
95ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfa99958d30e8cdc100875027a34077c7482839938668fd27fa6d52ae0172737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29513
x-xss-protection: 0
server: cafe
etag: 556 / 19730 / m202401020101 / config-hash: 2844392480231871313
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 14:29:44 GMT

GET
H2 200 publishertag.standalone.js Show response
static.criteo.net/js/ld/ 99 KB
32 KB 66ms
34ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.standalone.js

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

54c7380da8a90ba7c759dd2abff86a7aee3cb45064f88b713509ff096da76acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 12:38:38 GMT
server: nginx
etag: W/"6596a6ce-18b87"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 09 Jan 2024 14:29:44 GMT

GET
H2 200 BildirtSDKfiles.js Show response
cdn2.bildirt.com/ 75 KB
24 KB 60ms
30ms Script
application/javascript 2606:4700:20::681a:69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.bildirt.com/BildirtSDKfiles.js
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d8190bfa19f15fe8be6193f282e1560038fd666ea060dc3c57bce4e7958ddb2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 Oct 2023 22:58:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2318
etag: W/"653457ab-12c93"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psGmQ7PJL2lMTByVf7aVJPh0Sx3IHU%2B0nlMUzpm%2FeKWBa%2BVQKfjx5pkFlPP4KaAwd4%2B4HjXNDw%2Bp9xIk1CBjhMi8iInClsRIxw6UQMw%2B5gU56nd9UuYbJ2ACXIuuLLsB5G%2BZTDlmy3t5qUPFxf8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 84252266cd6665a4-FRA

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 14 KB
4 KB 622ms
157ms Script
application/x-javascript 68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=19147;tid=1;dt=6;
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: 8eea26c938c0ff40eb8b5473235d625ba8aef8a8fd7afba9cf25ede95c7be979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 14:29:44 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Type: application/x-javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Expires: 0

GET
H2 200 logo.svg
s.odatv4.com/assets/web/images/ 61 KB
43 KB 44ms
41ms Image
image/svg+xml 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.odatv4.com/assets/web/images/logo.svg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 3fc01193dba3746d46bcd6098785c8e111eacee7182525c666744393281a8b0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: gzip
expires: Wed, 07 Feb 2024 14:29:44 GMT
last-modified: Sat, 06 Jan 2024 12:30:31 GMT
server: nginx
x-rocket-node: edge125.ist.tr.eu.rocketcdn.com
etag: W/"659947e7-f20b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-mastercachestatus: HIT

GET
H2 200 ukomeden-velilere-kotu-haber-okul-servis-ucretlerine-zam-nn1j.jpg
img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2024/01/08/ 33 KB
33 KB 450ms
75ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2024/01/08/ukomeden-velilere-kotu-haber-okul-servis-ucretlerine-zam-nn1j.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: c253e550f1335f58c68aad7934de9ec5b9f777003541efb755beb7d4732cb1bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="ukomeden-velilere-kotu-haber-okul-servis-ucretlerine-zam-nn1j.webp"
content-length: 33582
x-request-id: AXnsBkAq8wiISl-l9msWk
x-rocket-cachestatus: HIT

GET
H2 200 iyi-parti-kararini-acikladi-adanaya-neden-ayyuce-turkes-5eli.jpg
img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2024/01/08/ 34 KB
34 KB 450ms
75ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2024/01/08/iyi-parti-kararini-acikladi-adanaya-neden-ayyuce-turkes-5eli.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: d2a16e14cd9f81aa0d59d4307b51cdbf090a8dc956b0d78a542f7953f8681bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="iyi-parti-kararini-acikladi-adanaya-neden-ayyuce-turkes-5eli.webp"
content-length: 34824
x-request-id: BNkvz-nT6rBq3TaycMjd0
x-rocket-cachestatus: HIT

GET
H2 200 salondan-mi-cikarildi-metin-kulunk-odatvye-acikladi-jhkm.jpg
img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2024/01/08/ 28 KB
29 KB 229ms
225ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2024/01/08/salondan-mi-cikarildi-metin-kulunk-odatvye-acikladi-jhkm.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 013f9b51aa652689e9d1dfb834e90709b951119aa3b339dc3560ce2b125afce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="salondan-mi-cikarildi-metin-kulunk-odatvye-acikladi-jhkm.webp"
content-length: 28918
x-request-id: WMqSkCRWYh0WpCU_OfFH0
x-rocket-cachestatus: HIT

GET
H2 200 murat-kurum-secim-startini-eyup-sultan-caminde-verdi-dvu8.jpg
img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2024/01/08/ 26 KB
26 KB 230ms
225ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h270q95gc/storage/files/images/2024/01/08/murat-kurum-secim-startini-eyup-sultan-caminde-verdi-dvu8.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 1afa0aadf028a885232fbc74f67ed905507811cd203c4f1e71c1dec7de2e2e2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="murat-kurum-secim-startini-eyup-sultan-caminde-verdi-dvu8.webp"
content-length: 26634
x-request-id: KhtjH4lCXJTKz0Lyj_zZO
x-rocket-cachestatus: HIT

GET
H2 200 iyi-parti-istanbul-ve-ankara-adaylarini-ne-zaman-aciklayacak-bgxx.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/ 14 KB
14 KB 230ms
225ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/iyi-parti-istanbul-ve-ankara-adaylarini-ne-zaman-aciklayacak-bgxx.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 01b4d4d583a5ce9c43e6a66929f828858c061b8ec26281f7c993ff4505fae76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="iyi-parti-istanbul-ve-ankara-adaylarini-ne-zaman-aciklayacak-bgxx.webp"
content-length: 13834
x-request-id: brParU3bbQ7xmDZvunaiw
x-rocket-cachestatus: HIT

GET
H2 200 israil-savunma-bakanindan-beyrut-tehdidi-gazzedeki-yikimi-tasiriz-kiql.png
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/ 13 KB
13 KB 229ms
226ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/israil-savunma-bakanindan-beyrut-tehdidi-gazzedeki-yikimi-tasiriz-kiql.png
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 403ad7880942459e2effb03f53cb113909178fba3eb52755c65cc35e3213bbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="israil-savunma-bakanindan-beyrut-tehdidi-gazzedeki-yikimi-tasiriz-kiql.webp"
content-length: 13174
x-request-id: MjEkb2omAQ6xQ8yr0Zi9O
x-rocket-cachestatus: HIT

GET
H2 200 bedas-duyurdu-istanbulda-elektrik-kesintisi-yasanacak-ilceler-ve-sokaklar-ksgw.png
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/ 16 KB
17 KB 229ms
226ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/bedas-duyurdu-istanbulda-elektrik-kesintisi-yasanacak-ilceler-ve-sokaklar-ksgw.png

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

147ddcd09b547a588faf17bc6ff40089b06a94d9b2ba86b149fbc0fbe7daaa90

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="bedas-duyurdu-istanbulda-elektrik-kesintisi-yasanacak-ilceler-ve-sokaklar-ksgw.webp"
content-length: 16748
x-request-id: GONBSuMm5hiIAhrLUhvXT
x-rocket-cachestatus: HIT

GET
H2 200 malatyada-44-buyuklugunde-deprem-mkbh.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/ 20 KB
21 KB 229ms
226ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/malatyada-44-buyuklugunde-deprem-mkbh.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 2a28ed1f4416225983bca622c48d25607fd8e531123f9f88d674a59eff773c97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="malatyada-44-buyuklugunde-deprem-mkbh.webp"
content-length: 20666
x-request-id: hHKXnqqZ9yl-E1KVgzaaN
x-rocket-cachestatus: HIT

GET
H2 200 konyada-lise-ogrencisine-cinsel-istismar-davasinda-karar-81wy.png
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/ 18 KB
18 KB 229ms
226ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/konyada-lise-ogrencisine-cinsel-istismar-davasinda-karar-81wy.png
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 9c09092ff303a939ee4da310d09221e28b4c5a3417e367e7382d41709ba67aef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="konyada-lise-ogrencisine-cinsel-istismar-davasinda-karar-81wy.webp"
content-length: 18092
x-request-id: qRw8EmQMBkisN4kkd5ZdJ
x-rocket-cachestatus: HIT

GET
H2 200 yeniden-refah-partisinden-cumhur-ittifakina-soguk-dus-1hwe.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/ 30 KB
30 KB 229ms
226ms Image
image/jpeg 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/yeniden-refah-partisinden-cumhur-ittifakina-soguk-dus-1hwe.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: a453da48ab21d90cfa466ae28ce0d6625f5221d73abd105e89d93c0757af1699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman
content-disposition: inline; filename="yeniden-refah-partisinden-cumhur-ittifakina-soguk-dus-1hwe.jpg"
content-length: 30289
x-request-id: uzhzVlU61FeTJgh_l1a_T
x-rocket-cachestatus: HIT

GET
H2 200 ucagin-ucan-kapisi-sonunda-bulundu-vl9x.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/ 15 KB
15 KB 229ms
227ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/ucagin-ucan-kapisi-sonunda-bulundu-vl9x.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 8591120e67a7619cb23657685570668872d131df42ae8803aae70e1554dc7870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="ucagin-ucan-kapisi-sonunda-bulundu-vl9x.webp"
content-length: 14884
x-request-id: BV40oa5eWVDofhGCMoB5S
x-rocket-cachestatus: HIT

GET
H2 200 trumptan-macron-taklidi-fvll.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/ 14 KB
14 KB 232ms
229ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/trumptan-macron-taklidi-fvll.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 81df2a2172aed2eae0f5f367d9ccf4e26787eb94590afc26fb08ff2b336f9aa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="trumptan-macron-taklidi-fvll.webp"
content-length: 14418
x-request-id: FaE5tBgOen2h23r9oZ_G6
x-rocket-cachestatus: HIT

GET
H2 200 manisa-kulada-vinc-operatoru-feci-sekilde-can-verdi-kiqx.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/ 25 KB
25 KB 232ms
229ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/manisa-kulada-vinc-operatoru-feci-sekilde-can-verdi-kiqx.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

69c421224393b20f42cdda7a8e83bf055fc756ae1c41e424d9e21f41bb4d4c9e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="manisa-kulada-vinc-operatoru-feci-sekilde-can-verdi-kiqx.webp"
content-length: 25510
x-request-id: MC4xHF3Pa7nCx88bnl61Q
x-rocket-cachestatus: HIT

GET
H2 200 memleket-partisi-genel-baskani-muharrem-inceden-murat-kurum-yorumu-wbhb.jpg
img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/ 9 KB
10 KB 232ms
230ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw270h152q95gc/storage/files/images/2024/01/08/memleket-partisi-genel-baskani-muharrem-inceden-murat-kurum-yorumu-wbhb.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 9579c6186697769c28ed3b615a5043736dc5fc0f8568907e9913fa1ddbf3d0c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="memleket-partisi-genel-baskani-muharrem-inceden-murat-kurum-yorumu-wbhb.webp"
content-length: 9630
x-request-id: w2PP2TzFHBQ5TBx0AiPh7
x-rocket-cachestatus: HIT

GET
H2 200 eglence-mekaninda-olayli-gece-nejat-isler-inanc-konukcuya-yumruk-atti-birce-akalay-basini-duvara-vurdu-ds4l.jpg
img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2024/01/08/ 6 KB
6 KB 232ms
230ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2024/01/08/eglence-mekaninda-olayli-gece-nejat-isler-inanc-konukcuya-yumruk-atti-birce-akalay-basini-duvara-vurdu-ds4l.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: d879dd0724fc22cb29a83a3ab14958e0227b014d723a5e642b937be7355502f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="eglence-mekaninda-olayli-gece-nejat-isler-inanc-konukcuya-yumruk-atti-birce-akalay-basini-duvara-vurdu-ds4l.webp"
content-length: 6034
x-request-id: _d2lVtoLlYPlhwxzUiE-W
x-rocket-cachestatus: HIT

GET
H2 200 kapicilar-kralinin-ibrahimini-tanimak-imkansiz-kemal-sunalin-oglunu-oynayan-soner-yagizi-gorenler-taniyamadi-xpuc.jpg
img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2024/01/08/ 6 KB
6 KB 232ms
230ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2024/01/08/kapicilar-kralinin-ibrahimini-tanimak-imkansiz-kemal-sunalin-oglunu-oynayan-soner-yagizi-gorenler-taniyamadi-xpuc.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 3cc5f7fef70ac33402d2ef7b4c7ea9743e4539fd7ebed4883f54aadea90ee9b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="kapicilar-kralinin-ibrahimini-tanimak-imkansiz-kemal-sunalin-oglunu-oynayan-soner-yagizi-gorenler-taniyamadi-xpuc.webp"
content-length: 5682
x-request-id: 9GA9zI3b6t8rU4-vfSbqT
x-rocket-cachestatus: HIT

GET
H2 200 umit-davala-anlatti-muslera-maas-yatmazsa-oynamam-dedi-fatih-terim-ne-yapti-v9hm.jpg
img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2024/01/08/ 4 KB
5 KB 232ms
230ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2024/01/08/umit-davala-anlatti-muslera-maas-yatmazsa-oynamam-dedi-fatih-terim-ne-yapti-v9hm.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: ad4d32e88e9be320ada86f388a0af16271a201529e4a16ea048036136881550d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="umit-davala-anlatti-muslera-maas-yatmazsa-oynamam-dedi-fatih-terim-ne-yapti-v9hm.webp"
content-length: 4382
x-request-id: ycNMvheKe3RWurD5owDCF
x-rocket-cachestatus: HIT

GET
H2 200 zahide-yetisin-programina-katilan-sihirbaz-ozgur-capkinlikta-yakalandi-bahaneleri-sasirtti-pelerinimi-unuttugum-icin-bornoz-giymistim-0zbz.jpg
img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2024/01/08/ 6 KB
6 KB 232ms
230ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2024/01/08/zahide-yetisin-programina-katilan-sihirbaz-ozgur-capkinlikta-yakalandi-bahaneleri-sasirtti-pelerinimi-unuttugum-icin-bornoz-giymistim-0zbz.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: b15e0d3608fa2999da7afa1a1867abeb6a9e77f23749b540cb5bd220a5126089

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="zahide-yetisin-programina-katilan-sihirbaz-ozgur-capkinlikta-yakalandi-bahaneleri-sasirtti-pelerinimi-unuttugum-icin-bornoz-giymistim-0zbz.webp"
content-length: 5758
x-request-id: uZfI4wyPCjkoqm7HzAUe0
x-rocket-cachestatus: HIT

GET
H2 200 geleneksel-pantolonsuz-metro-gunu-kutlandi-wgww.jpg
img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2024/01/08/ 6 KB
7 KB 232ms
230ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2024/01/08/geleneksel-pantolonsuz-metro-gunu-kutlandi-wgww.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 9c83c58245feda2ec01ff69d59bdb3e19e2e54fb5947d033c2d16355371eea97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="geleneksel-pantolonsuz-metro-gunu-kutlandi-wgww.webp"
content-length: 6350
x-request-id: 1PLrYsEzuwQ_9aeq9ss7w
x-rocket-cachestatus: HIT

GET
H2 200 dunya-guzellerim-masada-programinda-bulent-ersoy-ve-safiye-soyman-sasirdi-taklitci-kezban-dedigi-kylie-jennera-tepki-banu-alkan-ile-kendini-yaratti-n0rj.jpg
img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2024/01/08/ 6 KB
7 KB 232ms
230ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw110h82q95gc/storage/files/images/2024/01/08/dunya-guzellerim-masada-programinda-bulent-ersoy-ve-safiye-soyman-sasirdi-taklitci-kezban-dedigi-kylie-jennera-tepki-banu-alkan-ile-kendini-yaratti-n0rj.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

e4f2a9786f403ddfbefe8626d44a482f87169041950c2b8884a686f10c6e5602

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="dunya-guzellerim-masada-programinda-bulent-ersoy-ve-safiye-soyman-sasirdi-taklitci-kezban-dedigi-kylie-jennera-tepki-banu-alkan-ile-kendini-yaratti-n0rj.webp"
content-length: 6320
x-request-id: fn7gi5nbRs8dh6Iy7aXMZ
x-rocket-cachestatus: HIT

GET
H2 200 home.js Show response
s.odatv4.com/assets/web/js/pages/ 79 KB
26 KB 111ms
109ms Script
application/javascript 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to

Full URL: https://s.odatv4.com/assets/web/js/pages/home.js?id=5ce643781b1be5288fe91a694dbdc7a0
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 1826a350c731f9556d3b5709c082e53caf1581ebd94ee860a32c919dd392923c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: gzip
expires: Wed, 07 Feb 2024 14:29:44 GMT
last-modified: Sun, 07 Jan 2024 13:19:43 GMT
server: nginx
x-rocket-node: edge125.ist.tr.eu.rocketcdn.com
etag: W/"659aa4ef-13ad5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-mastercachestatus: HIT

GET
H2 504 tracker1.js
cdn.p.analitik.bik.gov.tr/ 0
0 56ms
11ms Script
text/html 89.187.169.43
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-43.cdn77.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 208 KB
73 KB 255ms
129ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3b43adc4bb1104e13a1e0644c0aedbc64a57b7fca1ecfcc67188b1957dd1c087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-11fae"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 73646
expires: Mon, 08 Jan 2024 15:29:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
75 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MTJ33LH

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90ca3828c6ecb2fa89de59f195b51d9e4f87b385bad085daea25430fb0f442b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76168
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jan 2024 14:29:44 GMT

GET
H2 200 ad-3.0.9.lazy.beta.min.js Show response
ad-cdn.bilgin.pro/app/ 24 KB
9 KB 285ms
47ms Script
application/javascript 195.142.105.24
SAGLAYICI

