shbndn.guvenliodemepay.com Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

85 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

• https://gcdn.2mdn.net/videoplayback/id/1006460be4885d85/itag/342/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3876376763/sparams/id,itag,source,xpc,ctier,acao,ip,ipbits,expire/signature/53F33BDB04DA98A0409D92A73B9ECFD7ABF76472.6A6705DA8553D667003433D53854392F95426403/key/ck2/file/file.mp4 HTTP 302
• https://r4---sn-4g5lznl7.c.2mdn.net/videoplayback/id/1006460be4885d85/itag/342/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3876376763/sparams/acao,ctier,expire,id,ip,ipbits,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/19F28643087DD501DCE638CF914F61567F566AE2.3B1267DC489E6202FDD5A20B021CBFBE3EB5E7C8/key/cms1/cms_redirect/yes/met/1732774071,/mh/df/mip/2a00:1630:2:602::15/mm/42/mn/sn-4g5lznl7/ms/onc/mt/1732773620/mv/u/mvi/4/pl/32/rms/onc,onc/file/file.mp4 HTTP 302
• https://r1---sn-5hne6nzd.c.2mdn.net/videoplayback/id/1006460be4885d85/itag/342/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3876376763/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/59216691F7441201CB61396F54189FE93B7D3FDC.420C82A829B19F7755216F732CE7436B511C1F1B/key/cms1/met/1732774071,/mh/df/pl/22/rms/onc,onc/redirect_counter/1/rm/sn-4g5er77z/rrc/104/fexp/24350590,24350675,24350705,24350737/req_id/53459fc87e60a3ee/cms_redirect/yes/ipbypass/yes/mip/31.204.152.149/mm/42/mn/sn-5hne6nzd/ms/onc/mt/1732773620/mv/u/mvi/1?file=file.mp4

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ilan Show response shbndn.guvenliodemepay.com/	233 KB 73 KB	266ms 226ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.14 PleskLin Resource Hash 63acefa79ed34283ea15743392c45c0bede91b82f285ba3ba597319643963911 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e982e112ac10ae3-AMS content-encoding zstd content-type text/html; charset=UTF-8 date Thu, 28 Nov 2024 06:07:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwkDmkVfEjM9TfAhYMZ8f0%2BlQS3GBV2EnzrxtdGRZZ5sA04OEOrXHEZIyB%2FfOPgtwcqumh%2BKJDxdVE2C2HsZnYw65eVdpOZe5V8g%2Fpw80rwa%2FlsqpMwvoIXiJDrW0Pmn%2Fp2lRdsGsAx%2BGiUmg3LFyA0IoeV%2FTCRquA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=14307&min_rtt=14162&rtt_var=2349&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4000&recv_bytes=2466&delivery_rate=269870&cwnd=251&unsent_bytes=0&cid=1246b51885d6f266&ts=232&x=0" vary Accept-Encoding x-powered-by PHP/8.3.14 PleskLin
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	107 KB 33 KB	84ms 37ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 384810b9b4dff21c380c26d7564c5ef3efd041d95af22d08186f82370a286e1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ Response headers content-encoding br etag 389 / 20055 / m202411180101 / config-hash: 2173145291705866055 x-content-type-options nosniff expires Thu, 28 Nov 2024 06:07:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 28 Nov 2024 06:07:50 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 33299 x-xss-protection 0 server cafe
GET H2	200	common:2a82107b2f1822aa16d7c82ab20608bd.css s0.shbdn.com/assets/	223 KB 39 KB	256ms 63ms	Stylesheet text/css	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Full URL https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 8b5457b9a166e5a12bcb1a0397aac8abb187ab29f8ae0cc7f4ab5f6197674d9e Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-encoding gzip etag W/"63cfcf82-37d6e" age 240058 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 11:26:54 GMT content-type text/css last-modified Tue, 24 Jan 2023 12:30:58 GMT vary Accept-Encoding access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) access-control-allow-origin * content-length 39602 x-proxy tmll-204 3,8080 server Sahibinden Web Servers
GET H2	200	classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css s0.shbdn.com/assets/	537 KB 94 KB	319ms 126ms	Stylesheet text/css	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Full URL https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 475278b0d314514796bf3975e76512cf921d3a38780993d561eb693561020d4f Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-encoding gzip etag W/"63d8fa26-863ae" age 240058 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 11:26:54 GMT content-type text/css last-modified Tue, 31 Jan 2023 11:23:18 GMT vary Accept-Encoding access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) access-control-allow-origin * content-length 95621 x-proxy tmll-204 5,8080 server Sahibinden Web Servers
GET H3	200	axios.min.js Show response cdnjs.cloudflare.com/ajax/libs/axios/1.3.1/	31 KB 11 KB	51ms 29ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/axios/1.3.1/axios.min.js Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd5c21becc119fd932a6ee293112bc4198207071e3240c9a76c2dc62c5c4da00 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "63daf72b-298a" age 712234 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NW%2F5riIsw2%2BXGtzNoNrbfcp6zinQ3%2FWhp8f6BCB9ZZfT5A2Ngs5d9hfbmTrLdG5TB5yfYkfBPHPQ65odbK0IeAcAFf6hjjg%2FqHHgjysMa6LfRn4uI41bdeZx%2FMr7ETObGZ2l5NCu"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Tue, 18 Nov 2025 06:07:50 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 28 Nov 2024 06:07:50 GMT content-type application/javascript; charset=utf-8 last-modified Wed, 01 Feb 2023 23:35:07 GMT vary Accept-Encoding priority u=1,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e982e12d8110e3b-AMS accept-ranges bytes access-control-allow-origin * content-length 10634 server cloudflare
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 31 KB	60ms 18ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers content-encoding gzip etag W/"28feccc0-15d9d" age 2756396 x-cache HIT, HIT date Thu, 28 Nov 2024 06:07:50 GMT content-type application/javascript; charset=utf-8 last-modified Fri, 18 Oct 1991 12:00:00 GMT x-cache-hits 51, 18899 x-served-by cache-lga21931-LGA, cache-bru1480041-BRU vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=604800 x-timer S1732774070.233711,VS0,VE0 cross-origin-resource-policy cross-origin via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 30875 server nginx
GET H3	200	367667.jpeg reypanel.cloud/images/	82 KB 83 KB	48ms 25ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://reypanel.cloud/images/367667.jpeg Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 90d63a2f175ed43d943875153d25160da93bb62bcbe6369129974e0de42e9928 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers cf-cache-status HIT etag "6747164a-147ab" age 280 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iQ%2BZ%2BW1NBuxOw%2Byj%2BJvDWibdSE7T4pPwn7AErgFim3Z89C%2FVbewKATRF%2F3v79dHoA1l%2BlFrpgMh6bfsLRVY1p6RK%2BRBPtKn%2Fk5OIFFxO0wc2BiSBDMQAQ9SxqylqPCP6hw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14677&min_rtt=14578&rtt_var=5537&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4109&recv_bytes=4387&delivery_rate=182221&cwnd=12000&unsent_bytes=0&cid=a153a480dec950b4&ts=31&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 28 Nov 2024 06:07:50 GMT content-type image/jpeg last-modified Wed, 27 Nov 2024 12:53:30 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e982e12da9d668d-AMS accept-ranges bytes content-length 83883 x-powered-by PleskLin server cloudflare
GET H2	200	prebid:35802e87d11a2ce2ec228c6e38acf487.js Show response s0.shbdn.com/assets/	185 KB 70 KB	63ms 63ms	Script application/javascript	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Full URL https://s0.shbdn.com/assets/prebid:35802e87d11a2ce2ec228c6e38acf487.js Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 89b18a7d4c82e76ede5110c86e82655eea78ccd4bdc6086ee27b715746f96c07 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-encoding gzip etag W/"6740593c-2e4f6" age 245777 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 09:51:33 GMT content-type application/javascript last-modified Fri, 22 Nov 2024 10:13:16 GMT vary Accept-Encoding access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) access-control-allow-origin * content-length 71577 x-proxy tmll-204 4,8080 server Sahibinden Web Servers
GET H2	200	common:9f4a897fbafd9bfbe9051eba7f7fc601.js Show response s0.shbdn.com/assets/	472 KB 171 KB	436ms 246ms	Script application/javascript	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Full URL https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash aaf551f850f010ff4b1538b7ff62ef0703b91849cc4962665d33e6312aa1b5a5 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-encoding gzip etag W/"63e39982-75e15" age 240057 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 11:26:55 GMT content-type application/javascript last-modified Wed, 08 Feb 2023 12:45:54 GMT vary Accept-Encoding access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) access-control-allow-origin * content-length 173782 x-proxy tmll-204 4,8080 server Sahibinden Web Servers
