www.gezginler.net Open in urlscan Pro
2606:4700:10::ac43:1d90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gezginler.net/indir/i/33628/
Effective URL:
https://www.gezginler.net/indir/doro-pdf-writer.html
Submission Tags: falconsandbox
Submission: On July 11 via api (July 11th 2021, 2:45:37 am UTC) from US

Summary HTTP 79 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 12 domains to perform 79 HTTP transactions. The main IP is 2606:4700:10::ac43:1d90, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gezginler.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 27th 2021. Valid for: a year.

This is the only time www.gezginler.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	2606:4700:10:... 2606:4700:10::ac43:1d90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::ac43:9ddd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	31.3.2.119 31.3.2.119	21245 (NETSA-AS) (NETSA-AS)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
79	23

13 2606:4700:10::ac43:1d90 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.gezginler.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:9ddd (United States)

ASN13335 (CLOUDFLARENET, US)

eksiup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 31.3.2.119 (Frankfurt am Main, Germany)

ASN21245 (NETSA-AS, TR)

cdn.gezginler.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	gezginler.net 1 redirects www.gezginler.net cdn.gezginler.net	154 KB
23	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	201 KB
13	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	188 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	77 KB
3	criteo.net static.criteo.net	39 KB
2	googletagservices.com www.googletagservices.com	64 KB
2	google.com adservice.google.com www.google.com	932 B
1	criteo.com gum.criteo.com	724 B
1	googleapis.com fonts.googleapis.com	674 B
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	440 B
1	eksiup.com eksiup.com	2 KB
79	12

	Domain	Requested by
16	pagead2.googlesyndication.com	www.gezginler.net pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	www.gezginler.net	1 redirects www.gezginler.net
12	cdn.gezginler.net	www.gezginler.net
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	static.criteo.net	eksiup.com
3	stats.g.doubleclick.net	www.gezginler.net
3	securepubads.g.doubleclick.net	www.gezginler.net securepubads.g.doubleclick.net
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	gum.criteo.com	static.criteo.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	eksiup.com	www.gezginler.net
79	18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.virustotal.com
www.eset.com

Subject Issuer	Validity	Valid
gezginler.net Cloudflare Inc ECC CA-3	`2021-05-27` - `2022-05-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
cdn.gezginler.net GoGetSSL RSA DV CA	`2020-12-12` - `2022-01-12`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.gezginler.net/indir/doro-pdf-writer.html
Frame ID: 7635A7CDB18915DB03589E021E29BE1E
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html
Frame ID: 495E76BF2A66BDA415C1938D8C1407AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837134192211129&output=html&h=90&slotname=2579176045&adk=1950978871&adf=1667956287&pi=t.ma~as.2579176045&w=728&lmt=1625971518&psa=0&format=728x90&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518161&bpp=4&bdt=137&idt=126&shv=r20210701&ptt=9&saldr=aa&abxe=1&correlator=6274199554595&frm=20&pv=2&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=555&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AWFEooPiW9&p=https%3A//www.gezginler.net&dtd=137
Frame ID: 8A7EBAA8872DB61C261E91FA3F03BABD
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837134192211129&output=html&h=120&slotname=2300946081&adk=568251295&adf=3450886882&pi=t.ma~as.2300946081&w=456&lmt=1625971518&psa=0&format=456x120&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518165&bpp=1&bdt=142&idt=137&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6274199554595&frm=20&pv=1&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=321&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ahjjl87tXH&p=https%3A//www.gezginler.net&dtd=138
Frame ID: 138B9418865DA8EBF550AC30A41F4993
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837134192211129&output=html&h=280&slotname=1209397607&adk=3254850192&adf=515224776&pi=t.ma~as.1209397607&w=336&lmt=1625971518&psa=0&format=336x280&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518166&bpp=1&bdt=143&idt=139&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C456x120&correlator=6274199554595&frm=20&pv=1&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=779&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=44lvv3XdE9&p=https%3A//www.gezginler.net&dtd=140
Frame ID: 79A857B9AEDD929DF026D3506F2FCA2A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837134192211129&output=html&adk=1812271804&adf=3025194257&lmt=1625971518&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518173&bpp=1&bdt=149&idt=134&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C456x120%2C336x280&nras=1&correlator=6274199554595&frm=20&pv=1&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=137
Frame ID: 14C63FD2D87FD86776F8CB438A6F3789
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gezginler.net
Frame ID: 893BB13CA501FE74715F89ACADB735C1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js
Frame ID: 52FE0B8659BA6AE413CE8BFFBF47AA4F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 48F4C0D98DCCE746553E2B428539D656
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 15B18BE2CC5C913936B9D82141CA73AE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.gezginler.net/indir/i/33628/ HTTP 302
https://www.gezginler.net/indir/doro-pdf-writer.html Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

79
Requests

100 %
HTTPS

91 %
IPv6

12
Domains

18
Subdomains

23
IPs

4
Countries

728 kB
Transfer

1841 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/gezginler

Search URL Search Domain Scan URL

URL: https://twitter.com/gezginlernet

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/0da9083a56acc983e6812b11539687ed163c5408d1113969d8d2f37f291c6e48/detection/f-0da9083a56acc983e6812b11539687ed163c5408d1113969d8d2f37f291c6e48-1624165164
Title: 0 / 17

Search URL Search Domain Scan URL

URL: https://www.eset.com/tr/internet-security/?utm_source=gezginler&utm_medium=banner&utm_campaign=eisbts

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gezginler.net/indir/i/33628/ HTTP 302
https://www.gezginler.net/indir/doro-pdf-writer.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request doro-pdf-writer.html Show response
www.gezginler.net/indir/
Redirect Chain

https://www.gezginler.net/indir/i/33628/
https://www.gezginler.net/indir/doro-pdf-writer.html

28 KB
8 KB

66ms
65ms

Document
text/html

2606:4700:10::ac43:1d90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47f38599d2a8068f976ddbd6b89768338bfc4e63593e5045fb43846c43b1e3ad

Request headers

:method: GET
:authority: www.gezginler.net
:scheme: https
:path: /indir/doro-pdf-writer.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-type: text/html; charset=iso-8859-9
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding,User-Agent
cache-control: max-age=0, no-cache, s-maxage=10
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66ceb1e3396b1f45-FRA
content-encoding: gzip

Redirect headers

date: Sun, 11 Jul 2021 02:45:17 GMT
content-type: text/html; charset=ISO-8859-9
location: https://www.gezginler.net/indir/doro-pdf-writer.html
vary: User-Agent
cache-control: s-maxage=10
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66ceb1e2e92b1f45-FRA