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.bilgin.pro/app/ad-3.0.9.lazy.beta.min.js?v=1
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.24 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: bbdb6233272d7b44024a33dd82124282e9e6b0e99184e2051866b75a2a17bac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: gzip
x-rocket-mastercachestatus: HIT
last-modified: Tue, 22 Aug 2023 08:30:50 GMT
server: nginx
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
etag: W/"64e4723a-60c7"
vary: Accept-Encoding
content-type: application/javascript
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
expires: Wed, 07 Feb 2024 14:29:44 GMT

GET
H2 200 logo-white.svg
s.odatv4.com/assets/web/images/ 27 KB
21 KB 112ms
109ms Image
image/svg+xml 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.odatv4.com/assets/web/images/logo-white.svg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: caaee48c36c85aeb82c99b4ef24be6bfec39bdbaae300e7788777f84f7451f06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: gzip
expires: Wed, 07 Feb 2024 14:29:44 GMT
last-modified: Sat, 06 Jan 2024 12:30:31 GMT
server: nginx
x-rocket-node: edge125.ist.tr.eu.rocketcdn.com
etag: W/"659947e7-6b23"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-mastercachestatus: MISS

GET
H2 200 fox-adini-degistiriyor-suudiler-bu-isin-neresinde-qivc.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/06/ 103 KB
104 KB 214ms
211ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/06/fox-adini-degistiriyor-suudiler-bu-isin-neresinde-qivc.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 71e7913dd43b05d0cee1c8c0c9d87558b55efe31d6e768d840d1ef5211b9672d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="fox-adini-degistiriyor-suudiler-bu-isin-neresinde-qivc.webp"
content-length: 105830
x-request-id: IGhk9y-h1g4og2FFGQbCN
x-rocket-cachestatus: HIT

GET
H2 200 vincenzo-montelladan-fenerbahce-ziyareti-uv0z.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 19 KB
19 KB 214ms
211ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/vincenzo-montelladan-fenerbahce-ziyareti-uv0z.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 4c4ef6213a148afd82b68c2b1306595f0d12bd41bd45d8305cf08d19bb545df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="vincenzo-montelladan-fenerbahce-ziyareti-uv0z.webp"
content-length: 19214
x-request-id: hWuw3NhGoIV1O8zRpwjTU
x-rocket-cachestatus: HIT

GET
H2 200 geert-wilders-islam-yasagi-onerisini-geri-cekti-hvwe.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 9 KB
9 KB 255ms
252ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/geert-wilders-islam-yasagi-onerisini-geri-cekti-hvwe.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: e7a207f4b097c4399dfc80e9381e35ce7df9db2c97f57ac2ec92f964044bb7c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="geert-wilders-islam-yasagi-onerisini-geri-cekti-hvwe.webp"
content-length: 9232
x-request-id: 5EumEmTFjOR28ubuEF3SB
x-rocket-cachestatus: HIT

GET
H2 200 hadise-murat-bozda-neye-bakti-28-saniye-olay-oldu-hhtu.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 18 KB
18 KB 255ms
252ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/hadise-murat-bozda-neye-bakti-28-saniye-olay-oldu-hhtu.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 80fec52519cc438c59845fe0bcee9800fad9c58d3fbc265b1f5f43268744aeba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="hadise-murat-bozda-neye-bakti-28-saniye-olay-oldu-hhtu.webp"
content-length: 18386
x-request-id: zUmMa-95lO5ZW5lTb57HC
x-rocket-cachestatus: HIT

GET
H2 200 antalyada-kar-yollari-kapatti-yaylada-mahsur-kaldilar-jju2.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 21 KB
22 KB 255ms
253ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/antalyada-kar-yollari-kapatti-yaylada-mahsur-kaldilar-jju2.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: a521498d9b4a6a6564c82c2c0f1066834b6522e99280e21a74f519f08386e52d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="antalyada-kar-yollari-kapatti-yaylada-mahsur-kaldilar-jju2.webp"
content-length: 21914
x-request-id: 1rhENG9Uh-pYv1eAQ-8p1
x-rocket-cachestatus: HIT

GET
H2 200 ozlem-zengin-odatvnin-bakisi-dogru-davaci-olduk-kim-bu-1-milyon-dolarlik-gazeteci-fjqn.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/06/ 78 KB
79 KB 255ms
253ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/06/ozlem-zengin-odatvnin-bakisi-dogru-davaci-olduk-kim-bu-1-milyon-dolarlik-gazeteci-fjqn.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: da9105dc0dbb37ef858857270f14ea43d31006063b9eeaf014d00726b53db11f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="ozlem-zengin-odatvnin-bakisi-dogru-davaci-olduk-kim-bu-1-milyon-dolarlik-gazeteci-fjqn.webp"
content-length: 79990
x-request-id: 3eT1pLuKq-RDVUB1vYQ_J
x-rocket-cachestatus: HIT

GET
H2 200 otopark-fiyatlari-ne-kadar-oldu-et2t.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 29 KB
29 KB 255ms
253ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/otopark-fiyatlari-ne-kadar-oldu-et2t.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 330fa0d3e8c6b779d1cd0097b0d33f2e05f28d440a48b033e6caa50b91adf1ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="otopark-fiyatlari-ne-kadar-oldu-et2t.webp"
content-length: 29822
x-request-id: P7aQ9e75MuUQAHnsY-QrY
x-rocket-cachestatus: HIT

GET
H2 200 rusya-saldiriya-gecti-ukrayna-aerobalistik-fuzelerle-vuruldu-fpxi.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 12 KB
12 KB 255ms
253ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/rusya-saldiriya-gecti-ukrayna-aerobalistik-fuzelerle-vuruldu-fpxi.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

531a5959818566e3b9ef2e30841ae80bd5071835433441dbdac25463e9523263

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="rusya-saldiriya-gecti-ukrayna-aerobalistik-fuzelerle-vuruldu-fpxi.webp"
content-length: 11962
x-request-id: kR5EOHB893qxEKX-zfU1y
x-rocket-cachestatus: HIT

GET
H2 200 ispanyada-grip-vakalari-artti-maske-zorunlulugu-geri-dondu-sl05.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 11 KB
11 KB 255ms
253ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ispanyada-grip-vakalari-artti-maske-zorunlulugu-geri-dondu-sl05.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 9195d4b0755c8322c6d6c23429009e013f46fb56ce0567e24ea1f57d6cf87495

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="ispanyada-grip-vakalari-artti-maske-zorunlulugu-geri-dondu-sl05.webp"
content-length: 11114
x-request-id: ID0VcD7osBc9fz4p283ZC
x-rocket-cachestatus: HIT

GET
H2 200 istanbulda-domuzlar-cep-telefonuyla-goruntulendi-d4sr.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 6 KB
6 KB 255ms
254ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/istanbulda-domuzlar-cep-telefonuyla-goruntulendi-d4sr.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 30d2e3097fe47790d1f609e119e11473d39d220fca977f954370a36f1ad90408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="istanbulda-domuzlar-cep-telefonuyla-goruntulendi-d4sr.webp"
content-length: 5636
x-request-id: xZ1JIgDSpV0X2Z5eKXPg5
x-rocket-cachestatus: HIT

GET
H2 200 odatv-yine-son-noktayi-koyuyor-erdoganin-listesindeki-baskan-adaylari-jhyl.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/06/ 94 KB
94 KB 256ms
254ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/06/odatv-yine-son-noktayi-koyuyor-erdoganin-listesindeki-baskan-adaylari-jhyl.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: cd31c847d6dafaedffaed40114e7603a8d930ea4822854f6b3d9a7fce24d7eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="odatv-yine-son-noktayi-koyuyor-erdoganin-listesindeki-baskan-adaylari-jhyl.webp"
content-length: 96300
x-request-id: vmxpu1z4Vpg-G5co-itQX
x-rocket-cachestatus: HIT

GET
H2 200 kpss-ile-bazi-kamu-kurum-ve-kuruluslarinin-kadrolarina-yerlestirme-sonuclari-aciklandi-nlr7.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 24 KB
24 KB 256ms
254ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/kpss-ile-bazi-kamu-kurum-ve-kuruluslarinin-kadrolarina-yerlestirme-sonuclari-aciklandi-nlr7.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 27305ed26f0a10bce4bac3a9e3246e32bc0ef86caf400439aa9605fe43541523

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="kpss-ile-bazi-kamu-kurum-ve-kuruluslarinin-kadrolarina-yerlestirme-sonuclari-aciklandi-nlr7.webp"
content-length: 24076
x-request-id: -UUvMGmMr-Dipf8IBT6Km
x-rocket-cachestatus: HIT

GET
H2 200 lpgli-tankerden-gaz-sizintisi-meydana-geldi-ankarada-yurekleri-agza-getiren-olay-d9yw.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 27 KB
27 KB 256ms
254ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/lpgli-tankerden-gaz-sizintisi-meydana-geldi-ankarada-yurekleri-agza-getiren-olay-d9yw.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 3175bc71431ecc79777022b199307abd8163b928a75734d2a32735512942fb63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="lpgli-tankerden-gaz-sizintisi-meydana-geldi-ankarada-yurekleri-agza-getiren-olay-d9yw.webp"
content-length: 27318
x-request-id: vE_bEu7IoJ-qRXOhT07ii
x-rocket-cachestatus: HIT

GET
H2 200 irlandadan-bodruma-gelen-ucaginda-sarhos-bir-yolcu-kendisini-uyaran-turk-yolcuya-saldirdi-c9zk.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 17 KB
18 KB 256ms
254ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/irlandadan-bodruma-gelen-ucaginda-sarhos-bir-yolcu-kendisini-uyaran-turk-yolcuya-saldirdi-c9zk.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: b775254240e867c5898d714593ba61ac60181000f92c72585af9a61d75bb45dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="irlandadan-bodruma-gelen-ucaginda-sarhos-bir-yolcu-kendisini-uyaran-turk-yolcuya-saldirdi-c9zk.webp"
content-length: 17726
x-request-id: rzaD_Ug7bPs9mvHg_TTu0
x-rocket-cachestatus: HIT

GET
H2 200 abdli-bakan-yardimcisindan-israil-itirafi-p81w.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 31 KB
31 KB 256ms
254ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/abdli-bakan-yardimcisindan-israil-itirafi-p81w.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 525e2bb75aaf6bf8faa37553903e8460f97a379f5e882d0b4d30fe7b163952f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="abdli-bakan-yardimcisindan-israil-itirafi-p81w.webp"
content-length: 31664
x-request-id: UM_oXOmqZSwrj9YSbNPDH
x-rocket-cachestatus: HIT

GET
H2 200 turkiye-odatvnin-haberini-konusacak-emeklilere-kotu-haber-gozler-cumhurbaskani-erdoganda-emeklilerin-seyyanen-zam-ve-refah-payi-talebi-ux6y.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/06/ 101 KB
101 KB 256ms
255ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/06/turkiye-odatvnin-haberini-konusacak-emeklilere-kotu-haber-gozler-cumhurbaskani-erdoganda-emeklilerin-seyyanen-zam-ve-refah-payi-talebi-ux6y.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 0dc204da098b4b171bbd3c419435e6e7c4bb377344b159c3dd91ba5aa5facdfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="turkiye-odatvnin-haberini-konusacak-emeklilere-kotu-haber-gozler-cumhurbaskani-erdoganda-emeklilerin-seyyanen-zam-ve-refah-payi-talebi-ux6y.webp"
content-length: 102944
x-request-id: QgZa8koTjvxwG5vVMxTcS
x-rocket-cachestatus: HIT

GET
H2 200 fenerbahcede-istanbulspor-maci-hazirliklari-basladi-r36q.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/03/ 29 KB
30 KB 256ms
255ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/03/fenerbahcede-istanbulspor-maci-hazirliklari-basladi-r36q.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

9b63e64e05be954b114550f2273839d52190b7a276334f8978a20bb71bdf347e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="fenerbahcede-istanbulspor-maci-hazirliklari-basladi-r36q.webp"
content-length: 29896
x-request-id: kMBqUJqpnjR3Dkz6ixZqz
x-rocket-cachestatus: HIT

GET
H2 200 hizbullah-israil-saldirisinin-sonuclarini-dogruladi-be0r.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 9 KB
10 KB 256ms
255ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/hizbullah-israil-saldirisinin-sonuclarini-dogruladi-be0r.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 914aa604be5d12a6e51c98707f37efc8ecad94a274f7b9923740fbb2ac404c0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="hizbullah-israil-saldirisinin-sonuclarini-dogruladi-be0r.webp"
content-length: 9568
x-request-id: RkGOg7BRMXHoee3nUEYvH
x-rocket-cachestatus: HIT

GET
H2 200 gazzede-video-ceken-israilli-komedyene-tepki-insan-yakmak-icin-firin-ijut.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 19 KB
19 KB 256ms
255ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/gazzede-video-ceken-israilli-komedyene-tepki-insan-yakmak-icin-firin-ijut.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

54284af1b31c9452f5794d4352f27be697b7284621c48df2bc980beae4ee89d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="gazzede-video-ceken-israilli-komedyene-tepki-insan-yakmak-icin-firin-ijut.webp"
content-length: 19188
x-request-id: lD7iAAICfMMaEFWDzxaoC
x-rocket-cachestatus: HIT

GET
H2 200 geri-donusum-tesisi-alev-alev-yandi-t4xb.jpg
img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/ 29 KB
30 KB 256ms
255ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw320h180q95gc/storage/files/images/2024/01/08/geri-donusum-tesisi-alev-alev-yandi-t4xb.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 7519a00aabedef1aa4169f4a6432c01c9e5f367e96828eaddece89efb0bf2d2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="geri-donusum-tesisi-alev-alev-yandi-t4xb.webp"
content-length: 30112
x-request-id: 5SJdWcfJBoTv8y7JjqRtS
x-rocket-cachestatus: HIT

GET
H2 200 Config-sw.js Show response
cdn2.bildirt.com/ 6 KB
2 KB 62ms
33ms Fetch
application/json 2606:4700:20::681a:69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.bildirt.com/Config-sw.js?uygulamaid=9538-9076-9206-3919-8871-6
Requested by: Host: cdn2.bildirt.com
URL: https://cdn2.bildirt.com/BildirtSDKfiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: b04a6c4eb3d2cc4a3ab426c10c44ee28fdf0fd545039a645f4c1798f5d1512c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33, PleskLin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtC1fGh%2Bflp2L4ALFS8p6buH0wDB4gyfeK%2FEpO78HOjgi%2BIza8n0LbthNrWQDm9PYqKx2KUZ5DXY8zuDVmwWeBCMsk6zLnPPt3VOSbZwV%2BAAq06rzZCZ%2Foirln9C%2FAklvKHiDNeesAdEiusj2eI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset: UTF-8
access-control-allow-origin: *
cf-ray: 84252267396f2c32-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
86 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P3X8GHNT5P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTJ33LH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98684e6967aaa1452b641cf86f1a0a3797f7f2459d4d35c68f4cc3b0d7f288c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87884
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 14:29:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTJ33LH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jan 2024 13:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2487
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 08 Jan 2024 15:48:17 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 190ms
72ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000007146e0b4837b0e1c-00646c8ee1-3295d04c-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
94 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LCBC0RGKV6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTJ33LH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bdab78761610f3b51e6b02e20ad2ae275c855a3bcd0de3ef89efdbfdb0b48128

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96229
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 14:29:44 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 403 KB
136 KB 119ms
82ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3263801491371855&plah=www.odatv4.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3263801491371855

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4342562d584c88ee7622ddcb4067d620e1efcb5781f281f3085364f0ce161147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139427
x-xss-protection: 0
server: cafe
etag: 14279656174232273047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 14:29:44 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/ Frame 392A 9 KB
4 KB 71ms
24ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3263801491371855

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.odatv4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 00:27:00 GMT
etag: 9219409622527106327
expires: Mon, 22 Jan 2024 00:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2957967-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCBC0RGKV6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4bf8f24dfa15d03ed91c96ea95a5d57c46a6403612ab276460cad7f66e317a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69860
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jan 2024 14:29:44 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 79ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LCBC0RGKV6&gtm=45je4130v870390465&_p=1704724184089&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=561412222.1704724184&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704724184&sct=1&seg=0&dl=https%3A%2F%2Fwww.odatv4.com%2F&dt=ODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=904
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCBC0RGKV6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 103ms
35ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LCBC0RGKV6&cid=561412222.1704724184&gtm=45je4130v870390465&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCBC0RGKV6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 99ms
50ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LCBC0RGKV6&cid=561412222.1704724184&gtm=45je4130v870390465&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=291869313

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sosyal-medya-unlusu-meteoroloji-uzmani-icin-harekete-gecildi-6rjy.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/08/ 86 KB
86 KB 151ms
151ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/08/sosyal-medya-unlusu-meteoroloji-uzmani-icin-harekete-gecildi-6rjy.jpg

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),

Reverse DNS

Software

nginx /

Resource Hash

514cf8050df26c0008c57cafa7fab28886149ff46c360f626a8754ab05a4db38

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
content-security-policy: script-src 'none'
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="sosyal-medya-unlusu-meteoroloji-uzmani-icin-harekete-gecildi-6rjy.webp"
content-length: 88022
x-request-id: ZiUFZ1V3BCZMGzoyqhjS2
x-rocket-cachestatus: HIT

GET
H2 200 bizimkiler-dizisinde-zeytinyagi-kotulemesi-pdtt.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/03/ 94 KB
95 KB 151ms
151ms Image
image/webp 195.142.105.13
SAGLAYICI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/03/bizimkiler-dizisinde-zeytinyagi-kotulemesi-pdtt.jpg
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.13 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: d9fd85ea825efddfa1b8cf0afae1c2cb8d7da9ff89f0ffea212349a2daf1503e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 14:29:44 GMT
date: Mon, 08 Jan 2024 14:29:44 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: nginx
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-rcman: NewOne, rcman.webp
content-disposition: inline; filename="bizimkiler-dizisinde-zeytinyagi-kotulemesi-pdtt.webp"
content-length: 96534
x-request-id: seYueEDcOgym_E5swBeTd
x-rocket-cachestatus: HIT

