Submitted URL: http://kirtasiyemiray.blogspot.com/
Effective URL: https://101a0a1s0da1d0g.net/basvuru
Submission: On December 03 via manual from TR — Scanned from US

Summary

This website contacted 10 IPs in 1 countries across 9 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3037::6815:1f8, located in United States and belongs to CLOUDFLARENET, US. The main domain is 101a0a1s0da1d0g.net.
TLS certificate: Issued by WE1 on November 20th 2024. Valid for: 3 months.
This is the only time 101a0a1s0da1d0g.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
5 101a0a1s0da1d0g.net
101a0a1s0da1d0g.net
14 KB
3 blogspot.com
kirtasiyemiray.blogspot.com
25 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
td.doubleclick.net — Cisco Umbrella Rank: 182
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
64 B
2 getyouranalytics.net
getyouranalytics.net
844 B
2 blogger.com
www.blogger.com — Cisco Umbrella Rank: 12722
54 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
100 KB
1 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 25053
47 KB
1 gstatic.com
www.gstatic.com
3 KB
20 9
Domain Requested by
5 101a0a1s0da1d0g.net kirtasiyemiray.blogspot.com
101a0a1s0da1d0g.net
3 kirtasiyemiray.blogspot.com kirtasiyemiray.blogspot.com
2 www.google.com www.googletagmanager.com
kirtasiyemiray.blogspot.com
2 getyouranalytics.net kirtasiyemiray.blogspot.com
2 www.blogger.com kirtasiyemiray.blogspot.com
2 www.googletagmanager.com kirtasiyemiray.blogspot.com
www.googletagmanager.com
1 td.doubleclick.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 resources.blogblog.com kirtasiyemiray.blogspot.com
1 www.gstatic.com kirtasiyemiray.blogspot.com
20 10

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
misc-sni.blogspot.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.blogger.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
getyouranalytics.net
WE1
2024-11-14 -
2025-02-12
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
101a0a1s0da1d0g.net
WE1
2024-11-20 -
2025-02-18
3 months crt.sh

This page contains 3 frames:

Primary Page: https://101a0a1s0da1d0g.net/basvuru
Frame ID: FFC00F86F1518D5F34FFDF083B148D5C
Requests: 17 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16785996145?random=1733211169873&cv=11&fst=1733211169873&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9200783121za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fkirtasiyemiray.blogspot.com%2F&hn=www.googleadservices.com&frm=0&tiba=Miray%20K%C4%B1rtasiye&npa=0&pscdl=noapi&auid=1520926246.1733211170&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: D45F371E3BEAD8E8A6792B8DD42A00D5
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fkirtasiyemiray.blogspot.com
Frame ID: C3B58135A4FABC44759656AEEFBC08BA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Attention Required! | Cloudflare

Page URL History Show full URLs

  1. http://kirtasiyemiray.blogspot.com/ HTTP 307
    https://kirtasiyemiray.blogspot.com/ Page URL
  2. https://101a0a1s0da1d0g.net/basvuru Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

100 %
HTTPS

100 %
IPv6

9
Domains

10
Subdomains

10
IPs

1
Countries

246 kB
Transfer

776 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kirtasiyemiray.blogspot.com/ HTTP 307
    https://kirtasiyemiray.blogspot.com/ Page URL
  2. https://101a0a1s0da1d0g.net/basvuru Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://kirtasiyemiray.blogspot.com/ HTTP 307
  • https://kirtasiyemiray.blogspot.com/

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
kirtasiyemiray.blogspot.com/
Redirect Chain
  • http://kirtasiyemiray.blogspot.com/
  • https://kirtasiyemiray.blogspot.com/
139 KB
23 KB
Document
General
Full URL
https://kirtasiyemiray.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bbf99c754ca337d7dbbacc5df8565ca3cf06766a1531620e5df49f64e99b3897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
22726
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 07:32:49 GMT
etag
W/"ab0985641d84efc7fa199f2a22866a1122d65524f2228cb2fea2ec863f5b0c7b"
expires
Tue, 03 Dec 2024 07:32:49 GMT
last-modified
Sat, 30 Nov 2024 05:35:46 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Location
https://kirtasiyemiray.blogspot.com/
Non-Authoritative-Reason
HttpsUpgrades
js
www.googletagmanager.com/gtag/
290 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16785996145
Requested by
Host: kirtasiyemiray.blogspot.com
URL: https://kirtasiyemiray.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa1d6e9b443fba1afc112d97a5998bb52b1dbcceb6ea56cec0fd232f877dece6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kirtasiyemiray.blogspot.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 07:32:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 07:32:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101313
x-xss-protection
0
server
Google Tag Manager
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/
12 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: kirtasiyemiray.blogspot.com
URL: https://kirtasiyemiray.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kirtasiyemiray.blogspot.com/

