one.neotvprime.cf Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://one.neotvprime.cf:8080/
Submission: On February 25 via manual (February 25th 2023, 12:05:19 pm UTC) from TR — Scanned from NL

Summary HTTP 44 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 15 domains to perform 44 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is one.neotvprime.cf.

This is the only time one.neotvprime.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a01:4f8:151:... 2a01:4f8:151:6117::2	24940 (HETZNER-AS) (HETZNER-AS)
2	173.233.137.52 173.233.137.52	7979 (SERVERS-COM) (SERVERS-COM)
3 9	104.20.218.77 104.20.218.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	195.142.106.235 195.142.106.235	199484 (SAGLAYICI) (SAGLAYICI)
1	185.102.219.173 185.102.219.173	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3037::ac43:c99f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	195.142.105.24 195.142.105.24	199484 (SAGLAYICI) (SAGLAYICI)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::6815:2d44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	195.142.109.125 195.142.109.125	199484 (SAGLAYICI) (SAGLAYICI)
44	15

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

one.neotvprime.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsby.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a01:4f8:151:6117::2 (Fürth, Germany)

ASN24940 (HETZNER-AS, DE)

ir.sitekodlari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oa.onlinekisi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ir1.sitekodlari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
in3.sitekodlari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.233.137.52 (United States)

ASN7979 (SERVERS-COM, US)

pl154258.alternativecpmgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.20.218.77 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.142.106.235 (Istanbul, Turkey) 1 redirects

ASN199484 (SAGLAYICI, TR)
PTR: 195-142-106-235.rdns.saglayici.net

sondakika.internethaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.102.219.173 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-173.datapacket.com

www.internethaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3037::ac43:c99f (United States)

ASN13335 (CLOUDFLARENET, US)

s.internethaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.internethaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.142.105.24 (Istanbul, Turkey)

ASN199484 (SAGLAYICI, TR)

ad-cdn.bilgin.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:2d44 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.bildirt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.142.109.125 (Istanbul, Turkey)

ASN199484 (SAGLAYICI, TR)
PTR: 195-142-109-125.rdns.saglayici.net

ad.bilgin.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	internethaber.com 1 redirects sondakika.internethaber.com www.internethaber.com — Cisco Umbrella Rank: 449287 s.internethaber.com — Cisco Umbrella Rank: 791127 i.internethaber.com	413 KB
9	statcounter.com 3 redirects statcounter.com — Cisco Umbrella Rank: 8520 c.statcounter.com — Cisco Umbrella Rank: 9185	45 KB
7	gstatic.com fonts.gstatic.com	188 KB
6	sitekodlari.com ir.sitekodlari.com ir1.sitekodlari.com in3.sitekodlari.com	11 KB
3	onlinekisi.com oa.onlinekisi.com	2 KB
2	bildirt.com cdn2.bildirt.com — Cisco Umbrella Rank: 90892	26 KB
2	bilgin.pro ad-cdn.bilgin.pro — Cisco Umbrella Rank: 283500 ad.bilgin.pro — Cisco Umbrella Rank: 215102	9 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184	156 KB
2	alternativecpmgate.com pl154258.alternativecpmgate.com
1	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1939	43 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	77 KB
1	adsby.io adsby.io	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
1	neotvprime.cf one.neotvprime.cf	959 B
44	15

	Domain	Requested by
7	fonts.gstatic.com	fonts.googleapis.com
6	s.internethaber.com	www.internethaber.com
6	statcounter.com	3 redirects ir1.sitekodlari.com oa.onlinekisi.com
3	c.statcounter.com	statcounter.com
3	ir1.sitekodlari.com	ir.sitekodlari.com ir1.sitekodlari.com
3	oa.onlinekisi.com	one.neotvprime.cf oa.onlinekisi.com
2	cdn2.bildirt.com	www.internethaber.com cdn2.bildirt.com
2	securepubads.g.doubleclick.net	www.internethaber.com securepubads.g.doubleclick.net
2	pl154258.alternativecpmgate.com	ir.sitekodlari.com
2	ir.sitekodlari.com	one.neotvprime.cf
1	ad.bilgin.pro	ad-cdn.bilgin.pro
1	i.internethaber.com	www.internethaber.com
1	fundingchoicesmessages.google.com	www.internethaber.com
1	www.google-analytics.com	www.internethaber.com
1	www.googletagmanager.com	www.internethaber.com
1	ad-cdn.bilgin.pro	www.internethaber.com
1	adsby.io	www.internethaber.com
1	fonts.googleapis.com	www.internethaber.com
1	www.internethaber.com	ir1.sitekodlari.com
1	sondakika.internethaber.com	1 redirects
1	in3.sitekodlari.com	ir1.sitekodlari.com
1	one.neotvprime.cf
44	22

This site contains links to these domains. Also see Links.