GET
H2 200 bell.png
cdn2.bildirt.com/images/ 1 KB
1 KB 30ms
30ms Image
image/png 2606:4700:20::681a:69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.bildirt.com/images/bell.png
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 23d968342a52b86e5f3bba69ab439e051c1447c1ea8655135c2e014bb8c6c887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6165
x-powered-by: PleskLin
content-length: 1155
last-modified: Sat, 21 Oct 2023 22:58:51 GMT
server: cloudflare
etag: "653457ab-483"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FVwqQ6m9K9P2RFyQbsLAPCUvuziP0zBr3U0O3MerQyHgrlHg%2FM7KxhpqgpikXhygx%2FLAPxn68avQ%2FOS6lD1NEOZYdRqS7HeRfwKsxYO7a88fiLd%2FB7jQQd9KTdIeS2vv6h8Kuc5alIlPQRRJ0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 84252267ae0665a4-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:50:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2349
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 07 Jan 2025 13:50:35 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P3X8GHNT5P&gtm=45je4130v873431896z8859010942&_p=1704724184089&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=561412222.1704724184&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704724184&sct=1&seg=0&dl=https%3A%2F%2Fwww.odatv4.com%2F&dt=ODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&en=page_view&_fv=1&_ss=1&tfd=954
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P3X8GHNT5P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
222 B 30ms
30ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1525324055&t=pageview&_s=1&dl=https%3A%2F%2Fwww.odatv4.com%2F&ul=en-us&de=UTF-8&dt=ODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1073417008&gjid=1659075343&cid=561412222.1704724184&tid=UA-2957967-2&_gid=1934810134.1704724184&_r=1&_slc=1&gtm=45He4130n81MTJ33LHv859010942&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=985266670

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1695bb295ba2a947f017855bfd9ac29b52fa9646e8b7005aebab71b04c1d2ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 28ms
28ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1525324055&t=pageview&_s=1&dl=https%3A%2F%2Fwww.odatv4.com%2F&ul=en-us&de=UTF-8&dt=ODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=571622619&gjid=1932852270&cid=561412222.1704724184&tid=UA-2957967-2&_gid=1934810134.1704724184&_r=1&gtm=457e4130z8870390465&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1633562506

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 34ms
34ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2957967-2&cid=561412222.1704724184&jid=1073417008&gjid=1659075343&_gid=1934810134.1704724184&_u=YADAAEAAAAAAACAAI~&z=1920568158

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 08 Jan 2024 14:29:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 291 KB
96 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LCBC0RGKV6&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a8ae12f388dd71fa7e1beb5ae60cc13d22d650759e43cb699dc5681f811b016d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98037
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 14:29:44 GMT

GET
H2 200 75046542 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 120ms
62ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/75046542?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef3e32e0c964c7edd30e1df1ae75b1922ceacdb6b3e84b7f5d64782c4dec585b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-qx2OMkAb56cFJa9RDbXszQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-qx2OMkAb56cFJa9RDbXszQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 33ms
32ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2957967-2&cid=561412222.1704724184&jid=571622619&gjid=1932852270&_gid=1934810134.1704724184&_u=aADAAUABAAAAACAAI~&z=1331043900

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 08 Jan 2024 14:29:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 136ms
95ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2957967-2&cid=561412222.1704724184&jid=1073417008&_u=YADAAEAAAAAAACAAI~&z=283182849

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
46ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2957967-2&cid=561412222.1704724184&jid=1073417008&_u=YADAAEAAAAAAACAAI~&z=283182849

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 67ms
50ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2957967-2&cid=561412222.1704724184&jid=571622619&_u=aADAAUABAAAAACAAI~&z=843961628

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 39ms
39ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2957967-2&cid=561412222.1704724184&jid=571622619&_u=aADAAUABAAAAACAAI~&z=843961628

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 830 B
1 KB 140ms
27ms Script
text/javascript 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2616896&ADFPageName=Odatv_TumSayfalar&ADFdivider=%7C&ord=984979953166&ADFtpmode=2&itm=eyJzdjEiOiJodHRwczovL3d3dy5vZGF0djQuY29tLyIsInN2MiI6Imh0dHBzOi8vd3d3Lm9kYXR2NC5jb20vIn0&loc=https%3A%2F%2Fwww.odatv4.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

821b586cfd2d8e439b41fc825d0fb17a134de6c7476a9bb22fb6f587ea7d25eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 543
expires: -1

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 79ms
22ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.9.lazy.beta.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4121567
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230062-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704724184.495261,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4, 288313

POST
H2 200 load Show response
ad.bilgin.pro/ 929 B
490 B 97ms
32ms XHR
text/html 142.132.241.141
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.bilgin.pro/load
Requested by: Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.9.lazy.beta.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.241.141 Jena, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.141.241.132.142.clients.your-server.de
Software: nginx /
Resource Hash: b52c296434874bc4a8345c41d72ae465968f2a4423013cd5126efbd154937478

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 08 Jan 2024 14:29:44 GMT
cache-control: no-cache
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame 7046 2 KB
1 KB 65ms
65ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7df4ad4c074a08da990fb11d3a0ef15eeed691e2791acc040342e0a79ea06370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.odatv4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 801
content-type: text/html
date: Mon, 08 Jan 2024 14:29:44 GMT
etag: "65898a2e-321"
expires: Mon, 08 Jan 2024 15:29:44 GMT
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
475 B 64ms
63ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65898a2e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 08 Jan 2024 15:29:44 GMT

GET
H2 200 AGSKWxU03-8IfqNJ_itPzdI3ibsVQy-TxgD3qFW8z2kZkVAEXpgDCTlqQWdGJ_fCVZWGt2qljDT35hygPtBxATRh8UXtCNl1FEIGnBvNSWTM6AlqPN4sEcrrjl-baRfDecwYdBH71GdsKw== Show response
fundingchoicesmessages.google.com/f/ 417 KB
62 KB 140ms
138ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU03-8IfqNJ_itPzdI3ibsVQy-TxgD3qFW8z2kZkVAEXpgDCTlqQWdGJ_fCVZWGt2qljDT35hygPtBxATRh8UXtCNl1FEIGnBvNSWTM6AlqPN4sEcrrjl-baRfDecwYdBH71GdsKw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0NzI0MTg0LDUyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cub2RhdHY0LmNvbS8iLG51bGwsW1s4LCJvT1NlcEhseHhkRSJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.oOSepHlxxdE.es5.O/am=wA/d=1/rs=AJlcJMzoy8xC_CHSqEJNfzPFRV-yZblHMg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1539b900431cb00eacc53aae5e8f42ed9a0542a59cd209467725f37070b31f35

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0wd4HtQlgyhiukO4VfYbsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-0wd4HtQlgyhiukO4VfYbsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 68ms
18ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=147&profileId=184&cb=37740287152

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 82ms
32ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=147&profileId=184&cb=57938096102

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Mon, 08 Jan 2024 14:29:43 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 65ms
19ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=147&profileId=184&cb=11616795258

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/ Frame 7046
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10242.r1QLgYq-h5jSkLIaGVSZETcCP6sBjHt3KpY7YcttP5ij2szPNy1tM3uA5SxpvLxX.xMVoPYksHRJlWVbZCLNzdOGj94U%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10242.tBKKmeSYIUxsrNLrxx9f3bg6rewNdNDSSrf6WFM-tnAVuunDS3E1G-am2GhzMv-AIYX5OOwqFL6VucGbRSiB2FYHX0Z5dlqsXs929t-PnDNsusYPyusbI3cncW-J-uaP1qAgWbaRCG...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10242.YOwv4bdJxw0SKFJigwhHq_0g3TNZ1hah74LUMwEJnJ58ovrI_kcvrc0b9fnF1W1naBmWVqdwwmzPbanAvssS1C0GjNWksXj81dVfh7phO2IUD...

43 B
612 B

56ms
56ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10242.YOwv4bdJxw0SKFJigwhHq_0g3TNZ1hah74LUMwEJnJ58ovrI_kcvrc0b9fnF1W1naBmWVqdwwmzPbanAvssS1C0GjNWksXj81dVfh7phO2IUD3s_8zE9uVSvT3gZHtOPEJmd_8N0UhWMcJkEQSph7P7-7CuOHyZbMPTm1o6gTFEIVD-dGtxfnM3axYGthk8YA0m3uQVMVX3NDx-M8KWVSQ%2C%2C.ucXs-O79lZFulJu0VpS8Asmr2jk%2C

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mc.yandex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10242.YOwv4bdJxw0SKFJigwhHq_0g3TNZ1hah74LUMwEJnJ58ovrI_kcvrc0b9fnF1W1naBmWVqdwwmzPbanAvssS1C0GjNWksXj81dVfh7phO2IUD3s_8zE9uVSvT3gZHtOPEJmd_8N0UhWMcJkEQSph7P7-7CuOHyZbMPTm1o6gTFEIVD-dGtxfnM3axYGthk8YA0m3uQVMVX3NDx-M8KWVSQ%2C%2C.ucXs-O79lZFulJu0VpS8Asmr2jk%2C
date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 844 B
1 KB 22ms
22ms Script
text/javascript 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2616896&ADFPageName=Odatv_TumSayfalar&ADFdivider=%7C&ord=984979953166&ADFtpmode=2&itm=eyJzdjEiOiJodHRwczovL3d3dy5vZGF0djQuY29tLyIsInN2MiI6Imh0dHBzOi8vd3d3Lm9kYXR2NC5jb20vIn0&loc=https%3A%2F%2Fwww.odatv4.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=7411118454595256587

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4669a239505750efea97a33c4ee1afdebaeb9b05f64169b9f28c684d9f442586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 684
expires: -1

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 34CC 4 KB
2 KB 84ms
23ms Document
text/html 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505

Requested by

Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2616896&ADFPageName=Odatv_TumSayfalar&ADFdivider=%7C&ord=984979953166&ADFtpmode=2&itm=eyJzdjEiOiJodHRwczovL3d3dy5vZGF0djQuY29tLyIsInN2MiI6Imh0dHBzOi8vd3d3Lm9kYXR2NC5jb20vIn0&loc=https%3A%2F%2Fwww.odatv4.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=7411118454595256587

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1ff078dc125f619bff818f7ce165e62f1f833f81ed0e06cd943ce9ba456a9833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.odatv4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 14:29:44 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
457 B 90ms
24ms Image
image/gif 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=6279209723220086910&stamp=-f0dtwfX6jMDvP-67D9Y4w2

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H/1.1 200
OK metrica
adfstat.yandex.ru/ Frame 7046 0
0 183ms
47ms Image
application/json 2a02:6b8::346
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adfstat.yandex.ru/metrica?id=767857476
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::346 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mc.yandex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 14ms
14ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 15ms
14ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 02 Jan 2025 14:29:44 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 13ms
13ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 02 Jan 2025 14:29:44 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 13ms
13ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Mon, 08 Jan 2024 14:29:43 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 14ms
14ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 plf
c1.adform.net/imatch/ Frame 34CC 0
384 B 24ms
24ms Image
text/plain 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame 34CC 43 B
199 B 176ms
36ms Image
image/gif 34.241.183.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6279209723220086910&Expiration=1705933784
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.183.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-183-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 Jan 2024 14:29:44 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 34CC 0
235 B 76ms
38ms Image
text/plain 23.211.9.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.9.5 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-9-5.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 14:29:44 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 07 Jan 2024 14:29:44 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 34CC 0
214 B 59ms
10ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame 34CC 0
38 B 49ms
15ms Image
text/plain 3.120.203.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6279209723220086910&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.203.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-203-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-length: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 34CC 43 B
163 B 161ms
25ms Image
image/gif 164.132.25.184
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=6279209723220086910&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 164.132.25.184 , France, ASN16276 (OVH, FR),
Reverse DNS: ip184.ip-164-132-25.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 34CC 43 B
639 B 90ms
16ms Image
image/gif 2607:ae80:192:1::173
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2607:ae80:192:1::173 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 14:29:44 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1704724184666078-423

GET
H2 200 sync
x.bidswitch.net/ Frame 34CC 43 B
146 B 48ms
11ms Image
image/gif 18.192.184.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.184.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-184-174.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 34CC
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6279209723220086910&expiration=1705933784
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6279209723220086910&expiration=1705933784&C=1

43 B
341 B

44ms
44ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6279209723220086910&expiration=1705933784&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20T1ssXLtU0xDQp1MpIwbyjxn1ZvAOx%2FvwK2ioMpYY1%2FmTBN1vJM6eKoeCGsYX%2B2NpvTOrBnVt5k5liZGstwZusIjO%2BZUYVW%2FUpJfoq22pqIDkKefWwZLj9Z2js7g7dP01KNzx2GBrYH%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8425226ae99e6ae8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBRejhVw7z9snvvXaMLcyxqgL3iOzwIsrVYY%2Fi2PGBGNFjZcVFhQQKN0Gf8PnWhfHZZXlSXjiyrliuYlEDF9VEWWNaHybBtZOOyY902mNquARpDeweWp17O8uPWM2l5tuoTFQOwBvQoabw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=6279209723220086910&expiration=1705933784&C=1
cache-control: no-cache
cf-ray: 8425226a69316ae8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

12092831
se.semasio.net/sync/1/ Frame 34CC
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6279209723220086910&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6279209723220086910&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=6279209723220086910&gdpr=&sInitiator=external
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/647471?sExtCookieId=7321734619008858264&sInitiator=internal&gdpr=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=3867303732981223083&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=ODdCNDdFRjhENURCMkE5RQ&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEH7uGhPkhOasyodKnRC0iHU&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEH7uGhPkhOasyodKnRC0iHU&sInitiator=internal&google_cver=1&gdpr=

0
415 B

54ms
54ms

Image
text/plain

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEH7uGhPkhOasyodKnRC0iHU&sInitiator=internal&google_cver=1&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:52 GMT
uip-status: Ok
frontend-id: 03
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:52 GMT
frontend-id: 8
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEH7uGhPkhOasyodKnRC0iHU&sInitiator=internal&google_cver=1&gdpr=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 34CC 0
344 B 52ms
8ms Image
text/plain 3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=6279209723220086910&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 14:29:44 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 34CC
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6279209723220086910
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6279209723220086910&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
464 B

118ms
20ms

Image
image/gif

2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 08 Jan 2024 14:29:45 GMT
x-age-lb: 150882
x-amz-request-id: tx00000490ac5aaa044b44d-0065909fa8-5134150-nyc
x-77-cache: HIT
x-accel-date: 1704573303
content-length: 43
x-77-nzt: A8O1rw43Nzf/Yk0CACUTwjE3Nzexz9PUZg+uJwA
x-accel-expires: @1705487436
x-77-age: 150882
x-cache-lb: HIT
last-modified: Sat, 30 Dec 2023 22:32:08 GMT
server: CDN77-Turbo
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray: 908339309fc1d3a4d9069c65b16d9e0c
content-type: image/gif
x-rgw-object-type: Normal
accept-ranges: bytes

Redirect headers

date: Mon, 08 Jan 2024 14:29:45 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame 34CC 0
98 B 44ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6279209723220086910/gdpr=/ Frame 34CC 49 B
266 B 109ms
34ms Image
image/gif 54.220.142.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6279209723220086910/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.142.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-142-223.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.21.238
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 34CC 62 B
218 B 221ms
158ms Image
image/gif 92.123.17.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.17.8 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-17-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 08 Jan 2024 14:29:44 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 34CC 43 B
264 B 68ms
26ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 34CC
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

193ms
44ms

Image
image/gif

52.218.109.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: HTTP/1.1
Server: 52.218.109.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 14:29:46 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: XZ68P9VBRSJNNZFC
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: kzm181yUoyJuYUdyciEN+q1f8D7yXJA/rJjBMC2sSy75k0ksBYdb9fR+1k736eYvwA2KvQkdBnU=

Redirect headers

X-Error-Reason: Missing UserId
Date: Mon, 08 Jan 2024 14:29:44 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 34CC
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=6279209723220086910
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120240108143ef06884a2052357509&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=72a899c5b077491d3f92177c6b6f1ef8&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMDgxNDNlZjA2ODg0YTIwNTIzNTc1MDk&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEIgwChFhfv2byYm1RlGDX7E&gdpr_consent=&gdpr=0&google_cver=1
https://tags.adsafety.net/v1/cm?cm_uid=CM120240108143ef06884a2052357509&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=72a899c5b077491d3f92177c6b6f1ef8
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120240108143ef06884a2052357509
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6279209723220086910

43 B
2 KB

49ms
49ms

Image
image/gif

217.79.178.236
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: HTTP/1.1
Server: 217.79.178.236 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: cm47.as.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 14:29:45 GMT
Last-Modified: Mon, 08 Jan 2024 14:29:45 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6279209723220086910
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 34CC 0
338 B 96ms
28ms Image
text/plain 52.214.179.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.179.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-179-171.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: beacon-n009-dub-prod.krxd.net
date: Mon, 08 Jan 2024 14:29:44 GMT
cache-control: private, no-cache, no-store
x-request-time: D=48 t=1704724184
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 34CC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjI3OTIwOTcyMzIyMDA4NjkxMA
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NjI3OTIwOTcyMzIyMDA4NjkxMA&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED4fz_vHuI2IjF1drXLL_Wo&google_cver=1&google_ula=1641347,0

35 B
599 B

28ms
27ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED4fz_vHuI2IjF1drXLL_Wo&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED4fz_vHuI2IjF1drXLL_Wo&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 34CC 0
384 B 27ms
24ms Image
text/plain 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

setuid
secure.adnxs.com/ Frame 34CC
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=3867303732981223083&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=6279209723220086910

43 B
997 B

8ms
8ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=6279209723220086910

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
an-x-request-uuid: 7fa4263e-d3cf-4a21-8635-23122b3aa061
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.43; 81.95.5.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=6279209723220086910
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 34CC 0
225 B 67ms
13ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 08 Jan 2024 14:29:44 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 34CC 43 B
443 B 42ms
8ms Image
image/gif 18.66.192.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-9.muc50.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 13:59:16 GMT
Via: 1.1 29473aa9cc185f2a037ec3a7e2ffd74c.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: MUC50-P1
Age: 1828
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: lRxL-Soz6QJ06-fmT0RLd3qg3USG2wDz7s7ViHimNEjgZhSmv0WZVA==

GET
H/1.1

200

p
a.audrte.com/ Frame 34CC
Redirect Chain

https://a.audrte.com/a?adform_uid=6279209723220086910
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmhhZ3FSNVZvZ2RRTmF6Qm5ZUTRUNmo1dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

38ms
38ms

Image
image/png

52.16.166.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: HTTP/1.1
Server: 52.16.166.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-166-255.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 14:29:45 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Mon, 08 Jan 2024 14:29:45 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 34CC
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6279209723220086910&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6279209723220086910&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=24893392784105999452940283051924063602&noredirect=1

35 B
599 B

57ms
57ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=24893392784105999452940283051924063602&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-irl1-2-v054-0d743c645.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 08 Jan 2024 14:29:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: ekMOXg1nRWA=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=24893392784105999452940283051924063602&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 34CC
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6279209723220086910
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=220133204755002252501

35 B
590 B

56ms
56ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=220133204755002252501

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=220133204755002252501
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 34CC
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7321734619008858264

35 B
599 B

41ms
26ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7321734619008858264

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7321734619008858264
Date: Mon, 08 Jan 2024 14:29:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 34CC 62 B
428 B 223ms
223ms Image
image/gif 92.123.17.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.17.8 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-17-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 08 Jan 2024 14:29:45 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 34CC
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=nnxU2nTP1RmQDn5

35 B
599 B

29ms
29ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=nnxU2nTP1RmQDn5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 14:29:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=nnxU2nTP1RmQDn5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 34CC 70 B
149 B 156ms
35ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:45 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 34CC 0
72 B 549ms
136ms Image
text/plain 216.46.185.183
ASN-FLEXENTIAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.183 Highlands Ranch, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame 34CC 43 B
1 KB 37ms
13ms Image
image/gif 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=6279209723220086910

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 34CC
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2694670161
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=izAG2.9WrEOw.jcXKuIfZ.