GET H2	200	searchSuggestion:f139f29f0bdeb5b0e6c7ed5512303827.js Show response s0.shbdn.com/assets/	14 KB 5 KB	347ms 248ms	Script application/javascript	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Full URL https://s0.shbdn.com/assets/searchSuggestion:f139f29f0bdeb5b0e6c7ed5512303827.js Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 0adf0bce9c69989950d0134f3b0a6022a98c180b76cb8a28bfaaab5187020f6d Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-encoding gzip etag W/"652fcbee-39ed" age 240056 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 11:26:56 GMT content-type application/javascript last-modified Wed, 18 Oct 2023 12:13:34 GMT vary Accept-Encoding access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) access-control-allow-origin * content-length 4858 x-proxy tmll-204 3,8080 server Sahibinden Web Servers
GET H2	200	classifiedDetail:f39a9a2ee973ea563946c9fbefaacac8.js Show response s0.shbdn.com/assets/	880 KB 301 KB	62ms 62ms	Script application/javascript	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Full URL https://s0.shbdn.com/assets/classifiedDetail:f39a9a2ee973ea563946c9fbefaacac8.js Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash dd62305a57c183e84c3a941c307cb54a67aeda4c353b36bfa951743a70a46c71 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-encoding gzip etag W/"63d8fac4-dbf8e" age 240056 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 11:26:56 GMT content-type application/javascript last-modified Tue, 31 Jan 2023 11:25:56 GMT vary Accept-Encoding access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) access-control-allow-origin * content-length 305736 x-proxy tmll-204 5,8080 server Sahibinden Web Servers
GET H2	200	lastScripts:cfa5d49129048f4e398f292f2accea2c.js Show response s0.shbdn.com/assets/	47 B 176 B	63ms 62ms	Script application/javascript	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Full URL https://s0.shbdn.com/assets/lastScripts:cfa5d49129048f4e398f292f2accea2c.js Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash fb589526ee553a3625c42787485a4dab000ed1c9af6d6a449a17bc7e5299f029 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-encoding gzip etag W/"6740593c-2f" age 245778 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 09:51:33 GMT content-type application/javascript last-modified Fri, 22 Nov 2024 10:13:16 GMT vary Accept-Encoding access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) access-control-allow-origin * content-length 67 x-proxy tmll-204 3,8080 server Sahibinden Web Servers
GET H2	200	sweetalert2@10 Show response cdn.jsdelivr.net/npm/	71 KB 20 KB	61ms 18ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/sweetalert2@10 Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2d5fa531e30ac3debad673003128f1ca9ad3c964ef17b547377e7ed09bd4504f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers access-control-expose-headers * content-encoding br etag W/"11dc8-k2jefS6LDTNa26qxcRQ+MH7V+1Q" age 22123 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Thu, 28 Nov 2024 06:07:50 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-etou8220022-FRA, cache-bru1480031-BRU vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 20505 x-jsd-version 10.16.11
GET H2	200	header:052021775b36a00993ef761643a87e8a.png s0.shbdn.com/assets/images/	47 KB 47 KB	62ms 61ms	Image image/png	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Show image Full URL https://s0.shbdn.com/assets/images/header:052021775b36a00993ef761643a87e8a.png Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 8812cc00a2600bfae283d99f05c3d302da94432265c0e796f62f0c55a8eba9cc Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range etag "63d00a52-bbcd" age 240055 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 11:26:57 GMT content-type image/png last-modified Tue, 24 Jan 2023 16:41:54 GMT x-frame-options SAMEORIGIN access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) accept-ranges bytes access-control-allow-origin * content-length 48077 x-proxy tmll-204 5,8080 server Sahibinden Web Servers
GET H2	200	detail:09f7b52d46bd89fa5af69e73f7b57fa4.png s0.shbdn.com/assets/images/	14 KB 14 KB	93ms 93ms	Image image/png	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Show image Full URL https://s0.shbdn.com/assets/images/detail:09f7b52d46bd89fa5af69e73f7b57fa4.png Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash f27485407773be13e4df8c678ad4af4570780a3320bd8cd154713625c8aa777b Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range etag "6740583a-361b" age 245776 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 09:51:34 GMT content-type image/png last-modified Fri, 22 Nov 2024 10:08:58 GMT x-frame-options SAMEORIGIN access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) accept-ranges bytes access-control-allow-origin * content-length 13851 x-proxy tmll-204 4,8080 server Sahibinden Web Servers
GET H2	200	paylas:5096d03da35a68192ad5e01630f43a89.png s0.shbdn.com/assets/images/	2 KB 3 KB	94ms 93ms	Image image/png	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Show image Full URL https://s0.shbdn.com/assets/images/paylas:5096d03da35a68192ad5e01630f43a89.png Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 62b23ecdcee679aabc4fa26cf7b785344f4bb4054f307e950366d47bac0b99b9 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range etag "64faf340-9f4" age 240055 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 11:26:57 GMT content-type image/png last-modified Fri, 08 Sep 2023 10:11:12 GMT x-frame-options SAMEORIGIN access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) accept-ranges bytes access-control-allow-origin * content-length 2548 x-proxy tmll-204 4,8080 server Sahibinden Web Servers
GET H2	200	video_passive:35648402316781a17a3929eb3ee0d540.png s0.shbdn.com/assets/images/	292 B 370 B	96ms 95ms	Image image/png	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Show image Full URL https://s0.shbdn.com/assets/images/video_passive:35648402316781a17a3929eb3ee0d540.png Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 95a74e168be9430efa6fd93474d7b6b5640d7c6d6b1ee65f6bd1e04390eb7606 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range etag "6740583a-124" age 245776 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 09:51:35 GMT content-type image/png last-modified Fri, 22 Nov 2024 10:08:58 GMT x-frame-options SAMEORIGIN access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) accept-ranges bytes access-control-allow-origin * content-length 292 x-proxy tmll-204 4,8080 server Sahibinden Web Servers
GET H2	200	classifiedPriceHistory:cf599a98c9b0f2a2539c2b19f28b9452.png s0.shbdn.com/assets/images/	10 KB 11 KB	96ms 96ms	Image image/png	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Show image Full URL https://s0.shbdn.com/assets/images/classifiedPriceHistory:cf599a98c9b0f2a2539c2b19f28b9452.png Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 9fc2456f86ccef56926373548f09363de2d2124a2b694a4a5c29a27d2d86d7c6 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range etag "6740583c-2992" age 245776 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 09:51:35 GMT content-type image/png last-modified Fri, 22 Nov 2024 10:09:00 GMT x-frame-options SAMEORIGIN access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) accept-ranges bytes access-control-allow-origin * content-length 10642 x-proxy tmll-204 6,8080 server Sahibinden Web Servers
GET H2	200	classifiedDetail:78e5078d0ca5926bf90a3b1f530ba8f0.png s0.shbdn.com/assets/images/	77 KB 78 KB	94ms 94ms	Image image/png	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Show image Full URL https://s0.shbdn.com/assets/images/classifiedDetail:78e5078d0ca5926bf90a3b1f530ba8f0.png Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 04494b9f6615125922301037d9a4ff133e3c083682a8b1a0b2c8e727fcc9b574 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range etag "641930f4-13366" age 242188 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 10:51:23 GMT content-type image/png last-modified Tue, 21 Mar 2023 04:22:12 GMT x-frame-options SAMEORIGIN access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) accept-ranges bytes access-control-allow-origin * content-length 78694 x-proxy tmll-204 3,8080 server Sahibinden Web Servers