Domain
www.sitekodlari.com

Subject Issuer	Validity	Valid
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
*.internethaber.com AlphaSSL CA - SHA256 - G2	`2022-04-27` - `2023-05-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-10` - `2023-06-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.adsby.io GTS CA 1P5	`2023-02-04` - `2023-05-05`	3 months	crt.sh
*.bilgin.pro AlphaSSL CA - SHA256 - G2	`2022-04-27` - `2023-05-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://one.neotvprime.cf:8080/
Frame ID: D42F3AF4C1AA6D6F53F668B11EB4B550
Requests: 6 HTTP requests in this frame

Frame: http://ir1.sitekodlari.com/guso1.php
Frame ID: 71411DBA8C3D69FFC2C42655FA118E57
Requests: 4 HTTP requests in this frame

Frame: http://oa.onlinekisi.com/i/k15.php?q=pnc1357
Frame ID: 93AFBFAB7D2D2DF694E80CB6733253EF
Requests: 4 HTTP requests in this frame

Frame: http://ir1.sitekodlari.com/ekoh3.php
Frame ID: 6F56581BFEEFDB28FE3D5D04AA474297
Requests: 4 HTTP requests in this frame

Frame: https://www.internethaber.com/son-dakika//?t=23&cid=3
Frame ID: BFB6300874DC9A81157E9ACDC2425771
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Title of the document

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Page Statistics

44
Requests

66 %
HTTPS

63 %
IPv6

15
Domains

22
Subdomains

15
IPs

5
Countries

993 kB
Transfer

2441 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.sitekodlari.com/ekonomihaberlerikodu.php
Title: Sitene Ekonomi Haberleri Ekle

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://statcounter.com/counter/counter.js HTTP 301
https://statcounter.com/counter/counter.js

Request Chain 12

http://statcounter.com/counter/counter.js HTTP 301
https://statcounter.com/counter/counter.js

Request Chain 14

http://statcounter.com/counter/counter.js HTTP 301
https://statcounter.com/counter/counter.js

Request Chain 15

http://sondakika.internethaber.com/?t=23&cid=3 HTTP 301
https://www.internethaber.com/son-dakika//?t=23&cid=3

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
one.neotvprime.cf/ 589 B
959 B 107ms
63ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://one.neotvprime.cf:8080/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bae95408a4c07d1cb19d77d52542a95c10f52c097de9b0103239064b984bb40c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 79f04ed6f8120a78-AMS
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 25 Feb 2023 12:05:13 GMT
Last-Modified: Sun, 11 Dec 2022 23:43:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMBZyOmNbXrXpnmgx3xTilx%2FbXgNEG1pGe18PmNMCe4J439TuLtvUmu88sJZgLasxlt%2FmDqVrXIB5HMzgj2d%2BGIY%2BAnLRtEAl5PocsdUnZaraRnNR8JGC23%2Fzu%2BL1m%2BKZH2CRTi%2BfX9Ptj8H4TFYT%2BssdjPC"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked

GET
H/1.1 200
OK gununsozu1.js Show response
ir.sitekodlari.com/ 281 B
577 B 141ms
48ms Script
application/javascript 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ir.sitekodlari.com/gununsozu1.js
Requested by: Host: one.neotvprime.cf
URL: http://one.neotvprime.cf:8080/
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4974d1fa609ab09b42727d10406311e241baf6123d7ab139761bbf23e2aaa0f5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one.neotvprime.cf:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 12:05:13 GMT
Last-Modified: Sun, 25 Jul 2021 16:30:08 GMT
Server: nginx
X-Accel-Version: 0.01
ETag: "119-5c7f5265bc186"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 281

GET
H/1.1 200
OK ok15.js Show response
oa.onlinekisi.com/i/ 281 B
577 B 125ms
47ms Script
application/javascript 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oa.onlinekisi.com/i/ok15.js
Requested by: Host: one.neotvprime.cf
URL: http://one.neotvprime.cf:8080/
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 17e9aec7ecb623bfab305c610a2e23f7284dfdeb75e5030384d3ba2c11ff612f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one.neotvprime.cf:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 12:05:13 GMT
Last-Modified: Mon, 06 May 2019 21:42:41 GMT
Server: nginx
X-Accel-Version: 0.01
ETag: "119-5883efada027b"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 281

GET
H/1.1 200
OK ekonomihaberleri3.js Show response
ir.sitekodlari.com/ 281 B
577 B 140ms
47ms Script
application/javascript 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ir.sitekodlari.com/ekonomihaberleri3.js
Requested by: Host: one.neotvprime.cf
URL: http://one.neotvprime.cf:8080/
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 9c1e5f80225215646769e06fbea01eeaaeedf586d5afdf4bd39e01e84e6645ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one.neotvprime.cf:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 12:05:13 GMT
Last-Modified: Sun, 25 Jul 2021 16:30:07 GMT
Server: nginx
X-Accel-Version: 0.01
ETag: "119-5c7f52653a36f"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 281

GET
H/1.1 200
OK guso1.php Show response
ir1.sitekodlari.com/ Frame 7141 998 B
1 KB 141ms
51ms Document
text/html 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ir1.sitekodlari.com/guso1.php
Requested by: Host: ir.sitekodlari.com
URL: http://ir.sitekodlari.com/gununsozu1.js
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/5.4.16 PleskLin
Resource Hash: 8f2b3d9adcc90feb9d409a51f362b3391f4136bed16529942fc3d5f6ed504819

Request headers

Referer: http://one.neotvprime.cf:8080/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Sat, 25 Feb 2023 12:05:13 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16 PleskLin

GET
H/1.1 403
Forbidden 95d762de5ca6721293d645df673ba144.js
pl154258.alternativecpmgate.com/95/d7/62/ 0
0 931ms
107ms Script
application/javascript 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js
Requested by: Host: ir.sitekodlari.com
URL: http://ir.sitekodlari.com/gununsozu1.js
Protocol: HTTP/1.1
Server: 173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: http://one.neotvprime.cf:8080/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 25 Feb 2023 12:05:14 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2