35 B
590 B

44ms
43ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=izAG2.9WrEOw.jcXKuIfZ.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
via: 1.1 google
last-modified: Mon, 08 Jan 2024 14:29:45 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=izAG2.9WrEOw.jcXKuIfZ.
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 34CC 23 B
163 B 137ms
55ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 08 Jan 2024 14:29:45 GMT
pragma: no-cache
date: Mon, 08 Jan 2024 14:29:45 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 204 /
s.ad.smaato.net/c/ Frame 34CC 0
235 B 118ms
56ms Image
text/plain 2600:9000:2247:3e00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2247:3e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:45 GMT
cache-control: no-cache, must-revalidate
via: 1.1 a8fa1851afeaba34d9b72eca54e89abc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MXP63-P2
x-amz-cf-id: 2kjH1QdW0q-xsBOo_ALiI75oo26ZKzcAxhMs3Me2cT1J88ikNCMY0w==
x-cache: Miss from cloudfront

GET
H2 200 6279209723220086910
match.contentexchange.me/adform/ Frame 34CC 0
49 B 138ms
42ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/6279209723220086910?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:45 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 34CC 37 B
140 B 91ms
30ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=6279209723220086910&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 put
e1.emxdgt.com/ Frame 34CC 0
44 B 80ms
29ms Image
text/plain 52.57.138.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=6279209723220086910
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.138.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-138-113.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:45 GMT
server: awselb/2.0

GET
H2 200 plf
c1.adform.net/imatch/ Frame 34CC 0
384 B 27ms
26ms Image
text/plain 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6279209723220086910&agencyId=7233&advertiserId=2120834&src=tp&rnd=187505
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 css
fonts.googleapis.com/ 100 KB
6 KB 50ms
24ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.oOSepHlxxdE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwvvP9M13u7KdoA1fKeW_oSKT_ZxA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8354d043bdebec71c66c058e88ecc6f032f98e2dad2c9efe882a39e01619f101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 14:29:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jan 2024 14:29:44 GMT

GET
H2 200 MH80wOXmOMhA52yl10uiBXjS1oISel-NZHW1qa89XWXy08A7qrlDMvZ8viimCwnpDdAHcBa_3JmUtmb8IZqHv5Qe6iqSIvpEWoAygMXnXeG-RVzBns4=h60
lh3.googleusercontent.com/ 6 KB
6 KB 48ms
8ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/MH80wOXmOMhA52yl10uiBXjS1oISel-NZHW1qa89XWXy08A7qrlDMvZ8viimCwnpDdAHcBa_3JmUtmb8IZqHv5Qe6iqSIvpEWoAygMXnXeG-RVzBns4=h60

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

46d49584af9defb5738f3f1668afec311f85f86258ecb94575a06949fa16cf92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:41:05 GMT
x-content-type-options: nosniff
age: 6519
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5885
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 09 Jan 2024 12:41:05 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.odatv4.com/
Origin: https://www.odatv4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 00:59:33 GMT
x-content-type-options: nosniff
age: 567011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 00:59:33 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 53ms
30ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.odatv4.com/
Origin: https://www.odatv4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:07:43 GMT
x-content-type-options: nosniff
age: 375721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:07:43 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 58ms
36ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.odatv4.com/
Origin: https://www.odatv4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 20:10:26 GMT
x-content-type-options: nosniff
age: 238758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35328
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 20:10:26 GMT

POST
H3 204 AGSKWxU1a6Kr_tgSq9Y-FWL9WPb3AVGEMhZnLbR2soe4M0tVPYCurEex2ieR0U3uzsJ2pD6jp45Mj5T8obQ_LSIrHeSSm12WycIE-iUxLFkk6UckMnLbDnCC3W63L9tSptbY0YVH6NeMOQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 54ms
24ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU1a6Kr_tgSq9Y-FWL9WPb3AVGEMhZnLbR2soe4M0tVPYCurEex2ieR0U3uzsJ2pD6jp45Mj5T8obQ_LSIrHeSSm12WycIE-iUxLFkk6UckMnLbDnCC3W63L9tSptbY0YVH6NeMOQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-voGbu8dYYS-EyC7nGPLzIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-voGbu8dYYS-EyC7nGPLzIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.odatv4.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 udm-r3_v2.23.3.js Show response
bid.underdog.media/ 490 KB
161 KB 64ms
8ms Script
application/javascript 2600:9000:237d:a200:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=19147;tid=1;dt=6;
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a200:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b59c84236e1aa480f6e46307bc58e447153f649c3e78390495b1ae6ef08730b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:05:49 GMT
content-encoding: gzip
via: 1.1 9f8416bf8a85d328bf3649469ef2a474.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 19:41:45 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 1337036
etag: "0550b0566d3b7839b95eb11004434e2f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 163970
x-amz-cf-id: i6O7fD5HCcPO-l6JkFAxIG5uM73iwqIsUkkxY4legxSEBNFST3d-tw==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 50ms
12ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=19147;tid=1;dt=6;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 15 Jan 2024 14:29:44 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.50708634
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.50708634
https://udmserve.net/udm/fetch.pix?dt=1;apnid=3867303732981223083;cb=0.50708634

43 B
612 B

290ms
155ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;apnid=3867303732981223083;cb=0.50708634
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 14:29:45 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
an-x-request-uuid: 307b043a-7e9f-430d-b8ec-17079965235b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://udmserve.net/udm/fetch.pix?dt=1;apnid=3867303732981223083;cb=0.50708634
x-proxy-origin: 81.95.5.43; 81.95.5.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 71ms
18ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.50708634
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
content-length: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.50708634%3Bindx%3D
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.50708634;indx=ZZwG2F_2A31fJEP77iJZRAAAFCkAAAAB

43 B
624 B

149ms
149ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;cb=0.50708634;indx=ZZwG2F_2A31fJEP77iJZRAAAFCkAAAAB
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 14:29:44 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMT8xiYP8HW82qWqRQhvhWO7Jsv7aeV4mZ1J4znlhAoYvuoAUa95kbox5nGkFORN9V3l1HSP2T1KCkRclkTuyys3QsLE2QwKt504gn6oxJyxOJh23NNvHLcIDlXMVMCgDYUcB4vbLDPObg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://udmserve.net/udm/fetch.pix?dt=1;cb=0.50708634;indx=ZZwG2F_2A31fJEP77iJZRAAAFCkAAAAB
cache-control: no-cache
cf-ray: 8425226b19ce6ae8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58806/ 0
125 B 191ms
14ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.50708634

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 us
sync.go.sonobi.com/ 0
399 B 342ms
129ms Image
text/plain 2607:f350:3:2569:0:10:0:c
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.50708634%3Bsonobi%3D%5BUID%5D

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:45 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-43
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-west.rubiconproject.com/exchange/ 0
239 B 704ms
176ms Image
image/gif 8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.50708634
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 0963d041a95f271fbba7f411adc03573
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D
https://udmserve.net/udm/fetch.pix?dt=1;mgid=f5985c12-4a4b-415c-9853-01ffb390cdff

43 B
628 B

163ms
163ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;mgid=f5985c12-4a4b-415c-9853-01ffb390cdff
Requested by: Host: www.odatv4.com
URL: https://www.odatv4.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 14:29:45 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 14:29:45 GMT
Transfer-Encoding: chunked
Location: https://udmserve.net/udm/fetch.pix?dt=1;mgid=f5985c12-4a4b-415c-9853-01ffb390cdff
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/85990523/
Redirect Chain

https://mc.yandex.com/watch/85990523?wmode=7&page-url=https%3A%2F%2Fwww.odatv4.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.com/watch/85990523/1?wmode=7&page-url=https%3A%2F%2Fwww.odatv4.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

420 B
535 B

50ms
50ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/85990523/1?wmode=7&page-url=https%3A%2F%2Fwww.odatv4.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A501221099784%3Ahid%3A767857476%3Az%3A60%3Ai%3A20240108152944%3Aet%3A1704724184%3Ac%3A1%3Arn%3A217445165%3Arqn%3A1%3Au%3A1704724184136030921%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C15%2C223%2C49%2C44%2C0%2C%2C423%2C2%2C%2C%2C%2C800%3Aco%3A0%3Acpf%3A1%3Ans%3A1704724183338%3Agi%3AR0ExLjIuNTYxNDEyMjIyLjE3MDQ3MjQxODQ%3D%3Afp%3A785%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704724185%3At%3AODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&t=gdpr%2814%29clc%280-0-0%29mtb%280%29rqnt%281%29aw%281%29rcm%281%29pe%281%29cs%28kccbe%29efid%281%29ti%281%29

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

60595d607e005fe7145347876c14c43532e2dcb11c6c0e0ac886dca4f2f7ed4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 08-Jan-2024 14:29:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.odatv4.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Mon, 08-Jan-2024 14:29:44 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:44 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 08-Jan-2024 14:29:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/85990523/1?wmode=7&page-url=https%3A%2F%2Fwww.odatv4.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A501221099784%3Ahid%3A767857476%3Az%3A60%3Ai%3A20240108152944%3Aet%3A1704724184%3Ac%3A1%3Arn%3A217445165%3Arqn%3A1%3Au%3A1704724184136030921%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C15%2C223%2C49%2C44%2C0%2C%2C423%2C2%2C%2C%2C%2C800%3Aco%3A0%3Acpf%3A1%3Ans%3A1704724183338%3Agi%3AR0ExLjIuNTYxNDEyMjIyLjE3MDQ3MjQxODQ%3D%3Afp%3A785%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704724185%3At%3AODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&t=gdpr%2814%29clc%280-0-0%29mtb%280%29rqnt%281%29aw%281%29rcm%281%29pe%281%29cs%28kccbe%29efid%281%29ti%281%29
access-control-allow-origin: https://www.odatv4.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 08-Jan-2024 14:29:44 GMT

GET
H2 200 rules-p-effSsmMYCbAck.js Show response
rules.quantcount.com/ 160 B
642 B 28ms
10ms Script
application/javascript 2600:9000:20c3:c800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:c800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:10:28 GMT
via: 1.1 847372cac152a2575995d0b13be85a88.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 1156
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 22:21:01 GMT
server: AmazonS3
etag: "435cbd9bc4b3440e866ad1f4f7d1ef02"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: UjoKspnslYe4f2DpepaIMy0ye6fJCgbHUNEXUTIy7P7AGDItdTcXOQ==

GET
H2 200 rules-p-Pz67dCqdsHfxh.js Show response
rules.quantcount.com/ 160 B
641 B 27ms
9ms Script
application/javascript 2600:9000:20c3:c800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:c800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:30:23 GMT
via: 1.1 847372cac152a2575995d0b13be85a88.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 3562
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 23:00:33 GMT
server: AmazonS3
etag: "eee1bd1fc55b604b66cd9e63c4f811b8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: ZfzY89v3E7Z01WJ02tPfJfLveFW_9o6n1dT_3BcM2CpuKfsKSsyOhw==

GET
H2 200 bc_OpV5lEF_yGayY-MVa1Sz2X7gdWk.js Show response
bid.underdog.media/ 4 KB
2 KB 7ms
6ms Script
application/x-javascript 2600:9000:237d:a200:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/bc_OpV5lEF_yGayY-MVa1Sz2X7gdWk.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a200:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc3f722804514e49fd53fde8d03a3c304afe2172f4a113f61b5d18a01d2f8971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:01:29 GMT
content-encoding: gzip
via: 1.1 9f8416bf8a85d328bf3649469ef2a474.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 14:00:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 1696
etag: "c74f259d6e0db8962ef768f114bcc155"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1508
x-amz-cf-id: JYygMmkfvRI9_JNbfgGe0t4-RWqfsXk0as-RxzL9gz6mJ8tSYkkgPQ==

GET
H2 200 rrv7.js Show response
bid.underdog.media/ 2 KB
1 KB 7ms
6ms Script
application/x-javascript 2600:9000:237d:a200:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/rrv7.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a200:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01ecee50132d4638110969c13f18b53e320f37760fbd68a2361642fec6ad3c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:52:58 GMT
content-encoding: gzip
via: 1.1 9f8416bf8a85d328bf3649469ef2a474.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 13:30:03 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 2207
etag: "d9f423549ccf906d1ac08e42d6fc4dad"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
accept-ranges: bytes
content-length: 640
x-amz-cf-id: ik_meSI4KaVVHLkHAX0Qk8PrE1Jgbmdz3kr4e5bITXuP47hM_c9Org==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EC35 14 KB
6 KB 159ms
30ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.odatv4.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 14:29:45 GMT
server: Kestrel
server-processing-duration-in-ticks: 501721
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

sid Show response
mug.criteo.com/ Frame EC35
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=odatv4.com&sn=ChromeSyncframe&so=0&topUrl=www.odatv4.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=AaVQlXxHaURsMVlsbGptYXI4Q1JuVzlkRDFndWhTODFXTzZGT28xakV3UGhsd2tqWDk0ZXpFbDN0NDcvRlJ6KzFZMXNDcWVaWmkzOFM2bGdOeDRYNE1DL1dHTkt1TGdudVN3R2gzUzgvZFVUbkxHemlmM1lrN3hMTWptcX...