GET H2	200	classifiedDetail:befe607f6b4449467e8debc0284369ce.png s0.shbdn.com/assets/images/	31 KB 32 KB	98ms 98ms	Image image/png	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Show image Full URL https://s0.shbdn.com/assets/images/classifiedDetail:befe607f6b4449467e8debc0284369ce.png Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 57aeb4eff25bc8a07d4f3a5c1bebbfec07bd486523e0f5279f71ab3e073fa74e Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range etag "654e302e-7cfa" age 240258 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 11:23:34 GMT content-type image/png last-modified Fri, 10 Nov 2023 13:29:18 GMT x-frame-options SAMEORIGIN access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) accept-ranges bytes access-control-allow-origin * content-length 31994 x-proxy tmll-204 5,8080 server Sahibinden Web Servers
GET H2	200	sellerProfile:11a9c57bcf91f7f30bb85d38ab05ac37.png s0.shbdn.com/assets/images/	7 KB 7 KB	99ms 98ms	Image image/png	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Show image Full URL https://s0.shbdn.com/assets/images/sellerProfile:11a9c57bcf91f7f30bb85d38ab05ac37.png Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 37d3d4785b04d5be22fd81e7b22170c7e9e6b1f66763c15dbcd860622954bf53 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range etag "66a0d6ee-1cf1" age 240055 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 11:26:57 GMT content-type image/png last-modified Wed, 24 Jul 2024 10:26:54 GMT x-frame-options SAMEORIGIN access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) accept-ranges bytes access-control-allow-origin * content-length 7409 x-proxy tmll-204 6,8080 server Sahibinden Web Servers
GET H2	200	10:9367b4efdc17ff6313e3bbbc3550afbe.png s0.shbdn.com/assets/images/	2 KB 2 KB	100ms 100ms	Image image/png	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Show image Full URL https://s0.shbdn.com/assets/images/10:9367b4efdc17ff6313e3bbbc3550afbe.png Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 148499dce2da6272593a36cfab771b974458f254e62826fa2eb118b610ceb832 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range etag "6740583a-7c7" age 245776 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 09:51:34 GMT content-type image/png last-modified Fri, 22 Nov 2024 10:08:58 GMT x-frame-options SAMEORIGIN access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) accept-ranges bytes access-control-allow-origin * content-length 1991 x-proxy tmll-204 5,8080 server Sahibinden Web Servers
GET H2	200	footer:897327958bad301977bab9f9cf429b01.png s0.shbdn.com/assets/images/	6 KB 6 KB	120ms 119ms	Image image/png	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Show image Full URL https://s0.shbdn.com/assets/images/footer:897327958bad301977bab9f9cf429b01.png Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 6557336e1ec45c09ccce3aa2bd88c82d3ba57cd2163218fe75d14caea3830181 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range etag "6740583c-18a7" age 245777 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 09:51:34 GMT content-type image/png last-modified Fri, 22 Nov 2024 10:09:00 GMT x-frame-options SAMEORIGIN access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) accept-ranges bytes access-control-allow-origin * content-length 6311 x-proxy tmll-204 6,8080 server Sahibinden Web Servers
GET H2	200	group-2:aa3f890f7a83e1ccf00f8a24b53f033b.png s0.shbdn.com/assets/images/	2 KB 2 KB	121ms 121ms	Image image/png	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Show image Full URL https://s0.shbdn.com/assets/images/group-2:aa3f890f7a83e1ccf00f8a24b53f033b.png Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash f5f6bdd8c7b8e9421a4a9a192b5964d536f0e6f114a7729d14342024896da804 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range etag "6740583c-92a" age 245779 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 09:51:34 GMT content-type image/png last-modified Fri, 22 Nov 2024 10:09:00 GMT x-frame-options SAMEORIGIN access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) accept-ranges bytes access-control-allow-origin * content-length 2346 x-proxy tmll-204 6,8080 server Sahibinden Web Servers
GET DATA	200 OK	truncated /	35 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash affe37b465da5c8e7605b32ce0f19dd9c4d10a73f9a9c73484c98336bb6af25d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jpeg
GET H/1.1	500 Internal Server Error	39228 tags.bluekai.com/site/	0 0	84ms 24ms	Script text/html	72.246.169.24 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.bluekai.com/site/39228?ret=js Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-246-169-24.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers Cache-Control max-age=0, no-cache, no-store Pragma no-cache Connection keep-alive Expires Thu, 28 Nov 2024 06:07:50 GMT Content-Length 27 Date Thu, 28 Nov 2024 06:07:50 GMT AK-GRN 0.368f1402.1732774070.abdfbd8 Content-Type text/html
GET H2	404	dynamicParameter Show response shbndn.guvenliodemepay.com/ajax/	392 B 778 B	50ms 49ms	XHR text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shbndn.guvenliodemepay.com/ajax/dynamicParameter?paramName=FEATURE_DISCOVERY_DISPLAY_FREQUENCY Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8923c3674738bfa9eb7889a009fa36b55139af036f7fff8ec80d3238781c1035 Request headers Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Content-Type application/json; charset=utf-8 Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3maGM23%2Fyj1wtZbfw9%2FP98F5u0WkAusba3yfPB88lNNA03iaTkwiz8i3XWhN7AtXYUApL%2FWhE5l3cLawCcRNKprnHNxEkwh3CB0BnAvqilzIvAQmoHU4QjltLytltUjBoZZg7KQixJMPKf9sKIRODZdPDk4vNVPZPw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e982e16af260ae3-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=20358&min_rtt=14162&rtt_var=11770&sent=88&recv=48&lost=0&retrans=0&sent_bytes=79801&recv_bytes=2773&delivery_rate=5910290&cwnd=277&unsent_bytes=0&cid=1246b51885d6f266&ts=931&x=0" date Thu, 28 Nov 2024 06:07:50 GMT content-type text/html; charset=iso-8859-1 vary accept-encoding server cloudflare
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame 2847	0 0	87ms 43ms	Document text/html	172.217.16.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdO2L0ZAAAAAPx76ulSR5rhwmAD-wBiAxUlfA7Q&co=aHR0cHM6Ly93d3cuc2FoaWJpbmRlbi5jb206NDQz&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=3sf8m78axnm6 Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f4.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Zvy9a1Jk6QqmArdeCnvw0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-Zvy9a1Jk6QqmArdeCnvw0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Thu, 28 Nov 2024 06:07:50 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H2	403	button accounts.google.com/gsi/ Frame F6F5	0 0	90ms 38ms	Document text/html	2a00:1450:400c:c0a::54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/button?theme=outline&logo_alignment=left&size=large&shape=rectangular&text=continue_with&type=standard&width=320&client_id=998609949251-di88ghsmju45dr0kh1oi42ti46k9f4nl.apps.googleusercontent.com&iframe_id=gsi_42511_452900&as=wPiH4REMH07o33sxZ6ooFw Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-gclAWjClKavvf2hkdzjV0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-gclAWjClKavvf2hkdzjV0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" cross-origin-resource-policy cross-origin date Thu, 28 Nov 2024 06:07:50 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/	492 KB 152 KB	22ms 22ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers content-encoding br etag 1421939719645060458 age 24023 x-content-type-options nosniff expires Thu, 27 Nov 2025 23:27:27 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Wed, 27 Nov 2024 23:27:27 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 155913 x-xss-protection 0 server cafe
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	74 B 85 B	39ms 39ms	XHR application/json	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shbndn.guvenliodemepay.com Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 8931c6d678c8143d948ca86d92693b75e0ddb12fcf4b308b40c1169839e82ab0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Thu, 28 Nov 2024 06:07:50 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 61 date Thu, 28 Nov 2024 06:07:50 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
POST		info banaozel.sahibinden.com/ajax/login/	0 0
POST		info banaozel.sahibinden.com/ajax/login/	0 0
GET H2	200	ui-bg_highlight-soft_100_eeeeee_1x100:384c3f17709ba0f809b023b6e7b10b84.png s0.shbdn.com/assets/images/	90 B 145 B	63ms 62ms	Image image/png	85.153.138.73 TELLCOM-AS Supero...