200

counter.js Show response
statcounter.com/counter/ Frame 7141
Redirect Chain

http://statcounter.com/counter/counter.js
https://statcounter.com/counter/counter.js

43 KB
14 KB

130ms
50ms

Script
application/javascript

104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statcounter.com/counter/counter.js
Requested by: Host: ir1.sitekodlari.com
URL: http://ir1.sitekodlari.com/guso1.php
Protocol: H2
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ir1.sitekodlari.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:05:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 15:52:02 GMT
server: cloudflare
age: 19073
etag: W/"63f8dd22-aa70"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 79f04edac946bb8b-FRA
expires: Sat, 25 Feb 2023 18:47:21 GMT

Redirect headers

Date: Sat, 25 Feb 2023 12:05:13 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Location: https://statcounter.com/counter/counter.js
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 79f04eda0c3c3a84-FRA
Expires: Sat, 25 Feb 2023 13:05:13 GMT

GET
H/1.1 200
OK ka.png
in3.sitekodlari.com/gunun/ Frame 7141 4 KB
4 KB 119ms
45ms Image
image/png 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://in3.sitekodlari.com/gunun/ka.png
Requested by: Host: ir1.sitekodlari.com
URL: http://ir1.sitekodlari.com/guso1.php
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7e8aced65883006fde262cea4328d38da8e70f873d1a8053e6dba22cbfca787f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ir1.sitekodlari.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 12:05:13 GMT
Last-Modified: Wed, 04 Dec 2019 20:16:01 GMT
Server: nginx
ETag: "5de81401-e20"
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3616

GET
H2 200 t.php Show response
c.statcounter.com/ Frame 7141 192 B
572 B 179ms
164ms XHR
application/json 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=11943538&u1=C3F458EDF8D64F1921CAABB1E4866D37&java=1&security=69542a32&sc_snum=1&sess=a8f3c4&p=0&rcat=r&rdom=one.neotvprime.cf%3A8080&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=http%3A//one.neotvprime.cf%3A8080/&u=http%3A//ir1.sitekodlari.com/guso1.php&t=&invisible=1&sc_rum_e_s=422&sc_rum_e_e=453&sc_rum_f_s=0&sc_rum_f_e=416&get_config=true
Requested by: Host: statcounter.com
URL: http://statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ir1.sitekodlari.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:05:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: http://ir1.sitekodlari.com
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 79f04edb6a5abb8b-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK k15.php Show response
oa.onlinekisi.com/i/ Frame 93AF 648 B
858 B 48ms
48ms Document
text/html 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oa.onlinekisi.com/i/k15.php?q=pnc1357
Requested by: Host: oa.onlinekisi.com
URL: http://oa.onlinekisi.com/i/ok15.js
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/5.4.16 PleskLin
Resource Hash: d309943114e1a61f8ec21a49d5010e59c8b83b82ded4dd81774809a80df88922

Request headers

Referer: http://one.neotvprime.cf:8080/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Sat, 25 Feb 2023 12:05:14 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16 PleskLin

GET
H/1.1 200
OK ekoh3.php Show response
ir1.sitekodlari.com/ Frame 6F56 888 B
1 KB 49ms
49ms Document
text/html 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ir1.sitekodlari.com/ekoh3.php
Requested by: Host: ir.sitekodlari.com
URL: http://ir.sitekodlari.com/ekonomihaberleri3.js
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/5.4.16 PleskLin
Resource Hash: 9674992c160b3d42522d0fd002e8476dddcb1419c65f0b845890aaea3cb71d7c

Request headers

Referer: http://one.neotvprime.cf:8080/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Sat, 25 Feb 2023 12:05:14 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16 PleskLin

GET
H/1.1 403
Forbidden 95d762de5ca6721293d645df673ba144.js
pl154258.alternativecpmgate.com/95/d7/62/ 0
0 118ms
117ms Script
application/javascript 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js
Requested by: Host: ir.sitekodlari.com
URL: http://ir.sitekodlari.com/ekonomihaberleri3.js
Protocol: HTTP/1.1
Server: 173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: http://one.neotvprime.cf:8080/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 25 Feb 2023 12:05:14 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 15ok.php
oa.onlinekisi.com/i/ Frame 93AF 241 B
450 B 53ms
53ms Image
image/png 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oa.onlinekisi.com/i/15ok.php
Requested by: Host: oa.onlinekisi.com
URL: http://oa.onlinekisi.com/i/k15.php?q=pnc1357
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/5.4.16, PleskLin
Resource Hash: d57f4287081a83f7232e034639761cdd8d8935ee977bfee230485120b1379903

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://oa.onlinekisi.com/i/k15.php?q=pnc1357
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 12:05:14 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16, PleskLin
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2

200

counter.js Show response
statcounter.com/counter/ Frame 93AF
Redirect Chain

http://statcounter.com/counter/counter.js
https://statcounter.com/counter/counter.js

43 KB
14 KB

47ms
46ms

Script
application/javascript

104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statcounter.com/counter/counter.js
Requested by: Host: oa.onlinekisi.com
URL: http://oa.onlinekisi.com/i/k15.php?q=pnc1357
Protocol: H2
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://oa.onlinekisi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:05:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 15:52:02 GMT
server: cloudflare
age: 19073
etag: W/"63f8dd22-aa70"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 79f04edf285dbb8b-FRA
expires: Sat, 25 Feb 2023 18:47:21 GMT