433 B
658 B

17ms
16ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=AaVQlXxHaURsMVlsbGptYXI4Q1JuVzlkRDFndWhTODFXTzZGT28xakV3UGhsd2tqWDk0ZXpFbDN0NDcvRlJ6KzFZMXNDcWVaWmkzOFM2bGdOeDRYNE1DL1dHTkt1TGdudVN3R2gzUzgvZFVUbkxHemlmM1lrN3hMTWptcXJEUU4rWFR3eklKR1FRbEplMWhHWFluT3ZGRGJ6TnBUUzlRdHNsNndqSmU3ZWdaWWNnWSt0SEh2NTBTZC85eU9FK25aTjNPby9rV1AyWVFkYmI4LzFrK2c4NDQwZjNiYmZHUVM1N2dLcVZoZ3BDeGc2cG43SHBzdWlPLy9HbzhVVExscEZoMGRyWVJGeXVETC8vQWhSMjJoOUdidzFPUT09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

34c9f592a26e27a693465932a4a21853a26b58895845c5652a0fd89bbf722126

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:45 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1144391
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=AaVQlXxHaURsMVlsbGptYXI4Q1JuVzlkRDFndWhTODFXTzZGT28xakV3UGhsd2tqWDk0ZXpFbDN0NDcvRlJ6KzFZMXNDcWVaWmkzOFM2bGdOeDRYNE1DL1dHTkt1TGdudVN3R2gzUzgvZFVUbkxHemlmM1lrN3hMTWptcXJEUU4rWFR3eklKR1FRbEplMWhHWFluT3ZGRGJ6TnBUUzlRdHNsNndqSmU3ZWdaWWNnWSt0SEh2NTBTZC85eU9FK25aTjNPby9rV1AyWVFkYmI4LzFrK2c4NDQwZjNiYmZHUVM1N2dLcVZoZ3BDeGc2cG43SHBzdWlPLy9HbzhVVExscEZoMGRyWVJGeXVETC8vQWhSMjJoOUdidzFPUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 344148
content-length: 0
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 2 KB
2 KB 110ms
109ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.8.0&cb=16835903867&lsavail=1&bundle=4I7e8185M0VIYjA1Q2pCNkRVcmIyJTJCNTNXdFIzRHclMkY0QlFiZG1mcFBvQlcybHJ3Umo1a2RmZ1g1bzdDTEhXNzZkTFdyUVdtdDk5c0lDRkptcGxjZEMydFBlOWQlMkJ3ZXVudGhtSEh6JTJCYkc5eWR0QWFSTDBvYkVMQVJtZUV2YTRaV1p4UXlsQUtWUXhDTDhYbmpUQ3g4MiUyQjhiQiUyQkElM0QlM0Q

Requested by

Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f0b62f15310a8fdbcc9fc7cd49a445a1e09b22c82ac06d2b746106212fcc0de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jan 2024 14:29:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.odatv4.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
356 B 71ms
23ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Mon, 08 Jan 2024 14:29:45 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 247ms
196ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.odatv4.com
date: Mon, 08 Jan 2024 14:29:45 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ Frame 6EED 0
805 B 151ms
150ms Script
application/x-javascript 68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=19147;tid=1;dt=7;p=1;rri=1704724184632_064674_81.95.5.43;mid=48163;zzz=%5B48163%2C1704724184%2C%22JoEke%2FS6EJO66GgiDZd1Qg%22%5D;version=v2.23.3;cb=0.1823880615327096;qqq=29.33088479107097;session=1;style=slider;vis=visible;traffic_info=%7B%7D;gdprApplies=true;consentGiven=false;consentData=undefined
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: application/x-javascript
Date: Mon, 08 Jan 2024 14:29:46 GMT
Expires: -1d
Connection: Keep-Alive
Content-Length: 0
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT

GET
H2 200 aa.js Show response
q.adrta.com/s/udm/ Frame 6EED 890 B
1 KB 296ms
92ms Script
application/javascript 34.239.37.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/s/udm/aa.js?cb=0.50708634
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.37.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-37-162.compute-1.amazonaws.com
Software: nginx /
Resource Hash: af03ff13a82bee00484d37fba0c9fd720a217cef7f96b2c40739d781830f9929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 Jan 2024 14:29:46 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 tpd
cat.nl3.eu.criteo.com/ Frame 6EED 43 B
462 B 42ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/tpd?dd=ZoYuMl9zSVBzNUxYVFg0WVhVTElubmFoYXJFM2VQb2hMVTFDVTdZRFhobiUyRlVua2F0dE5wSDNydzNKMHNjWFVQcUFlSEowRzlqSm1LZUVOR3dBQ2hzcjQlMkI3S2R3aFFLUEZUVVRYT2szaUclMkI2TWQlMkJSbDZhdTJtM2trJTJGTXpmRjBJUUsyU0dRTVFGY0ZyUkJFZDZKb2xFUUYzMzdHWTZuS3psWXZ6UDIlMkJBJTJCRmxaaXRDZHdER01yNDJvZlhpWEVMbjkwSHlXSlFYJTJCeVEwSWJqSldpZmxJNHBZa3dnNXdEblF3djVFc1RWcjJHN2JMJTJCejR0VzJPM2o1d2dnWndyUU9KeG1DOEJoM2kzeHAxOE5iNHhIa2lVUUZKeExrRjZCSEM0U001dFFheDdmUTFLNzVWYng0dmN2UkpoZDVsWTFLQjdFMTQxYk14OGUzM1JSYjVEWkdFVmxtUnV6NzUwcHBzQlBjeWlRSlJ6T1dLYmhDbiUyRnclMkJFbzdWcDh3M1l0THB3N0psczk5UXVUZzRxOGpuVU9EVVlBMjNNcnFhZjdYTDN4dHo3azNsUFJvSk1GU1M3VFFzaE54SDY1RldiQkN4WFd2SnNjY2t6dEVYV1R2RTh4QmZmMjVBT1RvWkMzJTJGJTJCJTJCV1F6VmpIaVg2TEtsJTJCbDR3VGxzQ3BkSDZvbFFha3JnbDUlMkZLWjElMkJCQmF6aHF3STZYc2hnaUl5Y1hEJTJCVGxJbUtDWFoybkwxZ3pDMHdaQXhJJTJGclgzaXVnOEdERVUwTkFsbEVIY2lKYw

Requested by

Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 891684
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 r.js Show response
q.adrta.com/s/udm/ Frame 6EED 104 B
312 B 94ms
93ms Script
application/javascript 34.239.37.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/s/udm/r.js?v=23.000&rcb=433371&cb=0.50708634
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/s/udm/aa.js?cb=0.50708634
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.37.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-37-162.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d4b13183cfdff068fe054e1d2d26d424fdad9ea73733e1a608d9292191ef706b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 Jan 2024 14:29:46 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9199 43 KB
17 KB 47ms
19ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w

Requested by

Host: www.odatv4.com
URL: https://www.odatv4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

849466434cf3178db22d0b17be355de5975f49d14efae528565e6da13477e216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.odatv4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 14:29:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=w1nzrCZN-yM_p9QpwNfqjaXjYLD38tv9pwyE3TXaXUxYIUl-K5oRRAbUO0hfuQt-VAd0XNtoYgSMCfjIXuXcxRWtcM4GHMsVGGXdLC5jo2I1vaIToxrdYjIRr1XhPkc_iLMAi80zym2FBurdis6oRGN20qkhtfSMW_m5xnLN9Dq-_DIijVL58aSbGB-L2w0n3MEoWFtUoq-Mmqs7G-18k4sp-oyWfmxmuSf7Uv9KUSxBuYYnK4IKK1FSWc5o5W3Hm1Osqw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 5048439
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9199 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Jan 2025 14:29:46 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9199 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Jan 2025 14:29:46 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9199 308 B
636 B 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 02 Jan 2025 14:29:46 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9199 293 B
621 B 20ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 02 Jan 2025 14:29:46 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1278201/71854792/ Frame 9199 46 KB
12 KB 392ms
113ms Script
application/javascript 52.1.106.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1278201/71854792/skeleton.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.106.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-106-21.compute-1.amazonaws.com
Software: /
Resource Hash: 1812d364ed7ac037dd15cdbb3836136f979bc0acb9a6f16047011236c250784e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:46 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 9199 43 B
347 B 20ms
20ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=S4Hnxspj5KMjsZzzZOy1tiACmgcaosgRdGdl6eKFuQeX0WWw5GjgI1Z3wwRyopokz4Q-heUyISlC7pWyUqu6B3kkCSKNqj-yFT-R1zBFdWFqSTJceevZ5mi0vv4hn9F2cBVxAoCNSFkLWq0rwxVvVR_RlFa1G_zul9RsJk2KAOLZ4yLHQi-8QbrkGYdsln1Q3IABlNa3qyJkJzb-5DL2W25-xpnAuPRn97hh-AGCiqBXiB3jfyjtaputNk35UPNN_YLqiHE8deVq_h6tbZ0Kz5mBLbl-oO78v5mDPWvJOL8AX9pkaUV7dZmCwOtpehNCOw98DStnbzd5TULqXX2JurBqD_y30YBO35vg7qE9cAgj3wpn1BX3kmSYwRkSlwTNO-AK03tbUn2kxKeG3aszSEfcyKVWtcad9V9Jv4GUhd5qcADbPHSdhXBtL6gZqsm_J8i-83QGqXEMMpvQHS0LMb8gEAk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2175310
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/imp/2/227274;8045648;201;pixel;CriteoDE;PBCriteoCCRONCHDISPLAYFMSuperbannerSZ1x1VLRTCPCMOLandscapeRechargerTSE18ReiseinteresseADSS1X1PDCriteoSB2712/ Frame 9199 42 B
513 B 185ms
151ms Image
image/gif 23.215.22.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/imp/2/227274;8045648;201;pixel;CriteoDE;PBCriteoCCRONCHDISPLAYFMSuperbannerSZ1x1VLRTCPCMOLandscapeRechargerTSE18ReiseinteresseADSS1X1PDCriteoSB2712/?gdpr=0&&cachebuster=659c06d910623ade7ae7393d6e569e48

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.215.22.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-215-22-232.deploy.static.akamaitechnologies.com

Software

prod-xre-app7.frk11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 14:29:46 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app7.frk11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Mon, 08 Jan 2024 14:29:46 GMT

GET
H2 200 cdnf.js Show response
pix.adrta.com/ Frame 6EED 33 KB
12 KB 201ms
20ms Script
application/javascript 18.245.86.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.adrta.com/cdnf.js?v=23.000
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/s/udm/aa.js?cb=0.50708634
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: o8Dqn2fSaANd7t63xhmbtoZe_cmSJAMf
content-encoding: gzip
via: 1.1 6e4ed2b1996ce238462d61d3bfff667a.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 21:24:18 GMT
last-modified: Sat, 28 Oct 2023 05:29:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 61529
x-amz-server-side-encryption: AES256
etag: W/"82b6743c32bc1214117ff9c6593e4ac5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Z94mztYehqaq1pnor9PhgCLcHomrT2C2nl5PXy-jzPBmGyP7_Z9yKg==

GET
H2 200 / Show response
ipv6.adrta.com/ Frame 6EED 0
50 B 572ms
172ms Script
text/plain 2600:1f14:b4f:4b03:ac04:2015:d9fd:fbf5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.adrta.com/?callback=_1704724186866
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:b4f:4b03:ac04:2015:d9fd:fbf5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-length: 0
server: nginx

GET
H2 200 i Show response
adrta.com/ Frame 6EED 145 B
273 B 342ms
110ms Script
text/javascript 54.243.150.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=48102781&__aasv=23.001&__aaii=10715278335755857103&__aait=1704724186606&__aavz=-60&__aaib=1&__aaai=1&__aaaa=0&__aafl=1200&__aaaf=1&__aaag=4&__aahd=%7B%22chrome%22%3A1%7D&__aaax=0&__aaay=0&__aasz=728x90&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=0.50708634&__aaxf=81.95.5.43%2C%2010.1.1.118&__aaci=udm&paid=udm&avid=863&caid=9435&plid=48163&siteId=19147&publisherId=3819&kv14=UDM_MEDIA&kv5=edge&kv3=56AF73C8-157B-3457-9D13-16178D08BF5C&kv4=81.95.5.43&kv24=Desktop&kv12=19147_1_slider&kv6=&kv8=&kv9=&kv11=10157f8d21b11d4&kv2=odatv4.com&__aapu=https%3A%2F%2Fwww.odatv4.com%2F&__aapr=&__aatu=https%3A%2F%2Fwww.odatv4.com
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.150.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-150-2.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 22c4aadca5d348d4719abebea9f06d055709954b309a2f083f17d5d809b1bb91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
cache-control: no-cache
content-encoding: gzip
server: nginx
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 main.19.8.466.js Show response
static.adsafeprotected.com/ Frame 9199 213 KB
67 KB 81ms
28ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.466.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1278201/71854792/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:53:12 GMT
x-amz-version-id: xzgJjX2ySahBlQ72zDUgnxljnut_sNmJ
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2223395
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 13 Dec 2023 19:37:51 GMT
server: AmazonS3
etag: W/"eac384b0904b6f5677cb58a4d4e104c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: _1f6PpyJl_YLOpnd39eNwc00al1OxcftEsavo8W3mYiad0ZSjDnzIg==

GET
H2 200 dis.aspx Show response
widget.nl3.eu.criteo.com/dis/ Frame 9B86 6 KB
3 KB 118ms
41ms Document
text/html 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=164173&cb=659c06d910623ade7ae7393d6e569e48&r=https%3a%2f%2fwww.odatv4.com%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6a23ed6315c2eee33bcd2bd896031f746a44e0f83a826d7d47bbac5873beafd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 08 Jan 2024 14:29:46 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 2004125
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 main.html Show response
static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/ Frame 46C6 10 KB
2 KB 25ms
25ms Document
text/html 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/main.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

52f9d5874b8cd118d71143a0be171dd14847c584b761bc26b584f41e077ffc2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=31104000 public
content-encoding: gzip
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 14:29:47 GMT
etag: W/"65719436-26b1"
expires: Thu, 02 Jan 2025 14:29:47 GMT
last-modified: Thu, 07 Dec 2023 09:45:26 GMT
server: nginx
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 all
csm.eu.criteo.net/ Frame 9199 0
128 B 83ms
31ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=w1nzrCZN-yM_p9QpwNfqjaXjYLD38tv9pwyE3TXaXUxYIUl-K5oRRAbUO0hfuQt-VAd0XNtoYgSMCfjIXuXcxRWtcM4GHMsVGGXdLC5jo2I1vaIToxrdYjIRr1XhPkc_iLMAi80zym2FBurdis6oRGN20qkhtfSMW_m5xnLN9Dq-_DIijVL58aSbGB-L2w0n3MEoWFtUoq-Mmqs7G-18k4sp-oyWfmxmuSf7Uv9KUSxBuYYnK4IKK1FSWc5o5W3Hm1Osqw&sds=2&rev=90109&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 08 Jan 2024 14:29:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9199 2 KB
1 KB 26ms
26ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Jan 2025 14:29:47 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9199 2 KB
1 KB 30ms
29ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Jan 2025 14:29:47 GMT

GET
H2 200 style.css
static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/ Frame 46C6 5 KB
1 KB 28ms
27ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/main.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9997a161ba07a0d45d90c7c2cc01c9f7538668ed708e5fb0a0ae3d64b52c1edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/main.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Dec 2023 09:47:20 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"657194a8-1428"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Jan 2025 14:29:47 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame 46C6 70 KB
25 KB 92ms
47ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/gsap.min.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/main.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3574057
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25247
last-modified: Fri, 17 Mar 2023 15:51:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64148c93-629f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOj2tqeJohx%2F7VHeqVuap899LHfTZLiXx%2FvCd7910SaUeNHQXslLxyGxQWfOxSb8RTM1Djhny4gan9j9iXjyklpSd%2BJcW5a93Wrltvb6h3U%2BOpzIoTdCnkt2z%2FOtinXjQ3Oy%2FbOptpSn4ZDcsd00yw0U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8425227a1ac82c51-FRA
expires: Sat, 28 Dec 2024 14:29:47 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame 46C6 2 KB
2 KB 85ms
40ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/EasePack.min.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/main.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18655862ada4d166c8c267d49bbfa12cd0e2555bb0ac7e8bd4111f7a7406296e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3484961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1193
last-modified: Fri, 17 Mar 2023 15:51:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64148c93-4a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1nw7EiTTK34K%2FXdtKEwWf%2FK4wgzEzbl2GxfEYsafwwMYd5UZumCv9OuSMt1ks2Gh%2F39NyGH0ngsB0hilDBGpUIdAotP87144Un2SjR6vtA2shrIwcOUM05PbT0E4B151PjqzxBmqbQo7QgegjLFlQid"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8425227a1ac32c51-FRA
expires: Sat, 28 Dec 2024 14:29:47 GMT

GET
H2 200 TextPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame 46C6 10 KB
3 KB 88ms
43ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/TextPlugin.min.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/main.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95a63f4c0b1c6071120c8fb60c6432bbe8f2602031ff9abb54c8853e9f7bfe9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3579862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2961
last-modified: Fri, 17 Mar 2023 15:51:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64148c93-b91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpCaHFejzgcB3h8rs8k4ix3Zm74IMMlQYeIEcanfOublRnnD0N8MJ7tBLS%2B%2FaBa1JSWmwDVarmFMXjkFAMB0WvGBkcLMLL4NmdPpcYpAsvm8nnluALJV0ha8qzGo8ReN9V31VCG2AYc3yrmiS%2BEJOyYR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8425227a1ac42c51-FRA
expires: Sat, 28 Dec 2024 14:29:47 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 82B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qHBcKhIBS-1t1N6txSdfjxiQQ37EtqclKV_65A&google_cm&google_hm=ay1xSEJjS2hJQlMtMXQxTjZ0eFNkZmp4aVFRMzdFdHFjb...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qHBcKhIBS-1t1N6txSdfjxiQQ37EtqclKV_65A&google_gid=CAESEOnAkTr5lzCo7Un8NzenDlQ&google_cver=1&google_ula=913071,0

43 B
370 B

50ms
18ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qHBcKhIBS-1t1N6txSdfjxiQQ37EtqclKV_65A&google_gid=CAESEOnAkTr5lzCo7Un8NzenDlQ&google_cver=1&google_ula=913071,0

Requested by

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 579919
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qHBcKhIBS-1t1N6txSdfjxiQQ37EtqclKV_65A&google_gid=CAESEOnAkTr5lzCo7Un8NzenDlQ&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 82B2 43 B
145 B 16ms
12ms Image
image/gif 18.192.184.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ViJPQBIBS-1t1N6txSdfjxiQQ358HX1sksbCzg&expires=30
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.184.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-184-174.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 82B2
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3867303732981223083

43 B
370 B

54ms
19ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3867303732981223083

Requested by

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1268905
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
an-x-request-uuid: 63a0fac1-e2ff-498c-b513-6723a0a20b11
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3867303732981223083
x-proxy-origin: 81.95.5.43; 81.95.5.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 82B2 57 B
813 B 81ms
39ms Image
image/gif 88.221.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-f5VOPhIBS-1t1N6txSdfjxiQQ35nc2n2jlU5ng

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 14:29:47 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Mon, 08 Jan 2024 14:29:47 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 82B2 0
239 B 44ms
11ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-4rzTSBIBS-1t1N6txSdfjxiQQ35_T0z7eO9_IQ&expires=30
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 14d90060180bca4b3b64f131b647e645
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 82B2 43 B
163 B 26ms
23ms Image
image/gif 164.132.25.184
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-vUfcfxIBS-1t1N6txSdfjxiQQ35nSDtq-ScILQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 164.132.25.184 , France, ASN16276 (OVH, FR),
Reverse DNS: ip184.ip-164-132-25.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 82B2 0
99 B 77ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-nePiSxIBS-1t1N6txSdfjxiQQ37YIeQRxo5GGQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15215