GET
H2 200 stil.css
www.gezginler.net/tema/ 55 KB
9 KB 41ms
40ms Stylesheet
text/css 2606:4700:10::ac43:1d90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gezginler.net/tema/stil.css?v=2.3
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e490fc9b091806a3c0f4a58e148a3e117b55a218d18a05c8a763ea5dfa3f1561

Request headers

:path: /tema/stil.css?v=2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.gezginler.net
referer: https://www.gezginler.net/indir/doro-pdf-writer.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gezginler.net/indir/doro-pdf-writer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 02 Mar 2020 13:16:32 GMT
server: cloudflare
cf-polished: origSize=59050
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
expires: Sun, 11 Jul 2021 04:45:17 GMT
cache-control: max-age=14400
cf-ray: 66ceb1e3a9ce1f45-FRA
cf-bgj: minify

GET
H2 200 jquery-1.11.1.min.js Show response
www.gezginler.net/tema/js/ 94 KB
33 KB 22ms
21ms Script
application/javascript 2606:4700:10::ac43:1d90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gezginler.net/tema/js/jquery-1.11.1.min.js
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

:path: /tema/js/jquery-1.11.1.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gezginler.net
referer: https://www.gezginler.net/indir/doro-pdf-writer.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gezginler.net/indir/doro-pdf-writer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Jan 2015 10:47:41 GMT
server: cloudflare
age: 2429
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 66ceb1e3a9cf1f45-FRA
content-length: 33225

GET
H2 200 jquery.qtip.min.js Show response
www.gezginler.net/tema/eklenti/qtip2/ 43 KB
16 KB 38ms
38ms Script
application/javascript 2606:4700:10::ac43:1d90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gezginler.net/tema/eklenti/qtip2/jquery.qtip.min.js
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8df7d2c68be6671394e4afa2dbb56930ccd29851aea8a898ce6168fb4b1b6b5d

Request headers

:path: /tema/eklenti/qtip2/jquery.qtip.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gezginler.net
referer: https://www.gezginler.net/indir/doro-pdf-writer.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gezginler.net/indir/doro-pdf-writer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 24 Jan 2014 08:56:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66ceb1e3a9d11f45-FRA
content-length: 16032

GET
H2 200 jquery.qtip.min.css
www.gezginler.net/tema/eklenti/qtip2/ 12 KB
3 KB 21ms
20ms Stylesheet
text/css 2606:4700:10::ac43:1d90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gezginler.net/tema/eklenti/qtip2/jquery.qtip.min.css
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35466afb94a4844480221bd124d3a110744a296c487096600c88d412b0629904

Request headers

:path: /tema/eklenti/qtip2/jquery.qtip.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.gezginler.net
referer: https://www.gezginler.net/indir/doro-pdf-writer.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gezginler.net/indir/doro-pdf-writer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 Jan 2014 08:56:28 GMT
server: cloudflare
age: 5896
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66ceb1e3a9d01f45-FRA
content-length: 3336
expires: Sun, 11 Jul 2021 03:07:02 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 68 KB
24 KB 38ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

15ad921a830f46ea33b930f13187352272249a2863ee3f680a08c98cbcee19cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "927 / 177 of 1000 / last-modified: 1625868554"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24101
x-xss-protection: 0
expires: Sun, 11 Jul 2021 02:45:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd140742c354c506c7bb90f383e236b9b6886581b286fa810ebdd27540181846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48619
x-xss-protection: 0
server: cafe
etag: 2461876098917531654
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 11 Jul 2021 02:45:18 GMT

GET
H2 200 gezginler.js Show response
eksiup.com/ab/ 5 KB
2 KB 39ms
12ms Script
application/javascript 2606:4700:3033::ac43:9ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eksiup.com/ab/gezginler.js
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1c8e45988843e6ad79e763b6220524c01fda09e7a0229fc1b520143d2a2d6c9

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5900
cf-polished: origSize=5335
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 14 Apr 2020 12:16:49 GMT
server: cloudflare
etag: W/"5e95a9b1-14d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2wwzuUnLqaqMAmik0X7lzAVNE7PkunQptMiMzfb7hotfG8bhxB2pMEJbtZsVHxYpDaPi2lXYLtza38KrI6t5R37%2Fq%2BXaZMFubbiwRRJN9Dl95Ww6knd%2BKGByxu%2BWwcl4dcmmjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 66ceb1e4392b05f5-FRA
expires: Sun, 27 Jun 2021 07:17:47 GMT

GET
H2 200 api.js Show response
www.gezginler.net/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 13ms
9ms Script
text/javascript 2606:4700:10::ac43:1d90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gezginler.net/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1d90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ad73612f12f05dfb07d437a5d3d9a19c5ed14ced0b78362eadd9ac8effde3ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gezginler.net
referer: https://www.gezginler.net/indir/doro-pdf-writer.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gezginler.net/indir/doro-pdf-writer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 66ceb1e41a281f45-FRA
cf-request-id: 0b350d828d00001f45eb0c4000000001

GET
H2 200 gezginler-logo.png
cdn.gezginler.net/images/ 3 KB
3 KB 67ms
14ms Image
image/png 31.3.2.119
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gezginler.net/images/gezginler-logo.png
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.119 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software: MNCDN-2147 /
Resource Hash: a7192590ddffde990a58a5bafde5ce39a66a21e833220ef37d8364ca0045514a

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-edge-location: DE-372
cf-polished: origSize=6259
x-cache-status: Edge : HIT,
cf-bgj: imgq:100,h2pri
server: MNCDN-2147
x-mnrequest-id: d7c7e3eeccb16a0a87adc30d71cdddfb
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
cf-ray: 66cddcfd6baa2bca-FRA
x-mserver: 2200
expires: Sat, 09 Oct 2021 02:45:18 GMT

GET
H2 200 doro-pdf-writer-1374139748.png
cdn.gezginler.net/indir/resim-grafik/ 26 KB
26 KB 71ms
18ms Image
image/png 31.3.2.119
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gezginler.net/indir/resim-grafik/doro-pdf-writer-1374139748.png
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.119 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software: MNCDN-2147 /
Resource Hash: 08830350e81b25f2e8a58f54f329b274bffdbde7261575d73e5794ab2921e40c

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-edge-location: DE-372
cf-polished: origSize=24248
x-cache-status: Edge : MISS, Midcache : HIT
cf-request-id: 0b036ee3250000fd09fda1b000000001
cf-bgj: imgq:100,h2pri
server: MNCDN-2147
x-mnrequest-id: 074b4739f4c6c34c03a1c37998832e1b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
cf-ray: 667f4db1d9edfd09-OTP
x-mserver: 2176
expires: Sat, 09 Oct 2021 02:45:18 GMT