Redirect headers

Date: Sat, 25 Feb 2023 12:05:14 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Location: https://statcounter.com/counter/counter.js
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 79f04ededab73a84-FRA
Expires: Sat, 25 Feb 2023 13:05:14 GMT

GET
H/1.1 200
OK ekonomi-bosbas.png
ir1.sitekodlari.com/images/ Frame 6F56 4 KB
4 KB 47ms
46ms Image
image/png 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ir1.sitekodlari.com/images/ekonomi-bosbas.png
Requested by: Host: ir1.sitekodlari.com
URL: http://ir1.sitekodlari.com/ekoh3.php
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2ac162f9469c41bf5b48640c78e5eaca7d316d3103c59dd87cfd480086d2da21

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ir1.sitekodlari.com/ekoh3.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 12:05:14 GMT
Last-Modified: Sun, 05 May 2019 09:04:26 GMT
Server: nginx
ETag: "5ccea71a-fc4"
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4036

GET
H2

200

counter.js Show response
statcounter.com/counter/ Frame 6F56
Redirect Chain

http://statcounter.com/counter/counter.js
https://statcounter.com/counter/counter.js

43 KB
14 KB

41ms
41ms

Script
application/javascript

104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statcounter.com/counter/counter.js
Requested by: Host: ir1.sitekodlari.com
URL: http://ir1.sitekodlari.com/ekoh3.php
Protocol: H2
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ir1.sitekodlari.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:05:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 15:52:02 GMT
server: cloudflare
age: 19073
etag: W/"63f8dd22-aa70"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 79f04edf68b5bb8b-FRA
expires: Sat, 25 Feb 2023 18:47:21 GMT

Redirect headers

Date: Sat, 25 Feb 2023 12:05:14 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Location: https://statcounter.com/counter/counter.js
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 79f04edf2b1a3a84-FRA
Expires: Sat, 25 Feb 2023 13:05:14 GMT

GET
H2

200

/ Show response
www.internethaber.com/son-dakika// Frame BFB6
Redirect Chain

http://sondakika.internethaber.com/?t=23&cid=3
https://www.internethaber.com/son-dakika//?t=23&cid=3

112 KB
24 KB

387ms
233ms

Document
text/html

185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Requested by: Host: ir1.sitekodlari.com
URL: http://ir1.sitekodlari.com/ekoh3.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 3f456c866cc09e604bb9ac6a6745d25c53110776a5cb656568d0be00616a65cf

Request headers

Referer: http://ir1.sitekodlari.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 18
allow: GET, HEAD, POST
cache-control: max-age=30
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 25 Feb 2023 12:05:15 GMT
pragma: no-cache
server: MerlinCDN
vary: Accept-Encoding
via: HTTP/2.0 Merlin CDN
x-cache-status: EXPIRED
x-edge: de-fra-dp-s04
x-lb-cache: EXPIRED
x-merlin-platform: desktop
x-midtier: tr-ist-shy-s01
x-platform: desktop

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sat, 25 Feb 2023 12:05:14 GMT
Location: https://www.internethaber.com/son-dakika//?t=23&cid=3
Server: nginx

GET
H2 200 t.php Show response
c.statcounter.com/ Frame 93AF 192 B
339 B 162ms
161ms XHR
application/json 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=10224970&u1=4EC74A48ADBD4F4CF8EB34F7E2EDC263&java=1&security=3f95a341&sc_snum=1&sess=a8f3c4&p=0&rcat=r&rdom=one.neotvprime.cf%3A8080&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=http%3A//one.neotvprime.cf%3A8080/&u=http%3A//oa.onlinekisi.com/i/k15.php%3Fq%3Dpnc1357&t=&invisible=1&sc_rum_e_s=185&sc_rum_e_e=188&sc_rum_f_s=0&sc_rum_f_e=182&get_config=true
Requested by: Host: statcounter.com
URL: http://statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://oa.onlinekisi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:05:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: http://oa.onlinekisi.com
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 79f04edf88f1bb8b-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 t.php
c.statcounter.com/ Frame 6F56 49 B
115 B 164ms
164ms Ping
image/gif 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=11943538&u1=C3F458EDF8D64F1921CAABB1E4866D37&java=1&security=69542a32&sc_snum=1&sess=a8f3c4&p=0&rcat=r&bb=0&rdomo=one.neotvprime.cf%3A8080&rdomg=1&jg=1&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=http%3A//one.neotvprime.cf%3A8080/&u=http%3A//ir1.sitekodlari.com/ekoh3.php&t=&invisible=1&sc_rum_e_s=206&sc_rum_e_e=213&sc_rum_f_s=0&sc_rum_f_e=204
Requested by: Host: statcounter.com
URL: http://statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://ir1.sitekodlari.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 25 Feb 2023 12:05:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 79f04edfb940bb8b-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame BFB6 31 KB
2 KB 184ms
69ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:ital,wght@0,100;0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9cb0d2ffff1fd146fcacd2692bc501bd969601f5c396a8db9338aa814324c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 25 Feb 2023 12:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 25 Feb 2023 11:55:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Feb 2023 12:05:15 GMT

GET
H2 200 weathericons-regular-webfont.woff2
s.internethaber.com/assets/web/fonts/weather/ Frame BFB6 44 KB
44 KB 127ms
38ms Font
application/octet-stream 2606:4700:3037::ac43:c99f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.internethaber.com/assets/web/fonts/weather/weathericons-regular-webfont.woff2
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c99f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5