Response headers

content-encoding
br
age
0
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 07:32:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 07:32:49 GMT
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
3475
x-xss-protection
0
server
sffe
1977859998-rockpool_compiled.js
resources.blogblog.com/blogblog/data/res/
136 KB
47 KB
Script
General
Full URL
https://resources.blogblog.com/blogblog/data/res/1977859998-rockpool_compiled.js
Requested by
Host: kirtasiyemiray.blogspot.com
URL: https://kirtasiyemiray.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::bf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdf033bf37df79442935c56759b3496f6a162110cd798b8ccde3f4bf7ea7b5d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kirtasiyemiray.blogspot.com/

Response headers

content-encoding
gzip
age
209231
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 21:25:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 21:25:38 GMT
last-modified
Sat, 30 Nov 2024 20:51:41 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
47825
x-xss-protection
0
server
sffe
2263754362-widgets.js
www.blogger.com/static/v1/widgets/
145 KB
51 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/2263754362-widgets.js
Requested by
Host: kirtasiyemiray.blogspot.com
URL: https://kirtasiyemiray.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::bf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a20fb5dab9ec5f2ac4efd96922ce04abf595b243d9cbb43ff5610f763e6b0814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kirtasiyemiray.blogspot.com/

Response headers

content-encoding
gzip
age
450497
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 02:24:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 02:24:32 GMT
last-modified
Thu, 28 Nov 2024 01:53:12 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
51917
x-xss-protection
0
server
sffe
user_analysis.php
getyouranalytics.net/ Frame
0
0
Preflight
General
Full URL
https://getyouranalytics.net/user_analysis.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4fa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.3.14 PleskLin
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://kirtasiyemiray.blogspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ec1dd735b10c359-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 07:32:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YReqn%2BzgN7Q%2FORxaXBxxtqFCtpbZrshoWWueUM99DJp%2BFtwp8rONLKYBofLuUiV%2BN4aRIyapMNFgHpmSAeYtoz9reUe5UT8FFpoN9nQjPKvvUgi41Sxf9%2BcHtG7LE%2BZWxm%2FM61Cr64f4rwRz0IF%2FqryvhA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=8957&min_rtt=8536&rtt_var=1882&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4218&recv_bytes=4437&delivery_rate=828&cwnd=12000&unsent_bytes=0&cid=d47ac16a03efe542&ts=294&x=1" cfExtPri cfHdrFlush;dur=0
x-powered-by
PHP/8.3.14 PleskLin
user_analysis.php
getyouranalytics.net/
100 B
844 B
Fetch
General
Full URL
https://getyouranalytics.net/user_analysis.php
Requested by
Host: kirtasiyemiray.blogspot.com
URL: https://kirtasiyemiray.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4fa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.3.14, PleskLin
Resource Hash
53f90e86631ff6604e4b03803321e0eff5b6edb44b000bb902a9938925da3323

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://kirtasiyemiray.blogspot.com/

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A1y5u5L%2Fojp%2FmOy69guw6S3QNjqKeeC%2Br9xPiRm1EPODdF93BZcuSMLeTAtZoJHVdhfnEZk1J%2FFmKWFJsl2HEUPimWgqB8wz%2Bx5b0r3fNQuMFKyB85PfCWKmQmI6KDLsCx9HmmJ%2Fu2lkc2McO1FZ1SzMxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8994&min_rtt=8536&rtt_var=1485&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5032&recv_bytes=5043&delivery_rate=85477&cwnd=12000&unsent_bytes=0&cid=d47ac16a03efe542&ts=400&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 07:32:50 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
Content-Type
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec1dd751bb7c359-EWR
access-control-allow-origin
*
x-powered-by
PHP/8.3.14, PleskLin
server
cloudflare
sprite_v1_6.css.svg
kirtasiyemiray.blogspot.com/responsive/
7 KB
3 KB
Other
General
Full URL
https://kirtasiyemiray.blogspot.com/responsive/sprite_v1_6.css.svg
Requested by
Host: kirtasiyemiray.blogspot.com
URL: https://kirtasiyemiray.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kirtasiyemiray.blogspot.com/