GET
H2 200 check.png
www.gezginler.net/tema/images/ 548 B
730 B 20ms
16ms Image
image/png 2606:4700:10::ac43:1d90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gezginler.net/tema/images/check.png

Requested by

Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1d90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3bcc257feb459d015ff851e04618a75b96a0bde593a83848518cb7ec0b9a28a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /tema/images/check.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gezginler.net
referer: https://www.gezginler.net/indir/doro-pdf-writer.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gezginler.net/indir/doro-pdf-writer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 319631
cf-polished: status=not_needed
content-length: 548
last-modified: Fri, 24 Jan 2014 11:49:39 GMT
server: cloudflare
etag: W/"PSA-TgI-WFuXTL"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Fri, 06 Aug 2021 09:09:03 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 66ceb1e41a2a1f45-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 indir.png
cdn.gezginler.net/modules/mydownloads/images/ 410 B
773 B 67ms
15ms Image
image/png 31.3.2.119
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gezginler.net/modules/mydownloads/images/indir.png
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.119 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software: MNCDN-2147 /
Resource Hash: 5815efa1056a1afc825e71221ff7722e0d891ea624851d1652a41c905d205d5c

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: MISS
server: MNCDN-2147
x-mnrequest-id: fc5830c27b072b52cb9ad07584c2914b
x-edge-location: DE-372
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
x-cache-status: Edge : HIT,
cf-ray: 667fa3c27b9b625f-OTP
cf-request-id: 0b03a4ad8c0000625f7a123000000001
x-mserver: 2176
expires: Sat, 09 Oct 2021 02:45:18 GMT

GET
H2 200 t_doro-pdf-writer-1374139782.jpg
cdn.gezginler.net/indir/resim-grafik/ 9 KB
8 KB 70ms
18ms Image
image/jpeg 31.3.2.119
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gezginler.net/indir/resim-grafik/t_doro-pdf-writer-1374139782.jpg
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.119 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software: MNCDN-2147 /
Resource Hash: 12fb1dfcd49105852d37abc76b93697291ba3d591c76e65ba0ac7b2f55b5cc93

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: MISS
server: MNCDN-2147
x-mnrequest-id: a359ebf242859457fbc7907418236b54
x-edge-location: DE-372
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=7776000
x-cache-status: Edge : MISS, Midcache : HIT
cf-ray: 66ba83eb88a06250-OTP
x-mserver: 2200
expires: Sat, 09 Oct 2021 02:45:18 GMT

GET
H2 200 ikon_pubg-mobile-pc-with-bluestacks-1527100749.jpg
cdn.gezginler.net/indir/resim-grafik/ 757 B
1 KB 65ms
13ms Image
image/jpeg 31.3.2.119
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gezginler.net/indir/resim-grafik/ikon_pubg-mobile-pc-with-bluestacks-1527100749.jpg
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.119 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software: MNCDN-2147 /
Resource Hash: e6cc07feb1139efe8dd909ed14d198f34bd6f765259a8ec7f39276667f578724

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 878942
x-edge-location: DE-372
cf-polished: origSize=2097
x-cache-status: Edge : HIT,
cf-request-id: 0b03a12c720000248878839000000001
cf-bgj: imgq:100,h2pri
server: MNCDN-2147
x-mnrequest-id: 992d73c394458e4f9985f95a865ab46d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=7776000
cf-ray: 667f9e271f3c2488-FRA
x-mserver: 2200
expires: Sat, 09 Oct 2021 02:45:18 GMT

GET
H2 200 ikon_google-chrome-1331722046.png
cdn.gezginler.net/indir/resim-grafik/ 2 KB
2 KB 66ms
15ms Image
image/png 31.3.2.119
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gezginler.net/indir/resim-grafik/ikon_google-chrome-1331722046.png
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.119 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software: MNCDN-2147 /
Resource Hash: a2eb9d88c19218d2e62a9247794581a983ba9e9d3fceeb5ac208c030f2a46ec8

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 34126
x-edge-location: DE-372
cf-polished: origSize=1878
x-cache-status: Edge : HIT,
cf-request-id: 0b029a49820000acacc69eb000000001
cf-bgj: imgq:100,h2pri
server: MNCDN-2147
x-mnrequest-id: e1bca485a93a5fd3a34a270f87dbf8b6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
cf-ray: 667df988cbebacac-OTP
x-mserver: 2177
expires: Sat, 09 Oct 2021 02:45:18 GMT

GET
H2 200 ikon_minecraft-1352391865.png
cdn.gezginler.net/indir/resim-grafik/ 2 KB
3 KB 34ms
13ms Image
image/png 31.3.2.119
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.gezginler.net/indir/resim-grafik/ikon_minecraft-1352391865.png

Requested by

Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.119 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR),

Reverse DNS

Software

MNCDN-2147 /

Resource Hash

b572b294d955c258deca6e5b451e4a85092672b6d88f5c09a92bdb324370d963

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 2098
age: 144581
x-edge-location: DE-372
cf-polished: status=not_needed
x-cache-status: Edge : HIT,
cf-bgj: imgq:100,h2pri
server: MNCDN-2147
x-mnrequest-id: a26ba4ba4267fbd83fc7cc2579123034
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
cf-ray: 66ba06ae8d855481-IST
x-mserver: 2176
expires: Sat, 09 Oct 2021 02:45:18 GMT

GET
H2 200 ikon_adwcleaner-1480587702.png
cdn.gezginler.net/indir/resim-grafik/ 2 KB
3 KB 34ms
13ms Image
image/png 31.3.2.119
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gezginler.net/indir/resim-grafik/ikon_adwcleaner-1480587702.png
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.119 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software: MNCDN-2147 /
Resource Hash: c3b406c28b6fdda80a2471a8bd3960375399bbceed1195c6a76c01fcd9324985

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1491398
x-edge-location: DE-372
cf-polished: origSize=3698
x-cache-status: Edge : HIT,
cf-bgj: imgq:100,h2pri
server: MNCDN-2147
x-mnrequest-id: b46f7ddb6d858cfbb589d2022f348707
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
cf-ray: 66ba06adfc7e4ec1-FRA
x-mserver: 2200
expires: Sat, 09 Oct 2021 02:45:18 GMT

GET
H2 200 ikon_okey-oyunu-1332780461.png
cdn.gezginler.net/indir/resim-grafik/ 2 KB
2 KB 34ms
13ms Image
image/png 31.3.2.119
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gezginler.net/indir/resim-grafik/ikon_okey-oyunu-1332780461.png
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.119 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software: MNCDN-2147 /
Resource Hash: 8ff02b10d653ce09779d08866d3f5d91be0d23d4a75af849e9308b9611d473b9