General Check archive.org Show headers Download Go to Show image Full URL https://s0.shbdn.com/assets/images/ui-bg_highlight-soft_100_eeeeee_1x100:384c3f17709ba0f809b023b6e7b10b84.png Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR), Reverse DNS Software Sahibinden Web Servers / Resource Hash 41ff65fb4f9b6f2fa9c9d025c2e9b0c9e09a2aee6f32266d19ee93c8af4dacbf Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css Response headers access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range etag "6740583c-5a" age 245778 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Mon, 25 Nov 2024 09:51:34 GMT content-type image/png last-modified Fri, 22 Nov 2024 10:09:00 GMT x-frame-options SAMEORIGIN access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range strict-transport-security max-age=63072000; preload cache-control max-age=31536000,public via www.sahibinden.com(c) accept-ranges bytes access-control-allow-origin * content-length 90 x-proxy tmll-204 3,8080 server Sahibinden Web Servers
POST H3	404	1098735995 Show response shbndn.guvenliodemepay.com/ajax/counter/increment/	392 B 914 B	73ms 73ms	XHR text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shbndn.guvenliodemepay.com/ajax/counter/increment/1098735995 Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8923c3674738bfa9eb7889a009fa36b55139af036f7fff8ec80d3238781c1035 Request headers Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mZfvzQ1ErpIVYotRT4xTCs27svSGniU2xUi8xhf8XR%2FKaM0vlXk0d%2BdZkQULGG88lcjs8A7RlXNfDpZdRSKXmIPwhl7aYBWXPBoTzE8wyWC9C4E4%2FUvh6UZKf%2BcQjd2tQjZ3UaR%2Bf5dAMxrjPg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e982e16e91e66a5-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16479&min_rtt=14603&rtt_var=5053&sent=15&recv=11&lost=0&retrans=0&sent_bytes=5290&recv_bytes=5049&delivery_rate=43272&cwnd=12000&unsent_bytes=0&cid=b9755c020f129675&ts=99&x=1", cfHdrFlush;dur=0 date Thu, 28 Nov 2024 06:07:50 GMT content-type text/html; charset=iso-8859-1 vary accept-encoding server cloudflare
GET H3	404	celebrity_indicate_right_top_web:4a143102619e2856355174a0c3c09525.png shbndn.guvenliodemepay.com/assets/images/	392 B 392 B	25ms 25ms	Image text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shbndn.guvenliodemepay.com/assets/images/celebrity_indicate_right_top_web:4a143102619e2856355174a0c3c09525.png Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8923c3674738bfa9eb7889a009fa36b55139af036f7fff8ec80d3238781c1035 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status HIT age 67 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rljSlSon1%2BIqr2Ubm09aNrskGbg%2BfKPmNMelaq4F5DG1SSL%2B5EjNLqkMcVKKMLsBgUqqMFgKz6jA7z7I%2FBLKBAiquFCPqijfw8yDi0j5%2BQnHKBLcNRLh0V%2BIbJToyH8bMm87t1KesATHvXNHyA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e982e17092b66a5-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15450&min_rtt=14603&rtt_var=3992&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4265&recv_bytes=5006&delivery_rate=1224&cwnd=12000&unsent_bytes=0&cid=b9755c020f129675&ts=68&x=1", cfHdrFlush;dur=0 date Thu, 28 Nov 2024 06:07:50 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	36ms 16ms	XHR application/json	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241128 Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js Protocol H3 Security QUIC, , AES_256_GCM Server 151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d95879fcab60d1d24bb811112a9daa0d857f1244517a4dc1f2c0836141658c27 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers access-control-expose-headers * content-encoding br etag W/"638-Hdc0O29/OsSbcdlNyebRFIS2n+o" age 7616 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Thu, 28 Nov 2024 06:07:50 GMT content-type application/json; charset=utf-8 x-served-by cache-fra-eddf8230103-FRA, cache-ams21028-AMS vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 812 x-jsd-version 1.0.2253
POST H2	200	dsh Show response hb.adscale.de/	11 B 236 B	96ms 31ms	XHR text/plain	35.156.111.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hb.adscale.de/dsh Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.111.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-111-178.eu-central-1.compute.amazonaws.com Software / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers x-robots-tag none cache-control no-cache content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://shbndn.guvenliodemepay.com date Thu, 28 Nov 2024 06:07:51 GMT content-type text/plain vary origin
GET H2	200	/ Show response adx.adform.net/adx/	10 B 619 B	113ms 36ms	XHR application/json	37.157.3.20 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?rp=4&bWlkPTY4MDIzMyZwcmljZVR5cGU9bmV0JnJjdXI9VFJZJnRyYW5zYWN0aW9uSWQ9NjFmYjQ5Y2MtYmIwMC00M2M4LTk4MjgtYjVjZWMwMDQ5NzMz&bWlkPTc5OTI5OCZwcmljZVR5cGU9bmV0JnJjdXI9VFJZJnRyYW5zYWN0aW9uSWQ9MzgzMjNiZGYtMTVkMi00Yzc5LWI4M2EtN2I3NWJkODZmNmZk&pt=net&stid=4005a0b9-9b1a-4885-bdc5-6849c26a6d05&gdpr=1&gdpr_consent=CPNBuu4PNBuu4AcABBENBtCgAEAAAAAAACaIAAAAAAAA&fd=1 Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.157.3.20 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash 78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers access-control-max-age 86400 content-encoding gzip access-control-allow-methods GET,OPTIONS expires -1 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" date Thu, 28 Nov 2024 06:07:51 GMT content-type application/json vary Accept-Encoding access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-origin https://shbndn.guvenliodemepay.com server nginx
POST H2	204	cdb Show response bidder.criteo.com/	0 205 B	86ms 19ms	XHR text/plain	2a02:2638:3::39 ASN-CRITEO-EUROPE...