Request headers

Referer: https://www.internethaber.com/
Origin: https://www.internethaber.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Sat, 25 Feb 2023 12:05:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 617469
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44720
x-rocket-mastercachestatus: HIT
last-modified: Wed, 15 Feb 2023 10:42:02 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: cloudflare
etag: "63ecb6fa-aeb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rY5cghPqgJ4toyvoFkq8Cgd5e%2BFICLTuf3ZH%2FzB4PAp8KLnGg7kHXOgNpt0zuR0RTflXy5qP60JUVvopfkh0zQHSAr4Lso91sOYJo33fN%2B4oMKGPm63suSvQWVQNkW8en1e%2F1xksIcYXI%2B66g29oYtPH"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
accept-ranges: bytes
cf-ray: 79f04ee65968bb71-FRA
expires: Mon, 20 Mar 2023 08:34:06 GMT

GET
H2 200 icon.ttf
s.internethaber.com/assets/web/fonts/icomoon/ Frame BFB6 124 KB
125 KB 158ms
69ms Font
application/octet-stream 2606:4700:3037::ac43:c99f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.internethaber.com/assets/web/fonts/icomoon/icon.ttf?kai2k8
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c99f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b56309f6f31b908376988a176f39162e7532afb423b887ae685af31daabf83d7

Request headers

Referer: https://www.internethaber.com/
Origin: https://www.internethaber.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Sat, 25 Feb 2023 12:05:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 871998
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 127404
x-rocket-mastercachestatus: HIT
last-modified: Tue, 17 Jan 2023 13:26:03 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: cloudflare
etag: "63c6a1eb-1f1ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrUCy%2FGja5MhP%2BNCpWOw9pDk8V95SzQrTotNtNH86wWrvZn9mFBU6m80xthnrz4GiN%2Bk1CnCe4MCOt3AC1ziZ%2FWJs4vQ%2F5xl0L%2B4TQsqJ%2BTlYHkmGPTBxgQakFl7RkIrIIOi9yFWa5a3K2ySCynq1y97"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
accept-ranges: bytes
cf-ray: 79f04ee6596bbb71-FRA
expires: Fri, 17 Mar 2023 09:51:57 GMT

GET
H2 200 build.css
s.internethaber.com/assets/web/css/ Frame BFB6 378 KB
63 KB 161ms
72ms Stylesheet
text/css 2606:4700:3037::ac43:c99f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.internethaber.com/assets/web/css/build.css?id=661cf4fa363b649659db
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c99f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dfe3b1487823143ea6a452ceb05c956422a50cc79eb121061822d07eaf9be38

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Sat, 25 Feb 2023 12:05:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512909
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rocket-mastercachestatus: EXPIRED
last-modified: Wed, 15 Feb 2023 10:42:02 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: cloudflare
etag: W/"63ecb6fa-5e794"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5QjW200iWw9ki9ytKE1tS8OGvE4BD9QwT%2B2PaENL6gOKMppFnsNbRaFTBRRT8w9tAcKW4VIb2TSeFH4OVnIyj2ahCbe%2F6%2FSgqy%2BuY4xAo2f6eVERLerbSVFQqttkXw0yTwOnuca5G8E8o4ezKrX9Yo%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
cf-ray: 79f04ee65b399244-FRA
expires: Tue, 21 Mar 2023 13:36:46 GMT

GET
H2 200 criteo.js Show response
s.internethaber.com/assets/global/js/ Frame BFB6 6 KB
2 KB 55ms
54ms Script
application/javascript 2606:4700:3037::ac43:c99f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.internethaber.com/assets/global/js/criteo.js?id=313ba0b1d00d8a24fb9b
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c99f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa4dd61d7a09398857b4462a74454d2089397da38ec9f3166c0deb23b4de4e36

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Sat, 25 Feb 2023 12:05:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 684093
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rocket-mastercachestatus: MISS
last-modified: Wed, 15 Feb 2023 10:42:02 GMT
x-rocket-node: edge126.ist.tr.eu.rocketcdn.com
server: cloudflare
etag: W/"63ecb6fa-16ae"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYA70XMnxkYEPTLIppow4iVFU8ct8vNDHCUzzTJ8J7BO%2FZtSbV7lmn5rrBdY2zi1NRHWfZSDyyqTQm81yCKtOwvLCheYsVoVGQNYSxZYYRYnmlDxQbEbUnJ3upFzMW88t7dl1FK1m131WevEkTgm4jdC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
cf-ray: 79f04ee70c389244-FRA
expires: Sun, 19 Mar 2023 14:03:43 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BFB6 76 KB
26 KB 442ms
87ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee3d0de10287031587504ed3c665676acd46ad3f28b10521a5465d92bab1ed8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26563
x-xss-protection: 0
server: sffe
etag: "1493 / 936 of 1000 / last-modified: 1677280057"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 25 Feb 2023 12:05:16 GMT

GET
H2 200 adsbysticky.js Show response
adsby.io/internethaber/ Frame BFB6 3 KB
1 KB 380ms
32ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsby.io/internethaber/adsbysticky.js
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e540fc048e1432e092070f7848b8e7ecf3a08a5e346e8f1608b19add120cd8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:05:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 15:52:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 72432
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HZiU05r%2Bjmrr9GE56dY7be2wZZgis8bQs8t%2BEQvpK7%2B2NT8ym4UxAsW9GspcM57%2B0BCvgsF5vl3ox8nM2CaZRDjxYI3GzU4kDZ4gFFvROcNnu5GqnEKbaL42CTZYe2OmUvzsJZq0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 79f04ee93b6d0e3c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Mar 2023 15:58:04 GMT