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 193517
x-edge-location: DE-372
cf-polished: origSize=1749
x-cache-status: Edge : HIT,
cf-request-id: 0b03a12ba5000054827e1be000000001
cf-bgj: imgq:100,h2pri
server: MNCDN-2147
x-mnrequest-id: 19f0e4b8e0dec0133c00c92eb3875ffa
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
cf-ray: 667f9e25dd4d5482-IST
x-mserver: 2200
expires: Sat, 09 Oct 2021 02:45:18 GMT

GET
H2 200 ikon_bandicam-1341564367.png
cdn.gezginler.net/indir/resim-grafik/ 2 KB
3 KB 33ms
12ms Image
image/png 31.3.2.119
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.gezginler.net/indir/resim-grafik/ikon_bandicam-1341564367.png

Requested by

Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.119 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR),

Reverse DNS

Software

MNCDN-2147 /

Resource Hash

10d643bc23022abe69fa5010263edafc06b18797f7bcdbeea82bb5b9ca8f0aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 2007
age: 2317855
x-edge-location: DE-372
cf-polished: status=not_needed
x-cache-status: Edge : HIT,
cf-request-id: 0b050471420000acf42e918000000001
cf-bgj: imgq:100,h2pri
server: MNCDN-2147
x-mnrequest-id: cf57bac3d9e8b64a45b7b2529f2d8fd2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
cf-ray: 6681d6953872acf4-OTP
x-mserver: 2177
expires: Sat, 09 Oct 2021 02:45:18 GMT

GET
H2 200 ikon_winrar-1331720925.png
cdn.gezginler.net/indir/resim-grafik/ 3 KB
3 KB 34ms
13ms Image
image/png 31.3.2.119
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.gezginler.net/indir/resim-grafik/ikon_winrar-1331720925.png

Requested by

Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.119 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR),

Reverse DNS

Software

MNCDN-2147 /

Resource Hash

21aff6ee19f9a2fe36316e339b5e52383f4cbcc3c27325fb497223b81bb15686

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 2600
x-edge-location: DE-372
cf-polished: status=not_needed
x-cache-status: Edge : HIT,
cf-request-id: 0b029a491000004e5caba1f000000001
cf-bgj: imgq:100,h2pri
server: MNCDN-2147
x-mnrequest-id: dec9a10f91b48e1f58f5853d19080f48
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
cf-ray: 667df9881f714e5c-FRA
x-mserver: 2200
expires: Sat, 09 Oct 2021 02:45:18 GMT

GET
H2 200 ikon_farm-frenzy-cilgin-tarla-3-1351606024.png
cdn.gezginler.net/indir/resim-grafik/ 2 KB
2 KB 34ms
13ms Image
image/png 31.3.2.119
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gezginler.net/indir/resim-grafik/ikon_farm-frenzy-cilgin-tarla-3-1351606024.png
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.119 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software: MNCDN-2147 /
Resource Hash: 9b0f6ac75980f9d4eeaff60259a52a156c959b07d368f69ea02658f512bc2f17

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1643157
x-edge-location: DE-372
cf-polished: origSize=2044
x-cache-status: Edge : HIT,
cf-bgj: imgq:100,h2pri
server: MNCDN-2147
x-mnrequest-id: 9be6da3b4135bc3acf330e1a881be318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
cf-ray: 66c50789aace625f-OTP
x-mserver: 2176
expires: Sat, 09 Oct 2021 02:45:18 GMT

GET
H2 200 jRating.jquery2.js Show response
www.gezginler.net/tema/eklenti/rating/jquery/ 4 KB
2 KB 22ms
20ms Script
application/javascript 2606:4700:10::ac43:1d90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gezginler.net/tema/eklenti/rating/jquery/jRating.jquery2.js
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd817e323af210fa8a77dde86a58e57468d9d259af3b513cf1ed7a5e367b53a1

Request headers

:path: /tema/eklenti/rating/jquery/jRating.jquery2.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gezginler.net
referer: https://www.gezginler.net/indir/doro-pdf-writer.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gezginler.net/indir/doro-pdf-writer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2017 07:22:57 GMT
server: cloudflare
age: 2429
cf-polished: origSize=7160
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66ceb1e3ea091f45-FRA
cf-bgj: minify

GET
H2 200 ustmenu.png
www.gezginler.net/tema/images/ 6 KB
7 KB 38ms
36ms Image
image/png 2606:4700:10::ac43:1d90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gezginler.net/tema/images/ustmenu.png

Requested by

Host: www.gezginler.net
URL: https://www.gezginler.net/tema/stil.css?v=2.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1d90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4cd51b7abf26bfcb32e0ad117f5010932d24f6603f4ed18ed206e3ee24ec36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /tema/images/ustmenu.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gezginler.net
referer: https://www.gezginler.net/tema/stil.css?v=2.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gezginler.net/tema/stil.css?v=2.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 8825
cf-polished: status=not_needed
content-length: 6589
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: W/"PSA-aj-SJGaPIWfRg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2589909
accept-ranges: bytes
cf-ray: 66ceb1e41a2b1f45-FRA
expires: Mon, 21 Jun 2021 12:27:23 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 15ms
15ms Script
text/javascript 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6800
date: Sun, 11 Jul 2021 00:51:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sun, 11 Jul 2021 02:51:58 GMT

GET
H2 200 yildiz.png
www.gezginler.net/tema/eklenti/rating/jquery/icons/ 1 KB
1 KB 38ms
38ms Image
image/png 2606:4700:10::ac43:1d90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gezginler.net/tema/eklenti/rating/jquery/icons/yildiz.png

Requested by

Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1d90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d0a9d40695d0b84d8a8d2e10df1fea835f901b23ac663ba1fe54c58dc36b1c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /tema/eklenti/rating/jquery/icons/yildiz.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gezginler.net
referer: https://www.gezginler.net/indir/doro-pdf-writer.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gezginler.net/indir/doro-pdf-writer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 1650
cf-polished: origSize=1085
content-length: 1082
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: W/"PSA-aj-8cf7QjLuRp"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2589909
accept-ranges: bytes
cf-ray: 66ceb1e44a5e1f45-FRA
expires: Mon, 21 Jun 2021 12:27:24 GMT

GET
H3-29 200 pubads_impl_2021070701.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
114 KB 29ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js?31061757