GET
H2 200 um
criteo-sync.teads.tv/ Frame 82B2 23 B
163 B 45ms
38ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-E3x-xxIBS-1t1N6txSdfjxiQQ35FXZFAPdDAaw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 08 Jan 2024 14:29:47 GMT
pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 82B2 37 B
139 B 16ms
12ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-uOMQIRIBS-1t1N6txSdfjxiQQ34tgcUcAn4LIA&dongle=013b
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 82B2 0
38 B 18ms
16ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-evWkChIBS-1t1N6txSdfjxiQQ35rIq0hXqlO4g

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cksync.php
hb.yahoo.net/ Frame 82B2 56 B
319 B 86ms
41ms Image
image/gif 23.50.131.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-evWkChIBS-1t1N6txSdfjxiQQ35rIq0hXqlO4g

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-84.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 08 Jan 2024 14:29:47 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 56
x-mnet-hl2: E
expires: Mon, 08 Jan 2024 14:29:47 GMT

GET
H2 200 pixel
cm.adform.net/ Frame 82B2 43 B
162 B 114ms
22ms Image
image/gif 37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-sXi37RIBS-1t1N6txSdfjxiQQ37hgtpfl9c6Vw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
last-modified: Thu, 28 Jul 2022 12:09:37 GMT
server: nginx
accept-ranges: bytes
etag: "62e27c81-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 82B2 49 B
384 B 156ms
39ms Image
image/gif 54.228.30.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-U6yc_hIBS-1t1N6txSdfjxiQQ37rm_xxs_4cbQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.30.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-30-154.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 6
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2 200 rum
r.casalemedia.com/ Frame 82B2 43 B
542 B 33ms
26ms Image
image/gif 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-344dVhIBS-1t1N6txSdfjxiQQ37xgXTCbhBf_g
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7cYUJ%2Fo%2BUeDEVZbRNSip5KUMgnjWxMUt3BLhu4f4gApNqHmmky6GjrcCqCd8nu4UcJg%2Fhr8mNM%2FMQpqMNO5mXljwRyMAkqzg0a9FpezuwOLgOph%2BRgLrNbEux%2FSXKPaAWN%2F"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8425227a7f826ae8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H2

200

ibs:dpid=28645&dpuuid=PkXhRG92kcqBCljFdjllcVRXQAEUnM-A
dpm.demdex.net/ Frame 82B2
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=PkXhRG92kcqBCljFdjllcVRXQAEUnM-A

42 B
717 B

44ms
43ms

Image
image/gif

54.220.146.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=PkXhRG92kcqBCljFdjllcVRXQAEUnM-A

Requested by

Protocol

Server

54.220.146.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-146-23.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0d8917a30.edge-irl1.demdex.com 7 ms
pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: wTNS9FY9QRg=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=PkXhRG92kcqBCljFdjllcVRXQAEUnM-A
date: Mon, 08 Jan 2024 14:29:46 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 674890
content-length: 0

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 82B2 43 B
1 KB 16ms
15ms Image
image/gif 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-G858jRIBS-1t1N6txSdfjxiQQ35OpnlUU-PAwA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 08 Jan 2024 14:29:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame 82B2 43 B
198 B 36ms
35ms Image
image/gif 34.241.183.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-rvcyNxIBS-1t1N6txSdfjxiQQ36Sudv9PsXtPQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.183.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-183-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 Jan 2024 14:29:47 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 82B2 42 B
265 B 62ms
21ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-FHoWBBIBS-1t1N6txSdfjxiQQ35rsaCx4MqReA
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 82B2 0
882 B 50ms
16ms Image
text/html 18.196.116.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-24HElRIBS-1t1N6txSdfjxiQQ36x3xTJYpFscw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.116.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-116-41.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 82B2 43 B
423 B 311ms
90ms Image
image/gif 52.1.62.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-792tcBIBS-1t1N6txSdfjxiQQ357theda_mkeg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.62.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-62-209.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 82B2 0
145 B 353ms
87ms Image
text/plain 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-XiVqaBIBS-1t1N6txSdfjxiQQ35PuNda_3Gtvw&initiator=partner
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 14:29:47 GMT
Cache-Control: no-cache
X-TraceId: dc9fdf89c481c8d33912230eb69e914e
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 82B2 0
74 B 18ms
17ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-_EepNBIBS-1t1N6txSdfjxiQQ35FSEF-smuxfA
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 08 Jan 2024 14:29:45 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 82B2 0
35 B 61ms
9ms Image
text/plain 3.127.26.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Tb7b9xIBS-1t1N6txSdfjxiQQ34FOIhbQ55Jmw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.26.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-26-122.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 82B2 43 B
398 B 287ms
91ms Image
image/gif 2600:1f18:612b:4280:f67c:5dbe:1df:e791
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-Y_ngixIBS-1t1N6txSdfjxiQQ35dci_4DEdu0A
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:f67c:5dbe:1df:e791 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 08 Jan 2024 14:29:47 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 82B2 0
235 B 37ms
34ms Image
text/plain 23.211.9.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-GU8oERIBS-1t1N6txSdfjxiQQ353t_Jm1bLlKw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.9.5 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-9-5.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 14:29:47 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 07 Jan 2024 14:29:47 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 82B2 0
38 B 128ms
32ms Image
text/plain 52.17.148.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-hiU28BIBS-1t1N6txSdfjxiQQ35QwA1GIFxmpQ&pn_id=criteo&ext=1
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.148.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-148-138.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 82B2 0
43 B 12ms
11ms Image
text/plain 52.57.138.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-yX6DVRIBS-1t1N6txSdfjxiQQ35QCWi_PDQBNg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.138.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-138-113.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
server: awselb/2.0

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 9199
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1278201/71854792/skeleton.js?adsafe_url=https%3A%2F%2Fwww.odatv4.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.odatv4.com%2F&adsafe_type=e&adsafe_url=https...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

7ms
7ms

Script
application/javascript

2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8939309
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: jp6baMhkUB4X780BLbyXDv96HRrv8QosCAQfK7h-SpB7My4Y3AN_3Q==

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
server: nginx
x-server-name: app53.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0A83 91 KB
23 KB 13ms
13ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9469237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Ze1Kh7hy-Kap640O9geI2av4p8HroAl9zQ51daPy-8yjXtCoM5n1wA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9199 43 B
215 B 285ms
93ms Image
image/gif 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=8b8da6b9-e608-6c13-11b7-557ab422f273&tv=%7Bc:IHKW4,pingTime:-3,time:182,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:159%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:182,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,fm2:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,idMap:181*,rmeas:1,rend:0,renddet:na,siq:160%7D&br=c
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9199 43 B
215 B 373ms
182ms Image
image/gif 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=8b8da6b9-e608-6c13-11b7-557ab422f273&tv=%7Bc:IHKW5,pingTime:-6,time:183,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:183,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,fm2:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,idMap:181*,rmeas:1,rend:0,renddet:na,siq:160%7D&tpiLookup=ao:www.odatv4.com*%2Cwww.odatv4.com*&br=c
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 82B2 0
15 B 16ms
15ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-evWkChIBS-1t1N6txSdfjxiQQ35rIq0hXqlO4g

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 hg1.jpg
static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/ Frame 46C6 28 KB
28 KB 29ms
27ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/hg1.jpg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cf6aca4d69658e6be224bd3b542cc92c2802a34fbbcdcf49d4a67ad9af33889e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Dec 2023 09:47:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "657194ab-7017"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 28695
expires: Thu, 02 Jan 2025 14:29:47 GMT

GET
H2 200 hg2.jpg
static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/ Frame 46C6 26 KB
26 KB 38ms
37ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/hg2.jpg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cd9832da1376a347fc65a01d53fdb7022548ff8f4cc539b7cf0501b4d566da3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Dec 2023 09:47:24 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "657194ac-6655"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 26197
expires: Thu, 02 Jan 2025 14:29:47 GMT

GET
H2 200 logo.svg
static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/ Frame 46C6 7 KB
3 KB 41ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/logo.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

6654a63b00bdd0bf9d5826c7ab72a84f9e5647ecd6c2ace67503456319b1838e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Dec 2023 09:47:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"657194ad-1d4c"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Jan 2025 14:29:47 GMT

GET
H2 200 copyphase1.svg
static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/ Frame 46C6 5 KB
2 KB 42ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/copyphase1.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8480f18e1c0c46bfedd2db03e63ee6a6c4ce12e4e65b4b88eb512e9afb509236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Dec 2023 09:47:20 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"657194a8-14dc"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Jan 2025 14:29:47 GMT

GET
H2 200 copyphase2.svg
static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/ Frame 46C6 18 KB
5 KB 18ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/copyphase2.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cfa6c2f278e3cd295907cd85268e0d4b280a053432bf3cac5cd05f5fc356e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Dec 2023 09:47:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"657194a9-4832"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Jan 2025 14:29:47 GMT

GET
H2 200 cta.svg
static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/ Frame 46C6 5 KB
2 KB 21ms
20ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/cta.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5f188bd596926e30a865819ba8e19e526f0c4ad77babe539688b7bb905b8faed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Dec 2023 09:47:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"657194ab-1476"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Jan 2025 14:29:47 GMT

GET
H2 200 pb.svg
static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/ Frame 46C6 3 KB
2 KB 20ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/pb.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cb186e89ba390abf3b9f03eed288c5e5072fc775b100eaa53d75eda1454e5924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Dec 2023 09:47:26 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"657194ae-dd2"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Jan 2025 14:29:47 GMT

GET
H2 200 tag.svg
static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/ Frame 46C6 16 KB
6 KB 23ms
22ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/images/tag.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f9299e6a9b1a3106e1489f974221459cf31a78258192b00cf9653f6a9df4b290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/7dec/landscape/728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:29:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Dec 2023 09:47:27 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"657194af-40a3"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Jan 2025 14:29:47 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9199 43 B
215 B 279ms
94ms Image
image/gif 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=8b8da6b9-e608-6c13-11b7-557ab422f273&tv=%7Bc:IHKWc,pingTime:-2,time:190,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:70,bdZ:567,beA:568,beZ:569,mfA:705,cmA:706,inA:706,inZ:709,prA:709,prZ:723,si:728,poA:728,poZ:739,cmZ:739,mfZ:739,loA:751,loZ:753,ltA:758,ltZ:758,mdA:569,mdZ:687%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:159%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:190,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,fm2:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,idMap:181*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:160,sinceFw:30,readyFired:true%7D&br=c
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9199 43 B
216 B 250ms
92ms Image
image/gif 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=8b8da6b9-e608-6c13-11b7-557ab422f273&tv=%7Bc:IHKWC,time:216,type:e,env:%7Bgcd2:%7Bappl:1,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:216,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,fm2:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,idMap:181*,rmeas:1,rend:0,renddet:na,siq:160%7D&br=c
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 82B2
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=mKLN8ZkD-_bjjNBIvonpCXf-9uzX2VrQ

0
337 B

28ms
28ms

Image
text/plain

52.214.179.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=mKLN8ZkD-_bjjNBIvonpCXf-9uzX2VrQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Server: 52.214.179.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-179-171.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: beacon-n017-dub-prod.krxd.net
date: Mon, 08 Jan 2024 14:29:47 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1704724187
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=mKLN8ZkD-_bjjNBIvonpCXf-9uzX2VrQ
date: Mon, 08 Jan 2024 14:29:46 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 759237
content-length: 0

GET
H2 200 setuid
ib.adnxs.com/ Frame 82B2 43 B
1 KB 9ms
9ms Image
image/gif 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-or1trxIBS-1t1N6txSdfjxiQQ366GfH9FmI5gA

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
an-x-request-uuid: d80ab004-aee6-455f-8582-515f594fe809
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.43; 81.95.5.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9199 43 B
215 B 211ms
95ms Image
image/gif 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=8b8da6b9-e608-6c13-11b7-557ab422f273&tv=%7Bc:IHKXj,time:259,type:e,im:%7Bpci:%7Btdr:79%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:259,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B120~0%5D,as:%5B120~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,fm2:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:160%7D&br=c
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9199 43 B
215 B 166ms
96ms Image
image/gif 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=8b8da6b9-e608-6c13-11b7-557ab422f273&tv=%7Bc:IHKY3,time:305,type:e,im:%7Bimprf:%7Bttecl:779,ecd:120,tsecr:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:305,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B166~0%5D,as:%5B166~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,fm2:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:160,sis:280%7D&br=c
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9199 43 B
215 B 94ms
93ms Image
image/gif 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=8b8da6b9-e608-6c13-11b7-557ab422f273&tv=%7Bc:IHL0P,pingTime:-10,time:477,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEyOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1704724187607%7C%7Ce17857fc49d851d174000aa01e7eeace%7C%7C746ded226cc656dc46dc973a01bf1b48%7C%7Cef0702fc4d591a2f866a4843eec11779%7C%7C05721c4058649804925a3c3a680eab99%7C%7C7ad31de3d8c928930a7c0e120586b6a6%7C%7Cb5a93224f51b8652e9479d1b359a51f6%7C%7C0dd10590ef586fa5f1fb8f0c3a20b119%7C%7C1663701684%7D
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CbmZJHEn6FVbYxb6LLivQzcxlmOidKz6NlabYZ%2Ff76ws%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNTZlocuvYM2jikeovv4AjB__3fgd88ZnVNXJjwIja8A_aLjsdvgIwDQGGVPnOdoa8dS5qcgJGUxeXXY7i8X06si5OoUhNVjbErgyZgSD7lo-F_b5G4UB1ZqU65gk5iDwdOys_FzqJU1C2tXJCPs5w5QwiO0eKqNpNTcKv9fpa8d_yXACVwVLU8xMS3uaTOlqkYOLOMM4rnn3uSVYyLvrecsXpm4-QTuS8BsVPk5jLq27AbqnIwo15dErcWg0o3Ia5OvVNN2YPZNzN4UE1adiCYmicEMH-dxQzTRVOQF10_ocgrqqDooW6LMwAyJqbnls4ZqnsFBYOc3-lfR9esWOP11-pMwwdrV5P-vb9aj3EyKSw-GBo97XAvv-vEO6kYzPQpFytxJvbEIai3Uy4zQMq_s_GT-X79iUd_wCoyU7twm4tXwosTFuwTbIBBEQV8kpa8JAdHCSwHKJfwM6iFZ1jVEnIW8Ds_qWWAizzw_R5fBiIFXdJpNpl228GDMymwEhsMLQKNXlOfPqtBbqN4j6QNFZTkTcSOyF87hi3U4lWziZM3bjCsFtdGkpQEL_nBVpboqiSN16rXwk9ath4IVJwxRpEXW15GN6wnUmIptHPsc01q91yZxZG-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 i Show response
adrta.com/ Frame 6EED 15 B
172 B 93ms
93ms Script
text/javascript 54.243.150.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=30213983&__aasv=23.001&__aaii=10715278335755857103&__aait=1704724186606&__aasi=17706916920128686688&__aast=1704724186511&__aavi=17275915342553962237&__aavt=1704724186511&__aavz=-60&__aaib=1&__aaai=1&__aaaa=1&__aafl=1200&__aaaf=1&__aaag=4&__aahd=%7B%22chrome%22%3A1%7D&__aarf=7&__aart=844&__aacd=1&__aaax=436&__aaay=1110&__aasz=728x90&__aapf=1&__aaec=4&__aaup=2&__aaat=500&__aaae=1&__aaav=0&__aaas=850&__aaah=0&__aapc=500&__aaph=5843&__aapw=1600&__aap1=1&__aap2=0.026&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=0.50708634&__aaxf=81.95.5.43%2C%2010.1.1.118&__aaci=udm&paid=udm&avid=863&caid=9435&plid=48163&siteId=19147&publisherId=3819&kv14=UDM_MEDIA&kv5=edge&kv3=56AF73C8-157B-3457-9D13-16178D08BF5C&kv4=81.95.5.43&kv24=Desktop&kv12=19147_1_slider&kv6=&kv8=&kv9=&kv11=10157f8d21b11d4&kv2=odatv4.com&__aapu=https%3A%2F%2Fwww.odatv4.com%2F&__aapr=&__aatu=https%3A%2F%2Fwww.odatv4.com
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.150.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-150-2.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
cache-control: no-cache
server: nginx
content-length: 15
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 i Show response
adrta.com/ Frame 6EED 15 B
172 B 92ms
92ms Script
text/javascript 54.243.150.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=559603&__aasv=23.001&__aaii=10715278335755857103&__aait=1704724186606&__aasi=17706916920128686688&__aast=1704724186511&__aavi=17275915342553962237&__aavt=1704724186511&__aavz=-60&__aaib=1&__aaai=1&__aaaa=1&__aafl=1200&__aaaf=1&__aaag=4&__aahd=%7B%22chrome%22%3A1%7D&__aarf=7&__aart=844&__aacd=1&__aaax=436&__aaay=1110&__aasz=728x90&__aapf=1&__aaec=4&__aaup=3&__aaat=200&__aaae=1&__aaav=1&__aaas=201&__aaah=0&__aapc=200&__aaph=5843&__aapw=1600&__aap1=1&__aap2=0.026&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=0.50708634&__aaxf=81.95.5.43%2C%2010.1.1.118&__aaci=udm&paid=udm&avid=863&caid=9435&plid=48163&siteId=19147&publisherId=3819&kv14=UDM_MEDIA&kv5=edge&kv3=56AF73C8-157B-3457-9D13-16178D08BF5C&kv4=81.95.5.43&kv24=Desktop&kv12=19147_1_slider&kv6=&kv8=&kv9=&kv11=10157f8d21b11d4&kv2=odatv4.com&__aapu=https%3A%2F%2Fwww.odatv4.com%2F&__aapr=&__aatu=https%3A%2F%2Fwww.odatv4.com
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.150.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-150-2.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.odatv4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Mon, 08 Jan 2024 14:29:47 GMT
cache-control: no-cache
server: nginx
content-length: 15
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9199 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 08 Jan 2024 14:29:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
250 B 119ms
95ms XHR
application/json 35.244.193.51