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=10214619377 Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; access-control-allow-origin https://shbndn.guvenliodemepay.com date Thu, 28 Nov 2024 06:07:50 GMT vary Origin server Kestrel access-control-allow-credentials true
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/	94 KB 26 KB	309ms 265ms	Fetch text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=1592151606082544&correlator=2560520717006051&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&npa=1&iu_parts=32607536%2Caddetail_300x250%2Caddetail_970x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C970x250%7C940x250&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1732774071053&lmt=1732774071&adxs=1075%2C315&adys=483%2C1143&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fshbndn.guvenliodemepay.com%2Filan%3Fid%3D1167-Gonderim-ucretim-ilan%3Fid%3D1167m-ilan%3Fid%3D1167m-ilan%3Fid%3D1167%2Fm-ilan%3Fid%3D1167&vis=1&psz=300x592%7C1118x2&msz=300x-1%7C1116x0&fws=0%2C4&ohw=0%2C1150&td=1&tan=5e1906ed-f015-4db6-9efc-744d2c60f4aa%2C5e1906ed-f015-4db6-9efc-744d2c60f4ab&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732774070169&idt=742&cust_params=cr_exchange%3Dyes%26classified_id%3D1098735995%26category_id%3D242416%26parent_id%3D17082%26country%3D1%26city%3D38%26district%3D2462%26town%3D513%26quarter%3D26433%26price%3D15000-20000%26fraction%3D0%26store_id%3D%26category_1%3D7%26category_2%3D4%26category_3%3D839%26category_4%3D17082%26category_5%3D242416%26ekran_boyutu%3D6.1_%27%27%26on_kamera%3D12_MP%26ram_bellek%3D4_GB%26renk%3DBeyaz%26garanti%3DDistrib%25C3%25BCt%25C3%25B6r_Garantili%26dahili_hafiza%3D128_GB%26i%25CC%2587sletim_sistemi%3DiOS%26kamera%3D12_MP%26kimden%3DSahibinden%26haseurotax%3Dfalse%26language%3Dtr%26dmp%3D&adks=3994822566%2C2091477338&frm=20 Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 323fdcc8e2cea13e9ce642e8d5190c4109be2047c0a5be40ba2e24a160a1d573 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers content-encoding br google-lineitem-id 6838526302,6842380693 x-content-type-options nosniff google-mediationtag-id -2 google-mediationgroup-id -2,-2 expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Thu, 28 Nov 2024 06:07:51 GMT content-type text/plain; charset=UTF-8 google-creative-id 138497265290,138497761602 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://shbndn.guvenliodemepay.com content-length 27057 x-xss-protection 0 server cafe
GET H2	200	container.html bd8294eee03921879ba3238ad357280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EBAD	0 0	171ms 55ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bd8294eee03921879ba3238ad357280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 28 Nov 2024 06:07:51 GMT expires Thu, 28 Nov 2024 06:07:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response ep1.adtrafficquality.google/getconfig/	17 KB 13 KB	72ms 40ms	XHR application/json	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 9511ee77ac7c2f7419ded5345752231d2e8ccedc6861869b522ede916446ff62 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 13339 date Thu, 28 Nov 2024 06:07:51 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	favicon.ico www.sahibinden.com/	15 KB 3 KB	145ms 87ms	Other image/x-icon	172.64.154.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.sahibinden.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.154.73 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62e10d5a188c6a3abe53cf5596a1d2e3b0ff95b32967920f6623f2de1c81e8c6 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers ntcoent-length 15086 access-control-expose-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-encoding gzip cf-cache-status DYNAMIC etag "5f15a928-3aee" age 245841 x-secure-option secure access-control-allow-methods GET, OPTIONS x-content-type-options nosniff date Thu, 28 Nov 2024 06:07:51 GMT content-type image/x-icon last-modified Mon, 20 Jul 2020 14:24:40 GMT vary Accept-Encoding x-frame-options SAMEORIGIN access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range strict-transport-security max-age=15552000 cache-control max-age=31536000,public via www.sahibinden.com(c) cf-ray 8e982e1a8c390b5a-AMS accept-ranges bytes access-control-allow-origin * content-length 2648 x-proxy tzla-204 6,8080, tzla-41 141,20200 server cloudflare
GET H2	200	container.html bd8294eee03921879ba3238ad357280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 517E	0 0	0ms 0ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bd8294eee03921879ba3238ad357280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 28 Nov 2024 06:07:51 GMT expires Thu, 28 Nov 2024 06:07:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	css fonts.googleapis.com/ Frame B1B6	9 KB 1 KB	173ms 63ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash afca11db454eedaada10325ffbae12d670cfa00926f3cf91388da29a39dc031d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers content-encoding gzip x-content-type-options nosniff expires Thu, 28 Nov 2024 06:07:51 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 28 Nov 2024 06:07:51 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Thu, 28 Nov 2024 05:33:41 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	outstream.min.css imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20241111_RC00/ Frame B1B6	15 KB 3 KB	85ms 24ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20241111_RC00/outstream.min.css Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers content-encoding gzip age 198479 report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} x-content-type-options nosniff expires Tue, 25 Nov 2025 22:59:52 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 25 Nov 2024 22:59:52 GMT last-modified Mon, 11 Nov 2024 11:39:27 GMT content-type text/css vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin accept-ranges bytes content-length 2920 x-xss-protection 0 server sffe
GET H2	200	outstream.min.js Show response imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20241111_RC00/ Frame B1B6	372 KB 129 KB	84ms 23ms	Script text/javascript	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20241111_RC00/outstream.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 23366b5bd8a3e430f0cf0e9b96abf47c96196d2c11a4b8947edeae4c7c3ee061 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers content-encoding gzip age 116000 report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} x-content-type-options nosniff expires Wed, 26 Nov 2025 21:54:31 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 26 Nov 2024 21:54:31 GMT last-modified Mon, 11 Nov 2024 11:39:27 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin accept-ranges bytes content-length 132044 x-xss-protection 0 server sffe
GET H3	200	qs_click_protection_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame B1B6	21 KB 9 KB	30ms 29ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/client/qs_click_protection_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 9cc8b7f6676cb620c2d7f443d753f0072165fb1c7624025ca580b71f2c011cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers content-encoding br etag 8061345223812981937 age 4015 x-content-type-options nosniff expires Thu, 12 Dec 2024 05:00:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Thu, 28 Nov 2024 05:00:56 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=1209600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 8884 x-xss-protection 0 server cafe
GET H2	200	sodar2.js Show response ep2.adtrafficquality.google/sodar/	18 KB 7 KB	105ms 30ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers content-encoding gzip etag "1727224258380615" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} x-content-type-options nosniff expires Thu, 28 Nov 2024 06:07:51 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 28 Nov 2024 06:07:51 GMT content-type text/javascript vary Accept-Encoding cache-control private, max-age=3000 cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin accept-ranges bytes content-length 6445 x-xss-protection 0 server sffe