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b63d3a021bc40338676b7587fc61214da3ab273779ffa0a97b1a94921f655734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Jul 2021 08:38:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117051
x-xss-protection: 0
expires: Sun, 11 Jul 2021 02:45:18 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 93 B
114 B 29ms
15ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gezginler.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9508aa970ba8c5a693b07525437dcaff354ba32ae4d4c35b64df9413ced64c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Sun, 11 Jul 2021 02:45:18 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 44ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: eksiup.com
URL: https://eksiup.com/ab/gezginler.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:10:01 GMT
server: nginx
etag: W/"60b79139-1d469"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 12 Jul 2021 02:45:18 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/ 240 KB
89 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2837134192211129&plah=www.gezginler.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4119835228203de3978d98f27c2d326dd14f7d0fb412f9a05f4d1589cc83111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91202
x-xss-protection: 0
server: cafe
etag: 7944902488587866712
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Jul 2021 02:45:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/ Frame 495E 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210701/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gezginler.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gezginler.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 10 Jul 2021 22:48:03 GMT
expires: Sat, 24 Jul 2021 22:48:03 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 14235
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
55 B 31ms
16ms Image
image/gif 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=725686887&utmhn=www.gezginler.net&utmcs=windows-1254&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Doro%20PDF%20Writer%20%C4%B0ndir%20-%20%C3%9Ccretsiz%20ve%20Pratik%20PDF%20Olu%C5%9Fturma%20Program%C4%B1%20-%20Gezginler&utmhid=536118099&utmr=-&utmp=%2Findir%2Fdoro-pdf-writer.html&utmht=1625971518183&utmac=UA-70726-1&utmcc=__utma%3D182196785.2014877360.1625971518.1625971518.1625971518.1%3B%2B__utmz%3D182196785.1625971518.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=130842821&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 11 Jul 2021 02:45:18 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 __utm.gif
stats.g.doubleclick.net/ 35 B
55 B 29ms
15ms Image
image/gif 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=961638699&utmhn=www.gezginler.net&utmt=event&utme=5(Ara%C3%A7lar*Tan%C4%B1t%C4%B1m%20Sayfas%C4%B1)&utmcs=windows-1254&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Doro%20PDF%20Writer%20%C4%B0ndir%20-%20%C3%9Ccretsiz%20ve%20Pratik%20PDF%20Olu%C5%9Fturma%20Program%C4%B1%20-%20Gezginler&utmhid=536118099&utmr=-&utmp=%2Findir%2Fdoro-pdf-writer.html&utmht=1625971518186&utmac=UA-70726-1&utmcc=__utma%3D182196785.2014877360.1625971518.1625971518.1625971518.1%3B%2B__utmz%3D182196785.1625971518.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6AAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 14:12:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45148
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 result Show response
www.gezginler.net/cdn-cgi/bm/cv/ 0
386 B 11ms
10ms XHR
text/plain 2606:4700:10::ac43:1d90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gezginler.net/cdn-cgi/bm/cv/result?req_id=66ceb1e3396b1f45
Requested by: Host: www.gezginler.net
URL: https://www.gezginler.net/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://www.gezginler.net
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __utma=182196785.2014877360.1625971518.1625971518.1625971518.1; __utmc=182196785; __utmz=182196785.1625971518.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=182196785.2.9.1625971518
content-length: 444
:path: /cdn-cgi/bm/cv/result?req_id=66ceb1e3396b1f45
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.gezginler.net
referer: https://www.gezginler.net/indir/doro-pdf-writer.html
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.gezginler.net/indir/doro-pdf-writer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
cf-request-id: 0b350d833300001f454b327000000001
server: cloudflare
set-cookie: __cf_bm=e7045423e50c583542819042c1088d05d4533d50-1625971518-1800-Ad7RRyBmseYDg+3BTUO6voTKvxCaEzW0jagcUT0GFONITXD0S3+X6gjFY2R1h4fJTrtBLnyPoeQ2OWjBBXLB+Rsfg0xQyXT6sN5Rqi2rHSSwXLCzpSAzytUrP31cvf8QMhxlB60KXv5cOBSdec+UiDk=; path=/; expires=Sun, 11-Jul-21 03:15:18 GMT; domain=.gezginler.net; HttpOnly; Secure; SameSite=None
cf-ray: 66ceb1e51b241f45-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
440 B 17ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.gezginler.net&callback=_gfp_s_&client=ca-pub-2837134192211129

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2837134192211129&plah=www.gezginler.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2795a001fb1c7d634104ff8e0bf18c88a08568f429b7ce6e883a7031f7b0d7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gezginler.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gezginler.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A7E 81 KB
26 KB 667ms
667ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837134192211129&output=html&h=90&slotname=2579176045&adk=1950978871&adf=1667956287&pi=t.ma~as.2579176045&w=728&lmt=1625971518&psa=0&format=728x90&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518161&bpp=4&bdt=137&idt=126&shv=r20210701&ptt=9&saldr=aa&abxe=1&correlator=6274199554595&frm=20&pv=2&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=555&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AWFEooPiW9&p=https%3A//www.gezginler.net&dtd=137

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87393d4c182d0d9cd7346df536fb50ef6306c63b11600279b1878daef7e8596c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2837134192211129&output=html&h=90&slotname=2579176045&adk=1950978871&adf=1667956287&pi=t.ma~as.2579176045&w=728&lmt=1625971518&psa=0&format=728x90&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518161&bpp=4&bdt=137&idt=126&shv=r20210701&ptt=9&saldr=aa&abxe=1&correlator=6274199554595&frm=20&pv=2&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=555&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AWFEooPiW9&p=https%3A//www.gezginler.net&dtd=137
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gezginler.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gezginler.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 11 Jul 2021 02:45:18 GMT
server: cafe
content-length: 27027
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 11-Jul-2021 03:00:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 11 Jul 2021 02:45:18 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830134516437"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27897
x-xss-protection: 0
expires: Sun, 11 Jul 2021 02:45:18 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 138B 436 B
235 B 167ms
167ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837134192211129&output=html&h=120&slotname=2300946081&adk=568251295&adf=3450886882&pi=t.ma~as.2300946081&w=456&lmt=1625971518&psa=0&format=456x120&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518165&bpp=1&bdt=142&idt=137&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6274199554595&frm=20&pv=1&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=321&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ahjjl87tXH&p=https%3A//www.gezginler.net&dtd=138

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fc403da554fc336faf0f81b58d8e0365ffe727a9c422fe9d1a148ab3872892b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2837134192211129&output=html&h=120&slotname=2300946081&adk=568251295&adf=3450886882&pi=t.ma~as.2300946081&w=456&lmt=1625971518&psa=0&format=456x120&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518165&bpp=1&bdt=142&idt=137&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6274199554595&frm=20&pv=1&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=321&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ahjjl87tXH&p=https%3A//www.gezginler.net&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gezginler.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gezginler.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 11 Jul 2021 02:45:18 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 11-Jul-2021 03:00:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 11 Jul 2021 02:45:18 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 79A8 436 B
237 B 281ms
281ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837134192211129&output=html&h=280&slotname=1209397607&adk=3254850192&adf=515224776&pi=t.ma~as.1209397607&w=336&lmt=1625971518&psa=0&format=336x280&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518166&bpp=1&bdt=143&idt=139&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C456x120&correlator=6274199554595&frm=20&pv=1&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=779&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=44lvv3XdE9&p=https%3A//www.gezginler.net&dtd=140