GET
H2 200 ad-3.0.8.lazy.beta.min.js Show response
ad-cdn.bilgin.pro/app/ Frame BFB6 24 KB
9 KB 436ms
87ms Script
application/javascript 195.142.105.24
SAGLAYICI

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.bilgin.pro/app/ad-3.0.8.lazy.beta.min.js?v=1
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.24 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 9d953d7b9dd09b6454b4407942675c4e0dab6b540285fcfe80f43f48f2268512

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Sat, 25 Feb 2023 12:05:16 GMT
content-encoding: gzip
expires: Mon, 27 Mar 2023 12:05:16 GMT
last-modified: Thu, 26 Jan 2023 14:58:51 GMT
server: nginx
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-rocket-mastercachestatus: HIT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame BFB6 219 KB
77 KB 388ms
42ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DFZT79FJRG

Requested by

Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d70ca1a51dd8561471dfb976f0c066353858dedd1d0d94ed24ccbb7ed6a2a307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:05:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78407
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 25 Feb 2023 12:05:16 GMT

GET
H2 200 BildirtSDKfiles.js Show response
cdn2.bildirt.com/ Frame BFB6 74 KB
24 KB 395ms
42ms Script
application/javascript 2606:4700:3032::6815:2d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.bildirt.com/BildirtSDKfiles.js
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54c837b94098928259dcc2ba780346f1e0c1ec98555e1fd5e468c0d4f0f8a556

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:05:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 13:05:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1937
etag: W/"633c2f96-1278c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQWNCQfyh%2FWaShQvqw1xHx8Y9QWmIioWn88M4bMbzYhNSq%2FefHEQ1TXTNSD3%2F%2FVNgBFUGBn1VAnGpd%2BdlvBdeMsL2XYhLSjbalNJL8h1v0Of7QzAllPzVbFv8YdCah2zCB6ikqEn%2BxIfxSxWnZoA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 79f04ee94ccd30e4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.js Show response
s.internethaber.com/assets/vendor/bp-image/ Frame BFB6 103 KB
39 KB 130ms
42ms Script
application/javascript 2606:4700:3037::ac43:c99f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.internethaber.com/assets/vendor/bp-image/app.js?id=661cf4fa363b649659db
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c99f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed00fa6a8aec382abd3087cc6eb81b56165adc92b0f04607c6c6c14be1f320eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: REVALIDATED
date: Sat, 25 Feb 2023 12:05:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513300
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rocket-mastercachestatus: EXPIRED
last-modified: Wed, 15 Feb 2023 10:42:02 GMT
x-rocket-node: edge126.ist.tr.eu.rocketcdn.com
server: cloudflare
etag: W/"63ecb6fa-19b45"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXmtLSOT%2F8j4n6dhU1J0lCUjJU9WGQnKA2eBHmhn79lZGnlmctblZJSLPDQqdIDOIAMXnlhfS5B3zi%2BBb2f0QkT3UAOuKQTjyIHKS6DkE56VA4COYNy1xaGCA29L3gZ6i8IyWXlnKBqPKcJMIDBsLDap"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
cf-ray: 79f04ee65b3a9244-FRA
expires: Tue, 21 Mar 2023 13:30:15 GMT

GET
H2 200 build.js Show response
s.internethaber.com/assets/web/js/ Frame BFB6 348 KB
108 KB 51ms
49ms Script
application/javascript 2606:4700:3037::ac43:c99f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.internethaber.com/assets/web/js/build.js?id=661cf4fa363b649659db
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c99f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c25a6075ed59afd7840584ae9a396f28701638abbf10ac2322e859fa851a1835

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Sat, 25 Feb 2023 12:05:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513301
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rocket-mastercachestatus: EXPIRED
last-modified: Wed, 15 Feb 2023 10:42:02 GMT
x-rocket-node: edge127.ist.tr.eu.rocketcdn.com
server: cloudflare
etag: W/"63ecb6fa-570d6"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gII5TFiHNI193H5HzZgrD%2Beb6kwy3p7wLPu8llP4NSgDFlp0rKzuLdHJayQeEdvpJIrvq50xmcOydDBwQ58PmLJXk3RZ486ThyIcqTWEJtQ81Cboo6KeBXB%2BiU0OJYxtg7gzBcLCpIJTmW%2BnAR6pTrQl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
cf-ray: 79f04ee71c4a9244-FRA
expires: Tue, 21 Mar 2023 13:30:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame BFB6 49 KB
20 KB 366ms
25ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 25 Feb 2023 11:14:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3070
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 25 Feb 2023 13:14:06 GMT

GET
H2 200 AGSKWxWSjuXyXEalHccHoRctjyfNXpTlU9SGRRX19O1b9Q4Q2SWH5ZkxMlPWN9WrrXXWh3OZMU4Kj-5frfprg2GjByM= Show response
fundingchoicesmessages.google.com/f/ Frame BFB6 126 KB
43 KB 444ms
92ms Script
application/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWSjuXyXEalHccHoRctjyfNXpTlU9SGRRX19O1b9Q4Q2SWH5ZkxMlPWN9WrrXXWh3OZMU4Kj-5frfprg2GjByM=