Response headers

content-encoding
gzip
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 07:32:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 07:32:49 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 05:56:58 GMT
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
2244
x-xss-protection
0
server
sffe
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fkirtasiyemiray.blogspot.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1978390207.1733211170&auid=1520926246.1733211170&npa=0&gtm=45be4bk0v9200783121za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733211169881&tfd=547&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16785996145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kirtasiyemiray.blogspot.com/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16785996145/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16785996145/?random=1733211169873&cv=11&fst=1733211169873&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9200783121za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fkirtasiyemiray.blogspot.com%2F&hn=www.googleadservices.com&frm=0&tiba=Miray%20K%C4%B1rtasiye&npa=0&pscdl=noapi&auid=1520926246.1733211170&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16785996145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
644afed6e822c0dc51a055177a0712d2cf3a703a8d1550858dc866ad634a318c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kirtasiyemiray.blogspot.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2315
date
Tue, 03 Dec 2024 07:32:49 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16785996145
td.doubleclick.net/td/rul/ Frame D45F
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/16785996145?random=1733211169873&cv=11&fst=1733211169873&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9200783121za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fkirtasiyemiray.blogspot.com%2F&hn=www.googleadservices.com&frm=0&tiba=Miray%20K%C4%B1rtasiye&npa=0&pscdl=noapi&auid=1520926246.1733211170&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16785996145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kirtasiyemiray.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 07:32:49 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame C3B5
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fkirtasiyemiray.blogspot.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16785996145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 07:32:49 GMT
expires
Wed, 03 Dec 2025 07:32:49 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
blogger_logo_round_35.png
www.blogger.com/img/
2 KB
3 KB
Image
General
Full URL
https://www.blogger.com/img/blogger_logo_round_35.png
Requested by
Host: kirtasiyemiray.blogspot.com
URL: https://kirtasiyemiray.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::bf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kirtasiyemiray.blogspot.com/

Response headers

cache-control
public, max-age=604800
age
192038
cross-origin-resource-policy
cross-origin
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 02:12:11 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
2531
x-xss-protection
0
date
Sun, 01 Dec 2024 02:12:11 GMT
last-modified
Sat, 30 Nov 2024 19:52:56 GMT
content-type
image/png
server
sffe
/
www.google.com/pagead/1p-user-list/16785996145/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/16785996145/?random=1733211169873&cv=11&fst=1733209200000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9200783121za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fkirtasiyemiray.blogspot.com%2F&hn=www.googleadservices.com&frm=0&tiba=Miray%20K%C4%B1rtasiye&npa=0&pscdl=noapi&auid=1520926246.1733211170&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dAvL6P1l_C9s0RgAxJhhFwKq57at9uA&random=993753876&rmt_tld=0&ipr=y
Requested by
Host: kirtasiyemiray.blogspot.com
URL: https://kirtasiyemiray.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kirtasiyemiray.blogspot.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 03 Dec 2024 07:32:49 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
favicon.ico
kirtasiyemiray.blogspot.com/
4 KB
432 B
Other
General
Full URL
https://kirtasiyemiray.blogspot.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kirtasiyemiray.blogspot.com/

Response headers

cache-control
private, max-age=86400
content-encoding
gzip
etag
W/"ab0985641d84efc7fa199f2a22866a1122d65524f2228cb2fea2ec863f5b0c7b"
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 07:32:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
412
date
Tue, 03 Dec 2024 07:32:50 GMT
x-xss-protection
1; mode=block
content-type
image/x-icon; charset=UTF-8
last-modified
Sat, 30 Nov 2024 05:35:46 GMT
server
GSE
Primary Request basvuru
101a0a1s0da1d0g.net/
4 KB
3 KB
Document
General
Full URL
https://101a0a1s0da1d0g.net/basvuru
Requested by
Host: kirtasiyemiray.blogspot.com
URL: https://kirtasiyemiray.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c8f8714f7e78acfd14196b50488ad570beb50dbfe64abf58c23bb270e737ffa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://kirtasiyemiray.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=15
cf-ray
8ec1dd7648840c88-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 07:32:50 GMT
expires
Tue, 03 Dec 2024 07:33:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VhZMF%2FRsIscXyajG7syCL8ITL8TrlN4PS0M9BXuhkdrrSPROLrbFgWhA6ckNc1WG%2BPIF9hVDqZHDP%2F68ecIxeoctdonKeADijjUsESxT%2B7Uus2Yn9em5%2BNuN5mWx5U2IplyjK5J6NWk0qvw2wbAQz3jw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=8524&min_rtt=8514&rtt_var=3213&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4142&recv_bytes=4318&delivery_rate=286364&cwnd=12000&unsent_bytes=0&cid=4a3e0296df8b56fe&ts=22&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
101a0a1s0da1d0g.net/cdn-cgi/styles/
23 KB
5 KB
Stylesheet
General
Full URL
https://101a0a1s0da1d0g.net/cdn-cgi/styles/cf.errors.css
Requested by
Host: 101a0a1s0da1d0g.net
URL: https://101a0a1s0da1d0g.net/basvuru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://101a0a1s0da1d0g.net/basvuru