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d348602982cd67af361c6a797ddac873718ff6f6baea420091a2aab720d34ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2837134192211129&output=html&h=280&slotname=1209397607&adk=3254850192&adf=515224776&pi=t.ma~as.1209397607&w=336&lmt=1625971518&psa=0&format=336x280&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518166&bpp=1&bdt=143&idt=139&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C456x120&correlator=6274199554595&frm=20&pv=1&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=779&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=44lvv3XdE9&p=https%3A//www.gezginler.net&dtd=140
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gezginler.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gezginler.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 11 Jul 2021 02:45:18 GMT
server: cafe
content-length: 214
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 11-Jul-2021 03:00:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 11 Jul 2021 02:45:18 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14C6 14 KB
1021 B 79ms
79ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837134192211129&output=html&adk=1812271804&adf=3025194257&lmt=1625971518&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518173&bpp=1&bdt=149&idt=134&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C456x120%2C336x280&nras=1&correlator=6274199554595&frm=20&pv=1&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=137

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76a825c7f8a656424694118b8f694564ff1d0c4a67da1e34d5d71b1e8cf459dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2837134192211129&output=html&adk=1812271804&adf=3025194257&lmt=1625971518&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518173&bpp=1&bdt=149&idt=134&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C456x120%2C336x280&nras=1&correlator=6274199554595&frm=20&pv=1&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=137
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gezginler.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gezginler.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 11 Jul 2021 02:45:18 GMT
server: cafe
content-length: 998
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 11-Jul-2021 03:00:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 11 Jul 2021 02:45:18 GMT
cache-control: private

GET
H2 200 2de7d4a201450dd00e5b8adc4f453659.js Show response
www.gstatic.com/mysidia/ Frame 8A7E 7 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2de7d4a201450dd00e5b8adc4f453659.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837134192211129&output=html&h=90&slotname=2579176045&adk=1950978871&adf=1667956287&pi=t.ma~as.2579176045&w=728&lmt=1625971518&psa=0&format=728x90&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518161&bpp=4&bdt=137&idt=126&shv=r20210701&ptt=9&saldr=aa&abxe=1&correlator=6274199554595&frm=20&pv=2&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=555&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AWFEooPiW9&p=https%3A//www.gezginler.net&dtd=137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8732ecd03e74a025ce2d26fb67e8b5e91e54c915fc086f74b6f56f6fbba4fdcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 18:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2915
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 07:49:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Oct 2021 18:31:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A7E 3 KB
674 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Jul 2021 02:41:07 GMT
server: ESF
date: Sun, 11 Jul 2021 02:45:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Jul 2021 02:45:18 GMT

GET
H2 200 d4614db1ef4ef407d6625df78ee70086.js Show response
www.gstatic.com/mysidia/ Frame 8A7E 10 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d4614db1ef4ef407d6625df78ee70086.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04ddffc4ffd952b9d840ec2041222c19c8a8419e2307f4ce946f79649a868fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 23:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4375
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 07:49:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Oct 2021 23:02:14 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 8A7E 1 KB
909 B 16ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 02:07:13 GMT

GET
H2 200 8231ccd1a6fa4a0d5e522e337b3ef2bb.js Show response
www.gstatic.com/mysidia/ Frame 8A7E 3 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8231ccd1a6fa4a0d5e522e337b3ef2bb.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eeaa12304219a8441ac4250614690b10e00d8d7a78d92a5ea50114733a3a08e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 20:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1438
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 17:11:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Oct 2021 20:14:23 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/ Frame 8A7E 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 01:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 01:06:45 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 8A7E 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 02:10:05 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A7E 123 KB
37 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:18 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sun, 11 Jul 2021 02:45:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 8A7E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:24:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 02:24:50 GMT

GET
H3-29 200 ef3ed83fa5244dfc7f7ca8c70cdace65.js Show response
www.gstatic.com/mysidia/ Frame 8A7E 26 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef3ed83fa5244dfc7f7ca8c70cdace65.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea13739a6ab669cc2f16a95685c1ed8c0fa771606e3a217cc2093b91103012df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10755
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 17:11:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Oct 2021 17:23:27 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12707636628055865749/ Frame 8A7E 3 KB
3 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12707636628055865749/downsize_200k_v1?w=195&h=102

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517198cd60dd97e03ad1a988c83a99992d1e62f805ffe247ddda67a79a269cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:37:31 GMT
x-content-type-options: nosniff
age: 306468
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3463
x-xss-protection: 0
last-modified: Fri, 07 May 2021 13:23:55 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Jul 2022 13:37:31 GMT