Requested by

Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45744dcd05833c803c50245dc1dbf0513ca9ff09350d41edaaff214d8706c9f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kHtKt-gDfWIeeTIpZuYdtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:05:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-kHtKt-gDfWIeeTIpZuYdtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame BFB6 22 KB
22 KB 363ms
62ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:ital,wght@0,100;0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 09:15:59 GMT
x-content-type-options: nosniff
age: 182957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22768
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:50:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 09:15:59 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWSnJuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame BFB6 23 KB
24 KB 281ms
35ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWSnJuMR0cg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72f0b323283b16b593703ad1845e5a79197324955e8efdb8ac67ae0d77c2d685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:38:02 GMT
x-content-type-options: nosniff
age: 214034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23708
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 00:38:02 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWVHLuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame BFB6 23 KB
23 KB 367ms
122ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWVHLuMR0cg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ec8dd74f23e44187f55eaeeae9ee6998723387171f76c9bf1d3fb63305f432a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 15:28:25 GMT
x-content-type-options: nosniff
age: 160611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23876
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 15:28:25 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWVHLuMp0ciZb.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame BFB6 33 KB
33 KB 320ms
79ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWVHLuMp0ciZb.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e922dc84beeaa2faa868845ffd995139106c87155c12f26a8710a5aba261c4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:58:57 GMT
x-content-type-options: nosniff
age: 349579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33484
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Feb 2024 10:58:57 GMT

GET
H2 200 wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfjtrftV.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame BFB6 30 KB
31 KB 368ms
128ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfjtrftV.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad5d1d626322dae075f633347e129c78be440431e20846e75f03173a7288b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 09:07:54 GMT
x-content-type-options: nosniff
age: 269842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31128
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:45:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 09:07:54 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWSnJuMp0ciZb.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame BFB6 33 KB
33 KB 347ms
108ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWSnJuMp0ciZb.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af793fb83137cbf484b1227a8cd7d70a2ad3cdf61227a624c6345ca763373d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:13:29 GMT
x-content-type-options: nosniff
age: 197507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33508
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 05:13:29 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame BFB6 22 KB
22 KB 335ms
99ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMR0cg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf558b850010169a48f78bd32dc7162613de65038e767c6a2928de1b5c60fb98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:47:00 GMT
x-content-type-options: nosniff
age: 245896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22760
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 15:47:00 GMT

GET
H2 200 nurdagi-1-I74E_cover.jpg.webp
i.internethaber.com/2/238/155/storage/files/images/2023/02/25/ Frame BFB6 7 KB
8 KB 1344ms
1328ms Image
image/webp 2606:4700:3037::ac43:c99f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.internethaber.com/2/238/155/storage/files/images/2023/02/25/nurdagi-1-I74E_cover.jpg.webp
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c99f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fd83f9391804fc4e86536b35142cc2accc2d47538fbd4b4840f13af4f5970479

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: MISS
date: Sat, 25 Feb 2023 12:05:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-proudly-served-by: Bilgin Pro
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rocket-mastercachestatus: HIT
x-rocket-node: edge127.ist.tr.eu.rocketcdn.com
last-modified: Sat, 25 Feb 2023 12:05:17 GMT
server: cloudflare
app-name: node-picasso
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC76RjWVnosRqKy7b326FFCpIjhGdnaApihPl9uwy1V2xEjJR%2BNtCi1EvSXfbPdZUlNoLnlAlTLAMg%2BfCtO%2FnaNOjclyMUOq%2BknF3J0SG7bLRtHpFE0tVJHTLSb7acPpzRnW9oifA4WQRukTrdJFn2s6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
vary: Accept-Encoding
x-lb-cache: MISS
cf-ray: 79f04ee84de79244-FRA
expires: Mon, 27 Mar 2023 12:05:17 GMT

POST
H2 200 load Show response
ad.bilgin.pro/ Frame BFB6 1 KB
646 B 290ms
110ms XHR
text/html 195.142.109.125
SAGLAYICI

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.bilgin.pro/load
Requested by: Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.8.lazy.beta.min.js?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.109.125 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: cddd4578ccb577240c3aa62bc32e6a49e049b6eca21c59a202096709e2756632

Request headers

Referer: https://www.internethaber.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 12:05:16 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate
expires: -1

GET
H3 200 Config-sw.js Show response
cdn2.bildirt.com/ Frame BFB6 7 KB
2 KB 108ms
73ms Fetch
application/json 2606:4700:3032::6815:2d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.bildirt.com/Config-sw.js?uygulamaid=4009-1999-6373-3753-3196-4
Requested by: Host: cdn2.bildirt.com
URL: https://cdn2.bildirt.com/BildirtSDKfiles.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12eb3e331ce854464a0531f22a9e6454be6e6c08aff393396ce71a5f96413b9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:05:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ja47CyelxIFKFYEaevVTUUxHt%2BaAPB%2BJ4%2Fjg103grD8TbI2cWHrPhYt2eOamolfhIS20n4fWXsEVl19IQip%2FnTDLgT0zEWdwq5xASVgJ6DPrYjx9YVNs%2B0EWvRZIWYAEdvasvPo%2FBmnd81uEpfwr"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset: UTF-8
access-control-allow-origin: *
cf-ray: 79f04eea18299b9a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pubads_impl_2023022102.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BFB6 383 KB
129 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