POST H2	204	csi csi.gstatic.com/ Frame B1B6	0 57 B	1270ms 440ms	Ping image/gif	2404:6800:4009:81a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~m40wxyjh&c=5852074549466&slotId=2926037274733&qqid=CJbL8beu_okDFTvkEQgd644FTQ&fb=outstream-lima&sei=44752538%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C75259414%2C95329494%2C318491509%2C447279544&bi=outstream Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20241111_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4009:81a::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0 expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 28 Nov 2024 06:07:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT content-type image/gif server Golfe2
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v32/ Frame B1B6	18 KB 18 KB	56ms 24ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f3.1e100.net Software sffe / Resource Hash d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://shbndn.guvenliodemepay.com Referer https://fonts.googleapis.com/ Response headers age 71805 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 27 Nov 2025 10:11:06 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 27 Nov 2024 10:11:06 GMT last-modified Thu, 01 Aug 2024 20:41:21 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18596 x-xss-protection 0 server sffe
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v32/ Frame B1B6	18 KB 18 KB	54ms 22ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f3.1e100.net Software sffe / Resource Hash 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://shbndn.guvenliodemepay.com Referer https://fonts.googleapis.com/ Response headers age 53268 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 27 Nov 2025 15:20:03 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 27 Nov 2024 15:20:03 GMT last-modified Thu, 01 Aug 2024 20:41:24 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18536 x-xss-protection 0 server sffe
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B1B6	0 20 B	56ms 54ms	Image image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=BAjp_twhIZ9aTCLvIx_AP652W6AS_1OX8RgAAABABIMD5zB44AVjCwvD4gwRgkYSghYwYsgEac2hibmRuLmd1dmVubGlvZGVtZXBheS5jb226AQlnZnBfaW1hZ2XIAQXaAXhodHRwczovL3NoYm5kbi5ndXZlbmxpb2RlbWVwYXkuY29tL2lsYW4_aWQ9MTE2Ny1Hb25kZXJpbS11Y3JldGltLWlsYW4_aWQ9MTE2N20taWxhbj9pZD0xMTY3bS1pbGFuP2lkPTExNjcvbS1pbGFuP2lkPTExNjeYAtZ7qQKGyMK1W_5ePsACAuACAOoCGi8zMjYwNzUzNi9hZGRldGFpbF85NzB4MjUw-ALw0R6QA4wGmAOEB6gDAeAEAdIFBhCV49m-GaAGJKgHuL6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7ECqAf4wrECqAf7wrEC2AcA4AcB0ggsCJHhgHAQARgdMgfri4Dgv4ABOgoAgICAgICUruADSL39wTpYy5nxt67-iQPYCAKACgWYCwGADAGqDQJOTNoNEwjPkvO3rv6JAxU75BEIHeuOBU3qDRMIt__xt67-iQMVO-QRCB3rjgVN0BUB-BYBgBcB&eventType=clickstring&clientTime=1732774071586&ai=BAjp_twhIZ9aTCLvIx_AP652W6AS_1OX8RgAAABABIMD5zB44AVjCwvD4gwRgkYSghYwYsgEac2hibmRuLmd1dmVubGlvZGVtZXBheS5jb226AQlnZnBfaW1hZ2XIAQXaAXhodHRwczovL3NoYm5kbi5ndXZlbmxpb2RlbWVwYXkuY29tL2lsYW4_aWQ9MTE2Ny1Hb25kZXJpbS11Y3JldGltLWlsYW4_aWQ9MTE2N20taWxhbj9pZD0xMTY3bS1pbGFuP2lkPTExNjcvbS1pbGFuP2lkPTExNjeYAtZ7qQKGyMK1W_5ePsACAuACAOoCGi8zMjYwNzUzNi9hZGRldGFpbF85NzB4MjUw-ALw0R6QA4wGmAOEB6gDAeAEAdIFBhCV49m-GaAGJKgHuL6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7ECqAf4wrECqAf7wrEC2AcA4AcB0ggsCJHhgHAQARgdMgfri4Dgv4ABOgoAgICAgICUruADSL39wTpYy5nxt67-iQPYCAKACgWYCwGADAGqDQJOTNoNEwjPkvO3rv6JAxU75BEIHeuOBU3qDRMIt__xt67-iQMVO-QRCB3rjgVN0BUB-BYBgBcB Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Thu, 28 Nov 2024 06:07:51 GMT x-xss-protection 0 content-type image/gif server cafe
POST H2	204	csi csi.gstatic.com/ Frame B1B6	0 57 B	1250ms 435ms	Ping image/gif	2404:6800:4009:81a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~m40wxyjn&c=5852074549466&slotId=2926037274733&qqid=CJbL8beu_okDFTvkEQgd644FTQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.f5&vast_v=4.0&lima_p_ich=0&lima_p_icu=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20241111_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4009:81a::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0 expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 28 Nov 2024 06:07:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT content-type image/gif server Golfe2
GET H3	200	B32913873.409184478;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text%2Fxml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGD... Show response ad.doubleclick.net/ddm/pfadx/N4786.161236SAHIBINDEN/ Frame B1B6	30 KB 15 KB	82ms 50ms	XHR text/xml	142.250.185.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/pfadx/N4786.161236SAHIBINDEN/B32913873.409184478;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text%2Fxml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;dc_mpos=[BREAKPOSITION];ltd=;category_1=7;category_2=4;category_3=839;category_4=17082;category_5=242416;category_id=242416;city=38;classified_id=1098735995;country=1;cr_exchange=yes;dahili_hafiza=128_gb;district=2462;fraction=0;garanti=distrib%C3%BCt%C3%B6r_garantili;haseurotax=false;i%CC%87sletim_sistemi=ios;kamera=12_mp;kimden=sahibinden;language=tr;on_kamera=12_mp;parent_id=17082;price=15000-20000;quarter=26433;ram_bellek=4_gb;renk=beyaz;town=513;dc_vast=3;dc_pubid=1;dc_xfpwebprop=ca-pub-4813540941954460;dc_osd=2;dc_frm=0;vis=1;dc_sdr=1;dc_sdkv=h.0.0.0;dc_sdki=445;dc_eid=420706098%2C44752538;nel=1;ord=4287462590 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20241111_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f6.1e100.net Software cafe / Resource Hash 85ad902cae5a3ff49c888edd899009f7fb5aea948056953935325f010be7325f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers content-encoding br x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 28 Nov 2024 06:07:51 GMT content-type text/xml; charset=UTF-8 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://shbndn.guvenliodemepay.com content-length 15626 x-xss-protection 0 server cafe
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame B1B6	0 0	33ms 32ms	Fetch image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss3TGjSH9ObyPnp_H_mgtLwPTJtMJ7xcHaVmcO4uIzCTGfvLvcwRZmGviI9unEIl8WJaR3eEWkvk75REGBvs2G5bTHsoUnkh2T8mSpUf2GrimBPebrRpAUI1iZkgGg89fCekqhjjAHjb1VXi1-DGG-FxxyVHrvHFkIZRVRbbQuj5S1T3kyla6vsTmrhMXMkW7UkKXaBbuUNgo2J3zK7o-6wb2zg8Yzjwn5Fq579mDTrhD1HjCSPHWLR5doajeB14GtNHr3H0Tq-pj_RN2_Qb02QNO52K85VoPa6deMI6iQ7wXB4pagyvvrXYl0OGAucIt0ltkDUrgdX8LRA-hEfyUamvyZTLBxjRdtjyIp6PD33wxlm-UaISHBXBGoW68ajGnwteKiTBfzO3D577zvwIuG1YU-tkKyilw5yr1C7IlO2VuvetgfjFAHr8h2JcS28Ti6173izc70&sig=Cg0ArKJSzK6SN1FXYv6zEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: shbndn.guvenliodemepay.com URL: https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers cache-control private timing-allow-origin * accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 cross-origin-resource-policy cross-origin x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Thu, 28 Nov 2024 06:07:51 GMT x-xss-protection 0 content-type image/gif server cafe
GET DATA	200 OK	truncated / Frame B1B6	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6e4c9f9fbb51baba00560b08649f518d4e19a6f49dc89a8f9aa8a7c61f79039c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	runner.html ep2.adtrafficquality.google/sodar/sodar2/232/ Frame D173	0 0	73ms 22ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 2740 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000 content-encoding gzip content-length 5005 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 28 Nov 2024 05:22:11 GMT expires Thu, 28 Nov 2024 06:12:11 GMT last-modified Mon, 23 Sep 2024 18:12:21 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	csi csi.gstatic.com/ Frame B1B6	0 532 B	1160ms 434ms	Ping image/gif	2404:6800:4009:81a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~m40wxyk2&c=5852074549466&slotId=2926037274733&qqid=CJbL8beu_okDFTvkEQgd644FTQ&fb=outstream-lima&vast_v=3.0&vmfc=12&vhc=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20241111_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4009:81a::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0 expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 28 Nov 2024 06:07:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT content-type image/gif server Golfe2