GET
DATA 200
OK truncated
/ Frame 8A7E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A7E 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg8IASoLbGVhZGVyYm9hcmQKCggCKgZzZXJ2ZXIKMQgEKi1teXNpZGlhX2FuYWx5dGljc19leHAxLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKBQgGKgEwCg0QKyEAAAAAAIBDQDAECg0QAyEAAAAzM8uGQDAEEhpDT2F6anZiXzJmRUNGVVNhZHdvZDFsUUNvdyIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d4614db1ef4ef407d6625df78ee70086.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 02:45:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A7E 0
20 B 14ms
13ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg8IASoLbGVhZGVyYm9hcmQKCggCKgZzZXJ2ZXIKMQgEKi1teXNpZGlhX2FuYWx5dGljc19leHAxLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKBQgGKgEwCg0QCiEAAAAAmpkFQDAEEhpDT2F6anZiXzJmRUNGVVNhZHdvZDFsUUNvdyIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d4614db1ef4ef407d6625df78ee70086.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 02:45:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A7E 0
20 B 13ms
13ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg8IASoLbGVhZGVyYm9hcmQKCggCKgZzZXJ2ZXIKMQgEKi1teXNpZGlhX2FuYWx5dGljc19leHAxLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKBQgGKgEwCg0QDSEAAAAAAAAAADAECgwQHioGNzI4eDkwMAQKDBAZKgY3Mjh4OTAwBBIaQ09hemp2Yl8yZkVDRlVTYWR3b2QxbFFDb3ciCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d4614db1ef4ef407d6625df78ee70086.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 02:45:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A7E 0
20 B 13ms
13ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg8IASoLbGVhZGVyYm9hcmQKCggCKgZzZXJ2ZXIKMQgEKi1teXNpZGlhX2FuYWx5dGljc19leHAxLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKBQgGKgEwCg0QDiEAAAAAAAAAADAEEhpDT2F6anZiXzJmRUNGVVNhZHdvZDFsUUNvdyIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d4614db1ef4ef407d6625df78ee70086.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 02:45:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A7E 0
20 B 67ms
67ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg8IASoLbGVhZGVyYm9hcmQKCggCKgZzZXJ2ZXIKMQgEKi1teXNpZGlhX2FuYWx5dGljc19leHAxLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKBQgGKgEwCg0QECEAAAAAQGvaQDAECg0QESEAAAAAgETKQDAECg0QEiEAAAAAAAAQQDAECg0QEyEAAAAAAAAAQDAECg0QBCEAAAAzMwOHQDAEEhpDT2F6anZiXzJmRUNGVVNhZHdvZDFsUUNvdyIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d4614db1ef4ef407d6625df78ee70086.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 02:45:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A7E 0
20 B 14ms
13ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg8IASoLbGVhZGVyYm9hcmQKCggCKgZzZXJ2ZXIKMQgEKi1teXNpZGlhX2FuYWx5dGljc19leHAxLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKBQgGKgEwCg0QDyEAAAAAAAAAADAEEhpDT2F6anZiXzJmRUNGVVNhZHdvZDFsUUNvdyIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d4614db1ef4ef407d6625df78ee70086.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 02:45:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A7E 0
20 B 13ms
13ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg8IASoLbGVhZGVyYm9hcmQKCggCKgZzZXJ2ZXIKMQgEKi1teXNpZGlhX2FuYWx5dGljc19leHAxLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKBQgGKgEwCg0QKyEAAAAAAABJQDAECg0QFCEAAAAAgJXLQDAECg0QFSEAAAAAAAAYQDAECg0QFiEAAAAAAAAIQDAECg0QBSEAAABmZg6HQDAEEhpDT2F6anZiXzJmRUNGVVNhZHdvZDFsUUNvdyIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d4614db1ef4ef407d6625df78ee70086.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 02:45:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8A7E 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAj-3PlvqYOacE8S03gPWqYmYCqLa6dRiuKjTtZMOpvGG46ACEAEgn-2VAmCVAqABz_iTuwHIAQmpAm_Y1dU27bM-qAMByAPLBKoE9wFP0N4mtTqRq95vRHFNimZ1fuZGXXBbmpfM-XpYSl8OVlLS-rTUzJTgVyaDD8L57hw9YGvorehYZhXm0Ge_1NlNrK90Zm2tyI8cqMC5XpFfjqsAd2Nrq5MhCwC69tlqOBiecWBnc7nhUNmGsxyrPS-8I3X8PfWUYPZ5dDgcaS9wuD0FHj8DhVZ_hROWH_msCw82nIQLSYYkMyBlzvkaAn6F48qc32JNOFc_XdxTCvT_DYvBfr0kmT1U5dNbfJKEuB4Dzv3mdmOHHqKvw9Xsy0t2aSsL5LzBFOx8dOoZ8WNtWb6mrmkY30bbcF3UmAZMcrzDMZSNy89vwATejtvvwQOgBi6AB5mH7MQCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENCzBtIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwPQFQGYFgGAFwGyFxoKGAgAEhRwdWItMjgzNzEzNDE5MjIxMTEyOQ&sigh=pA-3afUmZis&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837134192211129&output=html&h=90&slotname=2579176045&adk=1950978871&adf=1667956287&pi=t.ma~as.2579176045&w=728&lmt=1625971518&psa=0&format=728x90&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518161&bpp=4&bdt=137&idt=126&shv=r20210701&ptt=9&saldr=aa&abxe=1&correlator=6274199554595&frm=20&pv=2&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=555&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AWFEooPiW9&p=https%3A//www.gezginler.net&dtd=137
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 11 Jul 2021 02:45:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Jul 2021 02:45:19 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A7E 0
20 B 14ms
13ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg8IASoLbGVhZGVyYm9hcmQKCggCKgZzZXJ2ZXIKMQgEKi1teXNpZGlhX2FuYWx5dGljc19leHAxLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKBQgGKgEwCg0QFyEAAABmZmqIQDAEEhpDT2F6anZiXzJmRUNGVVNhZHdvZDFsUUNvdyIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d4614db1ef4ef407d6625df78ee70086.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 02:45:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8A7E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 803a3884fbe842882c95d1353508f0fdb8d8b8a6dfc850541b5e6154c121dbff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 8A7E 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 03:22:28 GMT
x-content-type-options: nosniff
age: 429771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 03:22:28 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 8A7E 21 KB
21 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 07:00:41 GMT
x-content-type-options: nosniff
age: 416678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 07:00:41 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Awp5MKg.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 8A7E 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Awp5MKg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d190b33e3768d3d52e4ace23765ec377bbb939773376813d72cc22c298a59f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 04:27:36 GMT
x-content-type-options: nosniff
age: 425863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15620
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:27:36 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A7E 0
20 B 14ms
13ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg8IASoLbGVhZGVyYm9hcmQKCggCKgZzZXJ2ZXIKMQgEKi1teXNpZGlhX2FuYWx5dGljc19leHAxLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKBQgGKgEwCg0QGCEAAABmZlqJQDAEEhpDT2F6anZiXzJmRUNGVVNhZHdvZDFsUUNvdyIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d4614db1ef4ef407d6625df78ee70086.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 02:45:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
294 B 13ms
12ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:19 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 06 Jul 2022 02:45:19 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
294 B 13ms
12ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:19 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 06 Jul 2022 02:45:19 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 893B 291 B
724 B 41ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gezginler.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.gezginler.net
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gezginler.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gezginler.net/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1557
set-cookie: uid=7c4b8f53-1389-495e-afa3-ddba53acd777; expires=Mon, 11 Jul 2022 02:45:18 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sun, 11 Jul 2021 02:45:18 GMT
content-length: 321

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 27ms
26ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210701&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ef9133306035626d8d0e27e5d8ddeeb4f40eb5616f93b5733b4181385a0075e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Jul 2021 02:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8439
x-xss-protection: 0

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 52FE 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 22:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Jul 2022 22:46:30 GMT

POST
H2 403 mod_pagespeed_beacon Show response
www.gezginler.net/ 13 KB
7 KB 15ms
14ms XHR
text/html 2606:4700:10::ac43:1d90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gezginler.net/mod_pagespeed_beacon?url=http%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html