657ce65f87e54b2a6c1bc0db7a92f6c8a5dfa40906a7da8b7a897741ff32d3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 11:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132325
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:18:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 25 Feb 2024 11:09:53 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.statcounter.com/	1970-01-20 19:31:26	Name: is_visitor_unique Value: 1677326714178108077
			.statcounter.com/	1970-01-20 19:31:26	Name: is_unique Value: sc11943538.1677326714.0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://ir.sitekodlari.com/gununsozu1.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://ir.sitekodlari.com/gununsozu1.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://ir.sitekodlari.com/ekonomihaberleri3.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://ir.sitekodlari.com/ekonomihaberleri3.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-cdn.bilgin.pro
ad.bilgin.pro
adsby.io
c.statcounter.com
cdn2.bildirt.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
i.internethaber.com
in3.sitekodlari.com
ir.sitekodlari.com
ir1.sitekodlari.com
oa.onlinekisi.com
one.neotvprime.cf
pl154258.alternativecpmgate.com
s.internethaber.com
securepubads.g.doubleclick.net
sondakika.internethaber.com
statcounter.com
www.google-analytics.com
www.googletagmanager.com
www.internethaber.com
104.20.218.77
173.233.137.52
185.102.219.173
195.142.105.24
195.142.106.235
195.142.109.125
2001:4860:4802:34::178
2606:4700:3032::6815:2d44
2606:4700:3037::ac43:c99f
2a00:1450:4001:802::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:827::2002
2a00:1450:400d:807::200e
2a00:1450:400d:808::200a
2a01:4f8:151:6117::2
2a06:98c1:3120::3
12eb3e331ce854464a0531f22a9e6454be6e6c08aff393396ce71a5f96413b9e
17e9aec7ecb623bfab305c610a2e23f7284dfdeb75e5030384d3ba2c11ff612f
1dfe3b1487823143ea6a452ceb05c956422a50cc79eb121061822d07eaf9be38
2ac162f9469c41bf5b48640c78e5eaca7d316d3103c59dd87cfd480086d2da21
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598
3f456c866cc09e604bb9ac6a6745d25c53110776a5cb656568d0be00616a65cf
45744dcd05833c803c50245dc1dbf0513ca9ff09350d41edaaff214d8706c9f2
4974d1fa609ab09b42727d10406311e241baf6123d7ab139761bbf23e2aaa0f5
54c837b94098928259dcc2ba780346f1e0c1ec98555e1fd5e468c0d4f0f8a556
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
657ce65f87e54b2a6c1bc0db7a92f6c8a5dfa40906a7da8b7a897741ff32d3bd
6ec8dd74f23e44187f55eaeeae9ee6998723387171f76c9bf1d3fb63305f432a
72f0b323283b16b593703ad1845e5a79197324955e8efdb8ac67ae0d77c2d685
7e8aced65883006fde262cea4328d38da8e70f873d1a8053e6dba22cbfca787f
8f2b3d9adcc90feb9d409a51f362b3391f4136bed16529942fc3d5f6ed504819
9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5
9674992c160b3d42522d0fd002e8476dddcb1419c65f0b845890aaea3cb71d7c
9c1e5f80225215646769e06fbea01eeaaeedf586d5afdf4bd39e01e84e6645ff
9d953d7b9dd09b6454b4407942675c4e0dab6b540285fcfe80f43f48f2268512
aa4dd61d7a09398857b4462a74454d2089397da38ec9f3166c0deb23b4de4e36
af793fb83137cbf484b1227a8cd7d70a2ad3cdf61227a624c6345ca763373d5d
b56309f6f31b908376988a176f39162e7532afb423b887ae685af31daabf83d7
bae95408a4c07d1cb19d77d52542a95c10f52c097de9b0103239064b984bb40c
bf558b850010169a48f78bd32dc7162613de65038e767c6a2928de1b5c60fb98
c25a6075ed59afd7840584ae9a396f28701638abbf10ac2322e859fa851a1835
c9cb0d2ffff1fd146fcacd2692bc501bd969601f5c396a8db9338aa814324c91
cddd4578ccb577240c3aa62bc32e6a49e049b6eca21c59a202096709e2756632
d309943114e1a61f8ec21a49d5010e59c8b83b82ded4dd81774809a80df88922
d57f4287081a83f7232e034639761cdd8d8935ee977bfee230485120b1379903
d5e540fc048e1432e092070f7848b8e7ecf3a08a5e346e8f1608b19add120cd8
d70ca1a51dd8561471dfb976f0c066353858dedd1d0d94ed24ccbb7ed6a2a307
dad5d1d626322dae075f633347e129c78be440431e20846e75f03173a7288b50
e922dc84beeaa2faa868845ffd995139106c87155c12f26a8710a5aba261c4f0
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ed00fa6a8aec382abd3087cc6eb81b56165adc92b0f04607c6c6c14be1f320eb
ee3d0de10287031587504ed3c665676acd46ad3f28b10521a5465d92bab1ed8f
fd83f9391804fc4e86536b35142cc2accc2d47538fbd4b4840f13af4f5970479

one.neotvprime.cf Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

66 %HTTPS

63 %IPv6

15 Domains

22 Subdomains

15 IPs

5 Countries

993 kBTransfer

2441 kBSize

2 Cookies

1 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

one.neotvprime.cf Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

66 %
HTTPS

63 %
IPv6

15
Domains

22
Subdomains

15
IPs

5
Countries

993 kB
Transfer

2441 kB
Size

2
Cookies

44 HTTP transactions
0 data transactions