GET H2	200	HdsydzJK.js Show response tpc.googlesyndication.com/sodar/ Frame B1B6	41 KB 16 KB	70ms 21ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/HdsydzJK.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20241111_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers content-encoding gzip age 1521 report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} x-content-type-options nosniff expires Thu, 28 Nov 2024 06:32:30 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 28 Nov 2024 05:42:30 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=3000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin accept-ranges bytes content-length 15407 x-xss-protection 0 server sffe
HEAD H3	200	1 r1---sn-5hne6nzd.c.2mdn.net/videoplayback/id/1006460be4885d85/itag/342/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3876376763/sparams/acao,ctier,expire,id,... Frame B1B6 Redirect Chain https://gcdn.2mdn.net/videoplayback/id/1006460be4885d85/itag/342/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3876376763/sparams/id,itag,source,xpc,ctier,ac... https://r4---sn-4g5lznl7.c.2mdn.net/videoplayback/id/1006460be4885d85/itag/342/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3876376763/sparams/acao,ctier,ex... https://r1---sn-5hne6nzd.c.2mdn.net/videoplayback/id/1006460be4885d85/itag/342/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3876376763/sparams/acao,ctier,ex...	0 0	189ms 131ms	Fetch video/mp4	74.125.100.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r1---sn-5hne6nzd.c.2mdn.net/videoplayback/id/1006460be4885d85/itag/342/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3876376763/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/59216691F7441201CB61396F54189FE93B7D3FDC.420C82A829B19F7755216F732CE7436B511C1F1B/key/cms1/met/1732774071,/mh/df/pl/22/rms/onc,onc/redirect_counter/1/rm/sn-4g5er77z/rrc/104/fexp/24350590,24350675,24350705,24350737/req_id/53459fc87e60a3ee/cms_redirect/yes/ipbypass/yes/mip/31.204.152.149/mm/42/mn/sn-5hne6nzd/ms/onc/mt/1732773620/mv/u/mvi/1?file=file.mp4 Protocol H3 Server 74.125.100.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s46-in-f6.1e100.net Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms x-content-type-options nosniff expires Thu, 28 Nov 2024 06:07:52 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" date Thu, 28 Nov 2024 06:07:52 GMT last-modified Mon, 18 Nov 2024 11:18:13 GMT content-type video/mp4 vary Origin cache-control private, max-age=86400 timing-allow-origin null client-protocol quic access-control-allow-credentials true accept-ranges bytes access-control-allow-origin null content-length 970513 server gvs 1.0 Redirect headers cache-control private, max-age=900 location https://r1---sn-5hne6nzd.c.2mdn.net/videoplayback/id/1006460be4885d85/itag/342/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3876376763/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/59216691F7441201CB61396F54189FE93B7D3FDC.420C82A829B19F7755216F732CE7436B511C1F1B/key/cms1/met/1732774071,/mh/df/pl/22/rms/onc,onc/redirect_counter/1/rm/sn-4g5er77z/rrc/104/fexp/24350590,24350675,24350705,24350737/req_id/53459fc87e60a3ee/cms_redirect/yes/ipbypass/yes/mip/31.204.152.149/mm/42/mn/sn-5hne6nzd/ms/onc/mt/1732773620/mv/u/mvi/1?file=file.mp4 timing-allow-origin null access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms access-control-allow-credentials true x-content-type-options nosniff expires Thu, 28 Nov 2024 06:07:51 GMT access-control-allow-origin null content-length 0 date Thu, 28 Nov 2024 06:07:51 GMT last-modified Wed, 02 May 2007 10:26:10 GMT vary Origin server gvs 1.0 content-type text/html
GET H2	200	H0ZEmIz7.html tpc.googlesyndication.com/sodar/ Frame DEE3	0 0	53ms 52ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 1476 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000 content-encoding br content-length 7799 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 28 Nov 2024 05:43:15 GMT expires Thu, 28 Nov 2024 06:33:15 GMT last-modified Sun, 25 Jun 2023 02:58:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	54ms 54ms	Image image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=1592151606082544&vrg=202411180101&nw_id=32607536&nslots=2&eid=676982961&pub_url=https%3A%2F%2Fshbndn.guvenliodemepay.com%2Filan%3Fid%3D1167-Gonderim-ucretim-ilan%3Fid%3D1167m-ilan%3Fid%3D1167m-ilan%3Fid%3D1167%2Fm-ilan%3Fid%3D1167&qid=CJXL8beu_okDFTvkEQgd644FTQ&iu=%2F32607536%2Faddetail_300x250&e=512&ret=300x250&req=300x250&bm=0&efh=0&stk=0&ifi=2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Thu, 28 Nov 2024 06:07:51 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	206	1 r1---sn-5hne6nzd.c.2mdn.net/videoplayback/id/1006460be4885d85/itag/342/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3876376763/sparams/acao,ctier,expire,id,... Frame B1B6	948 KB 948 KB	18ms 18ms	Media video/mp4	74.125.100.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r1---sn-5hne6nzd.c.2mdn.net/videoplayback/id/1006460be4885d85/itag/342/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3876376763/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/59216691F7441201CB61396F54189FE93B7D3FDC.420C82A829B19F7755216F732CE7436B511C1F1B/key/cms1/met/1732774071,/mh/df/pl/22/rms/onc,onc/redirect_counter/1/rm/sn-4g5er77z/rrc/104/fexp/24350590,24350675,24350705,24350737/req_id/53459fc87e60a3ee/cms_redirect/yes/ipbypass/yes/mip/31.204.152.149/mm/42/mn/sn-5hne6nzd/ms/onc/mt/1732773620/mv/u/mvi/1?file=file.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.100.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s46-in-f6.1e100.net Software gvs 1.0 / Resource Hash f6c62cef161a75f584cc0fbec90652d021a522a85bc58bcc902fc273e44aa21e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Range bytes=0- Response headers access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms x-content-type-options nosniff expires Thu, 28 Nov 2024 06:07:52 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" date Thu, 28 Nov 2024 06:07:52 GMT last-modified Mon, 18 Nov 2024 11:18:13 GMT content-type video/mp4 vary Origin cache-control private, max-age=86400 timing-allow-origin https://shbndn.guvenliodemepay.com client-protocol quic access-control-allow-credentials true Content-Range bytes 0-970512/970513 accept-ranges bytes access-control-allow-origin https://shbndn.guvenliodemepay.com Content-Length 970513 server gvs 1.0
GET		sodar ep1.adtrafficquality.google/pagead/	0 0
POST H2	204	csi csi.gstatic.com/ Frame B1B6	0 57 B	434ms 434ms	Ping image/gif	2404:6800:4009:81a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~m40wxymj&c=5852074549466&slotId=2926037274733&qqid=CJbL8beu_okDFTvkEQgd644FTQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&br=395&mt=video%2Fmp4&vs=480x270&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=342&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.hr~vil.xa~vfl.10n&ua_e=1&ape=1&ple=1&umsem=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20241111_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4009:81a::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0 expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 28 Nov 2024 06:07:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT content-type image/gif server Golfe2
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/	93 KB 30 KB	59ms 22ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE...