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"6740aa36-5df3"
x-content-type-options
nosniff
cf-ray
8ec1dd7678990c88-EWR
expires
Tue, 03 Dec 2024 09:32:50 GMT
date
Tue, 03 Dec 2024 07:32:50 GMT
content-type
text/css
last-modified
Fri, 22 Nov 2024 15:58:46 GMT
server
cloudflare
x-frame-options
DENY
browser-bar.png
101a0a1s0da1d0g.net/cdn-cgi/images/
715 B
897 B
Image
General
Full URL
https://101a0a1s0da1d0g.net/cdn-cgi/images/browser-bar.png?1376755637
Requested by
Host: 101a0a1s0da1d0g.net
URL: https://101a0a1s0da1d0g.net/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://101a0a1s0da1d0g.net/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"6740aa36-2cb"
x-content-type-options
nosniff
cf-ray
8ec1dd76b8ac0c88-EWR
expires
Tue, 03 Dec 2024 09:32:50 GMT
accept-ranges
bytes
content-length
715
date
Tue, 03 Dec 2024 07:32:50 GMT
content-type
image/png
last-modified
Fri, 22 Nov 2024 15:58:46 GMT
server
cloudflare
x-frame-options
DENY
cf-no-screenshot-error.png
101a0a1s0da1d0g.net/cdn-cgi/images/
3 KB
3 KB
Image
General
Full URL
https://101a0a1s0da1d0g.net/cdn-cgi/images/cf-no-screenshot-error.png
Requested by
Host: 101a0a1s0da1d0g.net
URL: https://101a0a1s0da1d0g.net/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://101a0a1s0da1d0g.net/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"6740aa36-c8d"
x-content-type-options
nosniff
cf-ray
8ec1dd76b8ae0c88-EWR
expires
Tue, 03 Dec 2024 09:32:50 GMT
accept-ranges
bytes
content-length
3213
date
Tue, 03 Dec 2024 07:32:50 GMT
content-type
image/png
last-modified
Fri, 22 Nov 2024 15:58:46 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
101a0a1s0da1d0g.net/
4 KB
3 KB
Other
General
Full URL
https://101a0a1s0da1d0g.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc9c5d83e3210a32644bad3078feb6516924618e35318a1a5eb3b4ffb310737
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://101a0a1s0da1d0g.net/basvuru

Response headers

cache-control
max-age=15
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9y3YEoBYCSgrqQSJKOMDKhgtbB10NsOqHZuKN4NijPL3yLjAmrGmRKGtm%2BWl5v7HNiKvMV50m9TWRubPwqk5KNnPTG4qlvCDmNqkq4rSDlY%2BYaIZQ8hM2Eof5pm9M7KeW%2B2MkCUqyGMugIoG6ZUCMRRj"}],"group":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8ec1dd76c8b90c88-EWR
expires
Tue, 03 Dec 2024 07:33:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9064&min_rtt=8275&rtt_var=987&sent=27&recv=19&lost=0&retrans=0&sent_bytes=16097&recv_bytes=6106&delivery_rate=464559&cwnd=12000&unsent_bytes=0&cid=4a3e0296df8b56fe&ts=108&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 07:32:50 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_translation

2 Cookies

Domain/Path Name / Value
.kirtasiyemiray.blogspot.com/ Name: _gcl_au
Value: 1.1.1520926246.1733211170
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
network error URL: https://101a0a1s0da1d0g.net/basvuru
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://101a0a1s0da1d0g.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

101a0a1s0da1d0g.net
getyouranalytics.net
googleads.g.doubleclick.net
kirtasiyemiray.blogspot.com
resources.blogblog.com
td.doubleclick.net
www.blogger.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2606:4700:3035::6815:4fa0
2606:4700:3037::6815:1f8
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c08::bf
2607:f8b0:4004:c09::bf
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1d::61
2607:f8b0:4004:c1d::68
2607:f8b0:4004:c1f::9d
2607:f8b0:4004:c21::84
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
4c8f8714f7e78acfd14196b50488ad570beb50dbfe64abf58c23bb270e737ffa
53f90e86631ff6604e4b03803321e0eff5b6edb44b000bb902a9938925da3323
644afed6e822c0dc51a055177a0712d2cf3a703a8d1550858dc866ad634a318c
6cc9c5d83e3210a32644bad3078feb6516924618e35318a1a5eb3b4ffb310737
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
a20fb5dab9ec5f2ac4efd96922ce04abf595b243d9cbb43ff5610f763e6b0814
bbf99c754ca337d7dbbacc5df8565ca3cf06766a1531620e5df49f64e99b3897
cdf033bf37df79442935c56759b3496f6a162110cd798b8ccde3f4bf7ea7b5d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa1d6e9b443fba1afc112d97a5998bb52b1dbcceb6ea56cec0fd232f877dece6