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jan 2024 14:29:49 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.odatv4.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58809/ 2 B
125 B 11ms
10ms XHR
application/json 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58809/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.odatv4.com/&pixelId=58809

Requested by

Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jan 2024 14:29:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://www.odatv4.com
content-type: application/json
access-control-allow-credentials: true

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
421 B 30ms
30ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=1324mj4&fmt=json
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: b31999dc90ac170b0047dc965db9e855c8445c472a6a34dccd9fcf2b60eddaaf

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jan 2024 14:29:49 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.odatv4.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Wed, 07 Feb 2024 14:29:49 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 17ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P3X8GHNT5P&gtm=45je4130v873431896z8859010942&_p=1704724184089&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=561412222.1704724184&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&sid=1704724184&sct=1&seg=1&dl=https%3A%2F%2Fwww.odatv4.com%2F&dt=ODATV%20-%20Haberler%2C%20Son%20Dakika%20Haberleri%20ve%20G%C3%BCncel%20Haberler&_s=2&tfd=5956
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P3X8GHNT5P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.odatv4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.odatv4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9199 43 B
215 B 92ms
91ms Image
image/gif 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=8b8da6b9-e608-6c13-11b7-557ab422f273&tv=%7Bc:IHLst,pingTime:1,time:2191,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:159%7D,%7Bpiv:100,vs:i,r:,t:1190%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1001,o:1190,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1051~0,1~100%5D,as:%5B1052~728.90%5D%7D%7D,%7Bsl:i,t:1190,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:97,fm:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,fm2:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:160,sis:280%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:49 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9199 43 B
215 B 93ms
93ms Image
image/gif 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=8b8da6b9-e608-6c13-11b7-557ab422f273&tv=%7Bc:IHLst,pingTime:1,time:2191,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:159%7D,%7Bpiv:100,vs:i,r:,t:1190%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1002,o:1190,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1051~0,1~100%5D,as:%5B1052~728.90%5D%7D%7D,%7Bsl:i,t:1190,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:97,fm:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,fm2:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:160,sis:280%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:49 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9199 43 B
215 B 92ms
92ms Image
image/gif 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=8b8da6b9-e608-6c13-11b7-557ab422f273&tv=%7Bc:IHLsu,pingTime:1,time:2192,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:159%7D,%7Bpiv:100,vs:i,r:,t:1190%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1002,o:1190,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1051~0,1~100%5D,as:%5B1052~728.90%5D%7D%7D,%7Bsl:i,t:1190,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:97,fm:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,fm2:u0MwXzk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181*.1278201-71854792%7C18111%7C1812,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:160,sis:280,metricId:sky1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 14:29:49 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET kandil-abci-goruyordu-demirtas-ocalan-cizgisine-geldi-son-savunmasinda-neler-dedi-m4ad.jpg
img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/08/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.odatv4.com
URL: https://img.odatv4.com/rcman/Cw560h560q95gc/storage/files/images/2024/01/08/kandil-abci-goruyordu-demirtas-ocalan-cizgisine-geldi-son-savunmasinda-neler-dedi-m4ad.jpg

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

111 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.odatv4.com/	1970-01-21 03:08:04	Name: _ga_LCBC0RGKV6 Value: GS1.1.1704724184.1.0.1704724184.60.0.0
.odatv4.com/	1970-01-21 03:08:04	Name: _ga_P3X8GHNT5P Value: GS1.1.1704724184.1.1.1704724184.0.0.0
.odatv4.com/	1970-01-21 03:08:04	Name: _ga Value: GA1.2.561412222.1704724184
.odatv4.com/	1970-01-20 17:33:30	Name: _gid Value: GA1.2.1934810134.1704724184
.odatv4.com/	1970-01-20 17:32:04	Name: _gat_UA-2957967-2 Value: 1
.odatv4.com/	1970-01-20 17:32:04	Name: _gat_gtag_UA_2957967_2 Value: 1
.odatv4.com/	1970-01-21 02:17:40	Name: _ym_uid Value: 1704724184136030921
.odatv4.com/	1970-01-21 02:17:40	Name: _ym_d Value: 1704724184
.yandex.com/	1970-01-21 03:08:04	Name: i Value: dEgybB3vO3UUoKld6gPfpw7XLM7ne45rdR+peQ/yvanzlraQbqy7ygOmUPWu3xKUkXl6ukgtMqlPRk2m2np7PHJSLf4=
.yandex.com/	1970-01-21 02:17:40	Name: yandexuid Value: 7917643551704724184
.odatv4.com/	1970-01-20 17:33:16	Name: _ym_isad Value: 2
.adform.net/	1970-01-20 18:16:42	Name: C Value: 1
.adform.net/	1970-01-20 18:58:28	Name: receive-cookie-deprecation Value: 1
www.odatv4.com/	1970-01-20 18:15:16	Name: adformfrpid Value: 7411118454595256587
.adform.net/	1970-01-20 18:58:28	Name: uid Value: 6279209723220086910
.adform.net/	1970-01-20 17:33:30	Name: CM Value: 1\|1
.mc.yandex.com/	1970-01-20 17:32:04	Name: sync_cookie_csrf Value: 307372230fake
.adform.net/	1970-01-20 17:52:13	Name: CM14 Value: 1704810584_1704724184_1_Hu7u4e4e4R7u4e4REREeEREREQ
.mc.yandex.ru/	1970-01-20 17:32:04	Name: sync_cookie_csrf Value: 824029481fake
.seadform.net/	1970-01-20 18:58:28	Name: uid Value: 6279209723220086910
.udmserve.net/	1970-01-21 02:17:40	Name: dt Value: 56AF73C8-157B-3457-9D13-16178D08BF5C
.mc.yandex.com/	1970-01-20 17:33:30	Name: sync_cookie_ok Value: synced
.eyeota.net/	1970-01-20 17:32:04	Name: SERVERID Value: 18665~DM
.casalemedia.com/	1970-01-21 02:17:40	Name: CMID Value: ZZwG2F-2A31fJEP77iJZRAAA
.casalemedia.com/	1970-01-20 19:41:40	Name: CMPS Value: 5161
.casalemedia.com/	1970-01-20 19:41:40	Name: CMPRO Value: 5161
.ads.stickyadstv.com/	1970-01-20 18:58:28	Name: uid-bp-617 Value: 6279209723220086910
.ads.stickyadstv.com/	1970-01-20 18:15:16	Name: UID Value: 4019d1c974878e3df84f452346010f1
.yandex.ru/	1970-01-21 03:08:04	Name: yandexuid Value: 7917643551704724184
.yandex.ru/	1970-01-21 03:08:04	Name: yuidss Value: 7917643551704724184
.yandex.ru/	1970-01-21 03:08:04	Name: i Value: dEgybB3vO3UUoKld6gPfpw7XLM7ne45rdR+peQ/yvanzlraQbqy7ygOmUPWu3xKUkXl6ukgtMqlPRk2m2np7PHJSLf4=
.yandex.ru/	1970-01-21 03:08:04	Name: yp Value: 1704810584.yu.8148055501704724184
.yandex.ru/	1970-01-21 02:17:40	Name: ymex Value: 1707316184.oyu.8148055501704724184
.semasio.net/	1970-01-21 02:17:40	Name: SEUNCY Value: 87B47EF8D5DB2A9E
cm.adsafety.net/	1970-01-21 02:17:40	Name: UID Value: CM120240108143ef06884a2052357509
.adsafety.net/	1970-01-21 02:17:40	Name: cm_uid Value: CM120240108143ef06884a2052357509
.adnxs.com/	1970-01-20 19:41:40	Name: uuid2 Value: 3867303732981223083
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 112170821704724184
.yandex.com/	1970-01-21 02:17:40	Name: yuidss Value: 7917643551704724184
.yandex.com/	1970-01-21 02:17:40	Name: ymex Value: 1736260184.yrts.1704724184
.yandex.com/	1970-01-21 02:17:40	Name: bh Value: KgI/MA==
.doubleclick.net/	1970-01-21 02:53:40	Name: IDE Value: AHWqTUlQ3SZw4majIAVdkFYdMeZqWNOxRWDRuJgSKnj2nC7WP8rO6kXGbXWqHCbHmbk
ads.smartstream.tv/	1970-01-21 02:17:40	Name: DID Value: 72a899c5b077491d3f92177c6b6f1ef8
ads.smartstream.tv/	1970-01-21 02:17:40	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 02:17:40	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 18:15:16	Name: cm_uid Value: CM120240108143ef06884a2052357509
www.odatv4.com/	1970-01-20 18:15:16	Name: udmsrc Value: %7B%7D
www.odatv4.com/	1970-01-20 18:15:16	Name: _pbjs_userid_consent_data Value: 3524755945110770
.exelator.com/	1970-01-20 20:24:52	Name: EE Value: "a7dfb53998c5918de78a84f719b95ca1"
.odatv4.com/	1970-01-21 02:17:40	Name: _sharedid Value: 77075e61-62ea-4a28-a9ab-9c1035a7a2a0
.krxd.net/	1970-01-20 21:51:16	Name: _kuid_ Value: QBgjeHYd
.adfarm1.adition.com/	1970-01-20 19:41:40	Name: UserID1 Value: 7321734619008858264
.demdex.net/	1970-01-20 21:51:16	Name: demdex Value: 24893392784105999452940283051924063602
.udmserve.net/	1970-01-20 19:41:40	Name: indx Value: ZZwG2F_2A31fJEP77iJZRAAAFCkAAAAB
.audrte.com/	1970-01-20 17:53:40	Name: arcki2 Value: bhagqR5VogdQNazBnYQ4T6j5w!20220908!1704724184976!ip#81.95.5.43
.audrte.com/	1970-01-20 17:53:40	Name: arcki2_adform Value: 6279209723220086910!20220908!1704724184976
.odatv4.com/	1970-01-20 17:32:05	Name: _ym_visorc Value: b
cm.adsafety.net/	1970-01-21 02:17:40	Name: permanent Value: 1
.w55c.net/	1970-01-21 03:03:44	Name: wfivefivec Value: nnxU2nTP1RmQDn5
.agkn.com/	1970-01-21 02:17:40	Name: ab Value: 0001%3AT%2F8s0LVMjYHyodcfBzycx5F60GW59a8a
.dpm.demdex.net/	1970-01-20 21:51:16	Name: dpm Value: 24893392784105999452940283051924063602
.exelator.com/	1970-01-20 20:24:52	Name: ud Value: "eJxrXxzq6XKLQSHRPCUtydTY0tIi2dTS0CIl1dwi0cIkzdzQMsnSNDnRcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6IhfXxUUpaQyLSopPBR8r2QsArycqqA%253D%253D"
.bluekai.com/	1970-01-20 21:54:08	Name: bku Value: aG/99BQs7sVVuiXI
.bluekai.com/	1970-01-20 21:54:08	Name: bkpa Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwER0BpA01eAl1M101M9ymeR81E9e9JtJYe1=
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8543\|ZZwG3
.udmserve.net/	1970-01-20 19:41:40	Name: apnid Value: 3867303732981223083
.w55c.net/	1970-01-20 18:15:16	Name: matchadform Value: 5
.audrte.com/	1970-01-20 17:53:40	Name: arcki2_ddp2 Value: bhagqR5VogdQNazBnYQ4T6j5w!20220908!1704724185150
.weborama.fr/	1970-01-21 02:57:59	Name: AFFICHE_W Value: QpWtxV3ztHVC14
tags.adsafety.net/	1970-01-21 02:17:40	Name: UID Value: 72a899c5b077491d3f92177c6b6f1ef8
tags.adsafety.net/	1970-01-21 02:17:40	Name: DID Value: 72a899c5b077491d3f92177c6b6f1ef8
tags.adsafety.net/	1970-01-21 02:17:40	Name: IDT Value: 100
tags.adsafety.net/	1970-01-21 02:17:40	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 18:15:16	Name: block_reset Value: 1
.adsafety.net/	1970-01-21 02:17:40	Name: ct_uid Value: 72a899c5b077491d3f92177c6b6f1ef8
.adsafety.net/	1970-01-21 02:17:40	Name: ct_did Value: 72a899c5b077491d3f92177c6b6f1ef8
.adsafety.net/	1970-01-21 02:17:40	Name: ct_idt Value: 100
.mgid.com/	1970-01-20 17:52:13	Name: lmg_usr Value: f5985c12-4a4b-415c-9853-01ffb390cdff
.mgid.com/	1970-01-20 17:52:13	Name: lmg_r Value: 24
cm.adsafety.net/	1970-01-21 02:17:40	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaOVBycDcycWt4ZWtUUnoxUHJOdzFQa2p5VnBXYVQweGdGTEd0NkdjbUdMZHAzYzkwdE5QZDAwaFZ4YTRnTmJzWXdsYXZuYlpzRHd0MzBjOEVMV3lxRENOUWtDbitWY1lsUkdKUjlGdklJcjhrUEQwVHYvR3NvQ3BHUEdBc0NjcWxyYWtVTGNUaFdPMEFXdWZ6M3VSS01sVHJsWDc1U0RkNDJUYmxVWUpXOXJ1RU1Wd0tvcTNLUHlTZmJNMGFPMUJSaVVSRXNRQ2FNdjcwZnB4d0pxaFZYNjg2SUQvZ3M4TGIvU0xYRS9ycHd3bkNkRis2Z0dNOGZjRXpoRjNwdkEwemhuenVWSHdhT3YwdGhWWE96M2g3MllWZ0s0UFViSDluVVVqM0ZXOHhRTXNSbnBMUVNhSk1STHlaRXpkdTJXWndXVWFTSHdBeUFSd1NrUDYydzN5RUxQdlk3a0RhSVRMd3FWNTFQeU9nWmJCaUZ2WDdJMWZNN0lTY2VJbDF6bzR1TzRxb05aaUx3WWZGQ0x2amRNbDZmU2xCdXorcHRXajl5SFN4N0ZDbUR4T1pnaGtxMlU2NmRRenptemVqWUVuZHVkYVE2eklGa1JBZVJOemVSZmRHOE5nSVcvak5hT3Y4SDJtRmlqbDBFUjdVcldHSG5SWDg4WXVaRkxlUW05ZjlJVklDM09KTi9nRXMvNlB0RWZUYVBNNVJnbmREdXI4dEVNNVpTT1JpYVVnSUtPZERkMWhKdHk1WXVOTjZVKzFxNnQwaiszNlN6eXVUOFQ5NU1vZTFHZXBHcldERTkzdFpiU1Bya1c5V01QL3JEa0hxb1FlRlEweUJyOFE1RXlMYXREOEZ4QWk2V0xvMWdwRWxtdFI1aTVVMjVsQi91SDhTeWd0dHRSWUR0ZktEKzRueFpsWmJnRDk2Ty9zVGNWRzRiTTZSL09IbmFlcXRXMWVyNFNrRjd0TkNkb3lZOGNOMnd1RjlUWUdpT2lCQVptcldsWHYyY0F1aHNwcFd1aUpaaitMWjhXbVk4VFVSYWY4N0JESVdIZDdQc0tNWnE5ZkpxMS83ek1jZU5OT25Vd0lEMFBienROUFBGU1JvTlYxVUE9PQ%3D%3D
.udmserve.net/	1970-01-20 19:41:40	Name: mgid Value: f5985c12-4a4b-415c-9853-01ffb390cdff
.criteo.com/	1970-01-21 02:53:40	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:53:40	Name: uid Value: 18db7cd3-4a2a-4bd9-80cf-11bd9284753a
.odatv4.com/	1970-01-21 02:53:40	Name: cto_bundle Value: 4I7e8185M0VIYjA1Q2pCNkRVcmIyJTJCNTNXdFIzRHclMkY0QlFiZG1mcFBvQlcybHJ3Umo1a2RmZ1g1bzdDTEhXNzZkTFdyUVdtdDk5c0lDRkptcGxjZEMydFBlOWQlMkJ3ZXVudGhtSEh6JTJCYkc5eWR0QWFSTDBvYkVMQVJtZUV2YTRaV1p4UXlsQUtWUXhDTDhYbmpUQ3g4MiUyQjhiQiUyQkElM0QlM0Q
prebid.a-mo.net/	1970-01-20 17:32:04	Name: _Amc_b Value: 0
.prebid.a-mo.net/	1970-01-21 02:17:40	Name: __amc Value: 1_1704724186_1704724186
www.odatv4.com/	1970-01-20 18:15:16	Name: udm_edge_floater_fcap Value: %5B1704724186257%5D
www.odatv4.com/	1970-01-20 17:32:05	Name: udm_session Value: 1
.udmserve.net/	1970-01-21 02:17:40	Name: udmts Value: 1704724186.0
.udmserve.net/	1970-01-21 02:17:40	Name: gdpr Value: 19147:undefined
.udmserve.net/	1970-01-21 02:17:40	Name: geode Value: 63829492186:81.95.5.43:276:C43644:D276007:S36143:de:schonefeld:ZZ:12529:wifi:hosting:?
.adrta.com/	1970-01-21 03:08:04	Name: __aavi Value: 17275915342553962237
.adrta.com/	1970-01-21 03:08:04	Name: __aavt Value: 1704724186511
.adrta.com/	1969-12-31 23:59:59	Name: __aasi Value: 17706916920128686688
.adrta.com/	1969-12-31 23:59:59	Name: __aast Value: 1704724186511
.flashtalking.com/	1970-01-21 03:01:28	Name: flashtalkingad1 Value: "GUID=585123CD87F153"
.adnxs.com/	1970-01-21 03:08:04	Name: receive-cookie-deprecation Value: 1
.media.net/	1970-01-21 02:17:40	Name: visitor-id Value: 3477257878173934000V10
.media.net/	1970-01-20 18:15:16	Name: data-c-ts Value: 1704724187
.media.net/	1970-01-20 18:15:16	Name: data-c Value: k-f5VOPhIBS-1t1N6txSdfjxiQQ35nc2n2jlU5ng~~3
exchange.mediavine.com/	1970-01-20 17:52:13	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%225fc507d0-ae32-11ee-87d1-613fb43daebf%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:52:13	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%225fc507d0-ae32-11ee-87d1-613fb43daebf%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:52:13	Name: am_tokens Value: %7B%22mv_uuid%22%3A%225fc507d0-ae32-11ee-87d1-613fb43daebf%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:52:13	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%225fc507d0-ae32-11ee-87d1-613fb43daebf%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:52:13	Name: criteo Value: %7B%22id%22%3A%22k-24HElRIBS-1t1N6txSdfjxiQQ36x3xTJYpFscw%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/	1970-01-21 03:08:04	Name: XANDR_PANID Value: 1-6uNqfsdTLzYNI5I46WNFesbFsM_ytc1Eg5hUa7S61836sGget_Bb5ZXJqrnqD-hRz2DkPWV3NwV-BvPpmQfDOsF60UDcaEVlWC6uqpGkM.
.adnxs.com/	1970-01-20 19:41:40	Name: anj Value: dTM7k!M40<D>6NRF']wIg2GTsu7Nmx!]tcw8i_imf$9G=A^A/A/FLP(#(!a`Do@6$!y0s]9Rdq^bh^m3<QJ<:IJdX]IK<yPovjt%)ROFA#r`*r+$F^h@!=.uEU@:J#wez!a^ocXb(j:/ZI81CPCO#UPlZ[C[-kX-?6I1q
.omnitagjs.com/	1970-01-20 18:15:16	Name: ayl_visitor Value: ae96cb9caad541a619933a84037c8a5e
.postrelease.com/	1970-01-21 02:17:40	Name: opt_out Value: 1
.tremorhub.com/	1970-01-21 02:18:01	Name: tvid Value: 07b0a245474e4c0db953b92e87500053
.tremorhub.com/	1970-01-20 18:15:16	Name: tv_UICR Value: k-Y_ngixIBS-1t1N6txSdfjxiQQ35dci_4DEdu0A