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/prebid:35802e87d11a2ce2ec228c6e38acf487.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR), Reverse DNS Software nginx / Resource Hash 560a389565d68e5a251b7cd0be0d46c37a4de810690330f2cd125bd6332d16c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers strict-transport-security max-age=31536000; preload; cache-control max-age=86400, public timing-allow-origin * content-encoding gzip etag W/"670e3454-174c2" cross-origin-resource-policy cross-origin expires Fri, 29 Nov 2024 06:07:52 GMT access-control-allow-origin * date Thu, 28 Nov 2024 06:07:52 GMT content-type text/javascript last-modified Tue, 15 Oct 2024 09:22:28 GMT server nginx
GET H2	200	syncframe gum.criteo.com/ Frame 675F	0 0	54ms 19ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE...
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shbndn.guvenliodemepay.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 28 Nov 2024 06:07:52 GMT server Kestrel server-processing-duration-in-ticks 278223 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-robots-tag noindex
GET H2	200	publishertag.prebid.159.js Show response static.criteo.net/js/ld/	93 KB 30 KB	63ms 31ms	XHR text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE...
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.159.js Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR), Reverse DNS Software nginx / Resource Hash 560a389565d68e5a251b7cd0be0d46c37a4de810690330f2cd125bd6332d16c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 Response headers strict-transport-security max-age=31536000; preload; cache-control max-age=86400, public timing-allow-origin * content-encoding gzip etag W/"670e3454-174c2" cross-origin-resource-policy cross-origin expires Fri, 29 Nov 2024 06:07:53 GMT access-control-allow-origin * date Thu, 28 Nov 2024 06:07:53 GMT content-type text/javascript last-modified Tue, 15 Oct 2024 09:22:28 GMT server nginx
POST H3	200	girislog.php Show response shbndn.guvenliodemepay.com/	3 B 687 B	131ms 129ms	XHR text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shbndn.guvenliodemepay.com/girislog.php Requested by Host: s0.shbdn.com URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.14, PleskLin Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://shbndn.guvenliodemepay.com/ilan?id=1167-Gonderim-ucretim-ilan?id=1167m-ilan?id=1167m-ilan?id=1167/m-ilan?id=1167 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PEpGeJcLH8QB15%2B%2BgLqhD70SvOduvvrwNbNI87JjP0oq2TlTOvP50GlCdhDv%2ByW7J6fnicWOr%2BFLz8OgCw2JXdFIG1FlrAlFe8S%2Ff7J0RWG9sxHBlzcsGkgyghSIZVXicwm%2FQl4k9MzsbRJkRA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e982e29c98d66a5-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16239&min_rtt=14560&rtt_var=4269&sent=19&recv=14&lost=0&retrans=0&sent_bytes=6298&recv_bytes=6229&delivery_rate=66000&cwnd=12000&unsent_bytes=0&cid=b9755c020f129675&ts=3172&x=1", cfHdrFlush;dur=0 date Thu, 28 Nov 2024 06:07:53 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/8.3.14, PleskLin server cloudflare vary Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

banaozel.sahibinden.com

URL

https://banaozel.sahibinden.com/ajax/login/info

Domain

banaozel.sahibinden.com

URL

https://banaozel.sahibinden.com/ajax/login/info

Domain

ep1.adtrafficquality.google

URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202411180101&jk=1592151606082544&bg=!c3ClcD_NAAaIaF9IqGg7ADQBe5WfOFlYgYH2-rbGYvbsfX5-RFQtAArLS1MAOxaHlouMxfczHvR6JqvcpYt8jR6sr8cpAgAAADZSAAAAAWgBB34ANjs7INM8tphfujCVktzRASoaZ2wBkxaRvLSskxbTbMpdP56XVbYW1eKqrdV6njdf7zmGvFhXQpkCo-8bWRyEImDJgwyWCluokREozHGg53_isMO0-47ClYB1W9_B8CNFGb46eaH5CcqVzmrA5MeGFLlQaJ1Z15o-5fxd5cIZuyIVuUiUYhNh_-k9ZSW4hyJWo6hsvSrFMGTZL1FPFhQHE4mUaJOYR7K4GtIhJ58CatML6UKl-Ssgcn7kPUeC33qswgT3mUSRAY_1UvJcGaRCUbgoPIrBOVEb_Caf46tlEh3LrAQm7LOrjlrulpkL6YMjOuTwNgIpHLdQgmVPLaESgk_Bm9BEAPozuILcJ3vCsBGtSuVnT888RQOsSflBjiBq7PAWACmRXEzUKe44r3SDsa4Nbl3n17spnaadLCflwZ8d04qf-ETlcu7SpjkJGroGujrGBNZALOrGA4I9uGmaW6Qpa9VSIhMHlukIxeAZ-5qO7YSCSFidlUwxc9OPl9aF79QJ5lw2nmdsOsONXSOFmv1JkxSBqGijSQHpTGxqkv-zYjYCAxJwZUuPhCtM3_A-MtfIJwyeD5KrtxWJ9DdBZeWAtuHYTEGqpPd0bvjuQqJy8zbiEnQOp1IXdF3mBYqsIgbD4gAuJVGbviCsTye6Ln9CwuPyAJgzROmDNddbY5pQyG_TrAALNsYpIe1hSyH8FTjkqo_kgJBP_KuBJCKpR0F4VX4Aoq2z3Zz1vf930dtEsivJuPn-TXEVGNPosEdfPp7kaJXagpbfXqg_8q84F9J1yhaJfMjpRu7aopTnut-nCrJfoc0h1YYlhB3sBNk5546d7LlY8HR8aQ6deMVPI4QwV5DEwaWJ5F0S_gBrZoVr75tHbfzAT0FPZTEMthKYnLrjQxdqLQOGH0dPsVNqJpO_yBBOfc4THdfCRWdhGEcdeRn6ggcQFxJND03v1jOOIc3hLkJr_TOWrBUdeA