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js Message: Failed to load resource: the server responded with a status of 504 ()
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=6279209723220086910 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6279209723220086910/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://bid.underdog.media/udm-r3_v2.23.3.js(Line 4) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.odatv4.com/ Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
ad-cdn.bilgin.pro
ad.360yield.com
ad.bilgin.pro
ad.yieldlab.net
adfstat.yandex.ru
adrta.com
ads.eu.criteo.com
ads.smartstream.tv
ads.stickyadstv.com
api.adrtx.net
beacon.krxd.net
bid.underdog.media
bidder.criteo.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.p.analitik.bik.gov.tr
cdn2.bildirt.com
cdnjs.cloudflare.com
cm-x.mgid.com
cm.adform.net
cm.adsafety.net
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
csm.eu.criteo.net
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
global.ib-ibi.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image8.pubmatic.com
img.odatv4.com
ipv6.adrta.com
jadserve.postrelease.com
lexicon.33across.com
lh3.googleusercontent.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
match.sharethrough.com
matching.ivitrack.com
mc.yandex.com
mc.yandex.ru
mug.criteo.com
pagead2.googlesyndication.com
pdw-adf.userreport.com
pix.adrta.com
pixel-us-west.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pm.w55c.net
prebid.a-mo.net
ps.eyeota.net
q.adrta.com
r.casalemedia.com
redirect.frontend.weborama.fr
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s.odatv4.com
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
server.seadform.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.outbrain.com
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
track.adform.net
udmserve.net
uipglob.semasio.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.nl3.eu.criteo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.odatv4.com
x.bidswitch.net
img.odatv4.com
104.18.36.155
13.248.245.213
139.162.147.24
141.226.228.48
141.95.98.65
142.132.241.141
142.250.186.98
145.40.97.66
164.132.25.184
178.250.1.6
178.250.1.9
18.192.184.174
18.196.116.41
18.245.86.66
18.66.192.9
185.102.219.172
185.102.219.173
185.64.189.112
185.64.190.79
195.142.105.13
195.142.105.24
198.47.127.205
2001:4860:4802:32::36
216.46.185.183
217.79.178.236
23.211.9.5
23.215.22.232
23.32.185.35
23.50.131.84
2600:1f14:b4f:4b03:ac04:2015:d9fd:fbf5
2600:1f18:1aca:4282:8ad8:dd44:809d:fc4f
2600:1f18:612b:4280:f67c:5dbe:1df:e791
2600:9000:20c3:c800:6:44e3:f8c0:93a1
2600:9000:223f:1e00:8:48e:53c0:93a1
2600:9000:2247:3e00:1b:5138:8a40:93a1
2600:9000:237d:a200:5:c4ab:c3c0:93a1
2606:4700:20::681a:69
2606:4700::6811:190e
2607:ae80:192:1::173
2607:f350:3:2569:0:10:0:c
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:801::2001
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9a
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:6b8::1:119
2a02:6b8::346
2a02:6ea0:c700::10
2a04:4e42:400::649
3.120.203.57
3.121.27.153
3.127.26.122
3.71.149.231
34.117.157.22
34.239.37.162
34.241.183.25
35.190.24.218
35.244.159.8
35.244.174.68
35.244.193.51
37.157.2.228
37.157.3.20
37.157.3.26
37.157.5.132
37.157.6.235
37.252.172.123
46.19.11.36
52.1.106.21
52.1.62.209
52.16.166.255
52.17.148.138
52.208.209.23
52.214.179.171
52.218.109.131
52.223.40.198
52.57.138.113
52.57.164.72
54.220.142.223
54.220.146.23
54.228.30.154
54.243.150.2
54.78.254.47
68.71.249.118
69.173.144.138
69.173.144.139
70.42.32.31
77.243.51.121
77.243.51.122
8.2.110.161
8.39.36.142
85.114.159.118
88.221.168.23
89.187.169.43
91.210.226.73
92.123.17.8
99.81.243.254
013f9b51aa652689e9d1dfb834e90709b951119aa3b339dc3560ce2b125afce7
01b4d4d583a5ce9c43e6a66929f828858c061b8ec26281f7c993ff4505fae76e
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01ecee50132d4638110969c13f18b53e320f37760fbd68a2361642fec6ad3c42
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b59c84236e1aa480f6e46307bc58e447153f649c3e78390495b1ae6ef08730b
0dc204da098b4b171bbd3c419435e6e7c4bb377344b159c3dd91ba5aa5facdfe
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74
147ddcd09b547a588faf17bc6ff40089b06a94d9b2ba86b149fbc0fbe7daaa90
1539b900431cb00eacc53aae5e8f42ed9a0542a59cd209467725f37070b31f35
1695bb295ba2a947f017855bfd9ac29b52fa9646e8b7005aebab71b04c1d2ca4
17329acd2ee5bae535ba4f21005aa2e15a6d7f2dbec2faa9d79da30ed0f1cbd9
1812d364ed7ac037dd15cdbb3836136f979bc0acb9a6f16047011236c250784e
1826a350c731f9556d3b5709c082e53caf1581ebd94ee860a32c919dd392923c
18655862ada4d166c8c267d49bbfa12cd0e2555bb0ac7e8bd4111f7a7406296e
1afa0aadf028a885232fbc74f67ed905507811cd203c4f1e71c1dec7de2e2e2a
1ff078dc125f619bff818f7ce165e62f1f833f81ed0e06cd943ce9ba456a9833
22c4aadca5d348d4719abebea9f06d055709954b309a2f083f17d5d809b1bb91
23d968342a52b86e5f3bba69ab439e051c1447c1ea8655135c2e014bb8c6c887
27305ed26f0a10bce4bac3a9e3246e32bc0ef86caf400439aa9605fe43541523
2a28ed1f4416225983bca622c48d25607fd8e531123f9f88d674a59eff773c97
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2de97ab1e52e910ecd1f4cfde42731c97434a9485e27d165e65f5046ee50ca59
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d2e3097fe47790d1f609e119e11473d39d220fca977f954370a36f1ad90408
3175bc71431ecc79777022b199307abd8163b928a75734d2a32735512942fb63
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
330fa0d3e8c6b779d1cd0097b0d33f2e05f28d440a48b033e6caa50b91adf1ca
34c9f592a26e27a693465932a4a21853a26b58895845c5652a0fd89bbf722126
3b43adc4bb1104e13a1e0644c0aedbc64a57b7fca1ecfcc67188b1957dd1c087
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cc5f7fef70ac33402d2ef7b4c7ea9743e4539fd7ebed4883f54aadea90ee9b9
3cfa6c2f278e3cd295907cd85268e0d4b280a053432bf3cac5cd05f5fc356e92
3fc01193dba3746d46bcd6098785c8e111eacee7182525c666744393281a8b0a
403ad7880942459e2effb03f53cb113909178fba3eb52755c65cc35e3213bbd2
4342562d584c88ee7622ddcb4067d620e1efcb5781f281f3085364f0ce161147
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4669a239505750efea97a33c4ee1afdebaeb9b05f64169b9f28c684d9f442586
46d49584af9defb5738f3f1668afec311f85f86258ecb94575a06949fa16cf92
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf8f24dfa15d03ed91c96ea95a5d57c46a6403612ab276460cad7f66e317a9f
4c4ef6213a148afd82b68c2b1306595f0d12bd41bd45d8305cf08d19bb545df5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
514cf8050df26c0008c57cafa7fab28886149ff46c360f626a8754ab05a4db38
525e2bb75aaf6bf8faa37553903e8460f97a379f5e882d0b4d30fe7b163952f6
52f9d5874b8cd118d71143a0be171dd14847c584b761bc26b584f41e077ffc2d
531a5959818566e3b9ef2e30841ae80bd5071835433441dbdac25463e9523263
54284af1b31c9452f5794d4352f27be697b7284621c48df2bc980beae4ee89d1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c7380da8a90ba7c759dd2abff86a7aee3cb45064f88b713509ff096da76acf
5f188bd596926e30a865819ba8e19e526f0c4ad77babe539688b7bb905b8faed
60595d607e005fe7145347876c14c43532e2dcb11c6c0e0ac886dca4f2f7ed4f
6654a63b00bdd0bf9d5826c7ab72a84f9e5647ecd6c2ace67503456319b1838e
69c421224393b20f42cdda7a8e83bf055fc756ae1c41e424d9e21f41bb4d4c9e
6a23ed6315c2eee33bcd2bd896031f746a44e0f83a826d7d47bbac5873beafd3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71e7913dd43b05d0cee1c8c0c9d87558b55efe31d6e768d840d1ef5211b9672d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7519a00aabedef1aa4169f4a6432c01c9e5f367e96828eaddece89efb0bf2d2b
7641f878b43499fe0704b8000d27907fc76647c093dbb267fee9d7db1e27ad3d
7df4ad4c074a08da990fb11d3a0ef15eeed691e2791acc040342e0a79ea06370
80fec52519cc438c59845fe0bcee9800fad9c58d3fbc265b1f5f43268744aeba
81df2a2172aed2eae0f5f367d9ccf4e26787eb94590afc26fb08ff2b336f9aa2
821b586cfd2d8e439b41fc825d0fb17a134de6c7476a9bb22fb6f587ea7d25eb
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8354d043bdebec71c66c058e88ecc6f032f98e2dad2c9efe882a39e01619f101
8480f18e1c0c46bfedd2db03e63ee6a6c4ce12e4e65b4b88eb512e9afb509236
849466434cf3178db22d0b17be355de5975f49d14efae528565e6da13477e216
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
8591120e67a7619cb23657685570668872d131df42ae8803aae70e1554dc7870
87c433bb7e62f40cfcdf4015678e9e6ed606a95fd4f9ab2d6fd79d9e4caf9610
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eea26c938c0ff40eb8b5473235d625ba8aef8a8fd7afba9cf25ede95c7be979
90ca3828c6ecb2fa89de59f195b51d9e4f87b385bad085daea25430fb0f442b8
914aa604be5d12a6e51c98707f37efc8ecad94a274f7b9923740fbb2ac404c0b
9195d4b0755c8322c6d6c23429009e013f46fb56ce0567e24ea1f57d6cf87495
9579c6186697769c28ed3b615a5043736dc5fc0f8568907e9913fa1ddbf3d0c6
95a63f4c0b1c6071120c8fb60c6432bbe8f2602031ff9abb54c8853e9f7bfe9a
98684e6967aaa1452b641cf86f1a0a3797f7f2459d4d35c68f4cc3b0d7f288c8
9997a161ba07a0d45d90c7c2cc01c9f7538668ed708e5fb0a0ae3d64b52c1edf
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9b63e64e05be954b114550f2273839d52190b7a276334f8978a20bb71bdf347e
9c09092ff303a939ee4da310d09221e28b4c5a3417e367e7382d41709ba67aef
9c83c58245feda2ec01ff69d59bdb3e19e2e54fb5947d033c2d16355371eea97
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a26c21a6f7829290ccc04356b8f79326b43cc8688af44cf9b7e434d4f1cc1130
a453da48ab21d90cfa466ae28ce0d6625f5221d73abd105e89d93c0757af1699
a521498d9b4a6a6564c82c2c0f1066834b6522e99280e21a74f519f08386e52d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8ae12f388dd71fa7e1beb5ae60cc13d22d650759e43cb699dc5681f811b016d
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
ad4d32e88e9be320ada86f388a0af16271a201529e4a16ea048036136881550d
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
af03ff13a82bee00484d37fba0c9fd720a217cef7f96b2c40739d781830f9929
b04a6c4eb3d2cc4a3ab426c10c44ee28fdf0fd545039a645f4c1798f5d1512c5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15e0d3608fa2999da7afa1a1867abeb6a9e77f23749b540cb5bd220a5126089
b31999dc90ac170b0047dc965db9e855c8445c472a6a34dccd9fcf2b60eddaaf
b52c296434874bc4a8345c41d72ae465968f2a4423013cd5126efbd154937478
b775254240e867c5898d714593ba61ac60181000f92c72585af9a61d75bb45dc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbdb6233272d7b44024a33dd82124282e9e6b0e99184e2051866b75a2a17bac0
bc3f722804514e49fd53fde8d03a3c304afe2172f4a113f61b5d18a01d2f8971
bdab78761610f3b51e6b02e20ad2ae275c855a3bcd0de3ef89efdbfdb0b48128
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c253e550f1335f58c68aad7934de9ec5b9f777003541efb755beb7d4732cb1bc
c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b
caaee48c36c85aeb82c99b4ef24be6bfec39bdbaae300e7788777f84f7451f06
cb186e89ba390abf3b9f03eed288c5e5072fc775b100eaa53d75eda1454e5924
cd31c847d6dafaedffaed40114e7603a8d930ea4822854f6b3d9a7fce24d7eba
cd9832da1376a347fc65a01d53fdb7022548ff8f4cc539b7cf0501b4d566da3c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
cf6aca4d69658e6be224bd3b542cc92c2802a34fbbcdcf49d4a67ad9af33889e
cfa99958d30e8cdc100875027a34077c7482839938668fd27fa6d52ae0172737
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2a16e14cd9f81aa0d59d4307b51cdbf090a8dc956b0d78a542f7953f8681bb3
d4b13183cfdff068fe054e1d2d26d424fdad9ea73733e1a608d9292191ef706b
d8190bfa19f15fe8be6193f282e1560038fd666ea060dc3c57bce4e7958ddb2c
d879dd0724fc22cb29a83a3ab14958e0227b014d723a5e642b937be7355502f6
d9fd85ea825efddfa1b8cf0afae1c2cb8d7da9ff89f0ffea212349a2daf1503e
da9105dc0dbb37ef858857270f14ea43d31006063b9eeaf014d00726b53db11f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f2a9786f403ddfbefe8626d44a482f87169041950c2b8884a686f10c6e5602
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
e7a207f4b097c4399dfc80e9381e35ce7df9db2c97f57ac2ec92f964044bb7c0
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3e32e0c964c7edd30e1df1ae75b1922ceacdb6b3e84b7f5d64782c4dec585b
f0b62f15310a8fdbcc9fc7cd49a445a1e09b22c82ac06d2b746106212fcc0de4
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f86a18d009ea8cc9e71ef5996c1eab7bfc7972dcb7e8760f9930e2b10b1e9219
f9299e6a9b1a3106e1489f974221459cf31a78258192b00cf9653f6a9df4b290
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.odatv4.com Open in urlscan Pro 185.102.219.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

250 Requests

90 %HTTPS

31 %IPv6

81 Domains

118 Subdomains

98 IPs

13 Countries

3400 kBTransfer

7129 kBSize

111 Cookies

8 Outgoing links

Page URL History

Redirected requests

250 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.odatv4.com Open in urlscan Pro
185.102.219.172 Public Scan

Screenshot
Live screenshot

Full Image

250
Requests

90 %
HTTPS

31 %
IPv6

81
Domains

118
Subdomains

98
IPs

13
Countries

3400 kB
Transfer

7129 kB
Size

111
Cookies

250 HTTP transactions
0 data transactions