Requested by

Host: www.gezginler.net
URL: https://www.gezginler.net/indir/doro-pdf-writer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1d90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8bab1c2ea88d143e25657a5084f98a9bfcba4c572bbfaac71d2fc49c615741e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://www.gezginler.net
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __utma=182196785.2014877360.1625971518.1625971518.1625971518.1; __utmc=182196785; __utmz=182196785.1625971518.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=182196785.2.9.1625971518; __cf_bm=e7045423e50c583542819042c1088d05d4533d50-1625971518-1800-Ad7RRyBmseYDg+3BTUO6voTKvxCaEzW0jagcUT0GFONITXD0S3+X6gjFY2R1h4fJTrtBLnyPoeQ2OWjBBXLB+Rsfg0xQyXT6sN5Rqi2rHSSwXLCzpSAzytUrP31cvf8QMhxlB60KXv5cOBSdec+UiDk=; __gads=ID=1977e3f797c5a71a-22e950a679c8001c:T=1625971518:RT=1625971518:S=ALNI_MYSA18ZV68Z4Ke-jYl91uk-CPWtAA
content-length: 171
:path: /mod_pagespeed_beacon?url=http%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.gezginler.net
referer: https://www.gezginler.net/indir/doro-pdf-writer.html
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.gezginler.net/indir/doro-pdf-writer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 11 Jul 2021 02:45:19 GMT
content-encoding: gzip
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 66ceb1ea8fae1f45-FRA
cf-chl-bypass: 1
cf-request-id: 0b350d869600001f451039b000000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 11 Jul 2021 02:45:19 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 48F4 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gezginler.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gezginler.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 10 Jul 2021 23:06:14 GMT
expires: Sun, 10 Jul 2022 23:06:14 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 15B1 783 B
767 B 21ms
21ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dea8c278973d775788ae536f4ae102a50739825f7b68d579127e2f836f3bc3d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Pz7F8XHDcuw/u7kuePNENw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gezginler.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gezginler.net/

Response headers

expires: Sun, 11 Jul 2021 02:45:19 GMT
date: Sun, 11 Jul 2021 02:45:19 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Pz7F8XHDcuw/u7kuePNENw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 48F4 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 22:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Jul 2022 22:46:30 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210701&jk=2862017578662132&bg=!JCelJ2PNAAbV4AdB1eA7ACkAdvg8WgxOVhwrW_6VAxT9vyIsikiSiY9o_b35QZpghhCV_wM2hh0HUQIAAABLUgAAAAtoAQcKAIKrOZ3bLbNryXxH88AekyGNcQ8rJDx6ZqqfvaM8hhDGuMrzoIbCF_bcMNLTFVD6KNeLqTiH2APCzX4XlAn62iHnrrecbLJaKaxQgwO9tAYKv-KVuNODMogVUaJQs5v1fWvjGL_x4Owodx4b48n6A6dKAj1iNajmocQtFAwzYxsCqCAGmQJ_1yrneDiu90ynKrlBBj4lNVW-kNyHcX3e5supzrA2AbS5FWNTdwyMVthkWn1ht8ZY9Ue2PiE4RWgDZL_HgKfbkBtIGphPjb990uafD5BpzaxZvSxxDcno3GHJmYJYxPP2kKjtT0x-kNh_NjINiACVM1QzK6pmIsQ9UALw19-G8UYGs6XbcCQhlXNNJXDHc5mue2Ev9U8f6AvJpNBk_ztkWMLyqnYiBl-g1hLp7np-NU3ju9bp_QwYhWpfWx9Mix7aix5qz0pg1vuFKE0Pqp4Y5PXoQnm1NjWZ-CbIqxkIygV70i_OW8Btv90DpW2Ulu_TXDQYSVm86Dhc72cJ1DgYkXa-J0M1xfRP6qvbIN6htSgVEehTKk0B9nYqCf_Q9ZLN6rhyIqdCwSKhPa7jVM6hRXA7f9dzL0KL-9WhlY-MEPjpz9N6icx6Sd_Jgt7PkFIHsdazMDZAVpA0W23Ks6l7Gwd02OzJ4swHq-LnW37br1Az1GIoumboepHD9t75ypVlz-UyJHmZz5Cg3sRovsf7q8hhoPqbz6pd2ftkAGH_iiu8odFmUbBZnFRh88qkSXfoktAAl-hJ7hvulwRhmBXuL9c2j-t3T57_o_Js-E9sLwi4GlFVuSEBYW5x-PAYpKpdho2OvqhRrwye-XHJGEH3083eUP3ZdTkJKE4-0PSJ91vaqKEnKEjBGdM6tF4yDUYxsl4yfuKt5g26MG0J_JoZNSNQC2pKPmi5heYBOsLEEwp6lZVilhk7noV6SdSyjo8RBH6qjMc7vekVPeMzwIsil2sz5Rjr2xd57oUVWm_CsuJGbFMGMAP938Xk6FbdZXzCjCiiFmmkqL60G5i2rcpQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gezginler.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 02:45:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8A7E 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP8JKPlvqYOacE8S03gPWqYmYCqLa6dRiuKjTtZMOpvGG46ACEAEgn-2VAmCVAqABz_iTuwHIAQmpAm_Y1dU27bM-qAMBqgT3AU_Q3ia1OpGr3m9EcU2KZnV-5kZdcFual8z5elhKXw5WUtL6tNTMlOBXJoMPwvnuHD1ga-it6FhmFebQZ7_U2U2sr3Rmba3IjxyowLlekV-OqwB3Y2urkyELALr22Wo4GJ5xYGdzueFQ2YazHKs9L7wjdfw99ZRg9nl0OBxpL3C4PQUePwOFVn-FE5Yf-awLDzachAtJhiQzIGXO-RoCfoXjypzfYk04Vz9d3FMK9P8Ni8F-vSSZPVTl01t8koS4HgPO_eZ2Y4ceoq_D1ezLS3ZpKwvkvMEU7Hx06hnxY21ZvqauaRjfRttwXdSYBkxyvMMxlI3Lz2_ABN6O2-_BA6AGLoAHmYfsxAKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ0LMG0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTA9AVAZgWAYAXAbIXGgoYCAASFHB1Yi0yODM3MTM0MTkyMjExMTI5&sigh=jfC0QkP8nPk&vt=1&template_id=5000&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837134192211129&output=html&h=90&slotname=2579176045&adk=1950978871&adf=1667956287&pi=t.ma~as.2579176045&w=728&lmt=1625971518&psa=0&format=728x90&url=https%3A%2F%2Fwww.gezginler.net%2Findir%2Fdoro-pdf-writer.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625971518161&bpp=4&bdt=137&idt=126&shv=r20210701&ptt=9&saldr=aa&abxe=1&correlator=6274199554595&frm=20&pv=2&ga_vid=2014877360.1625971518&ga_sid=1625971518&ga_hid=536118099&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=555&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2862017578662132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AWFEooPiW9&p=https%3A//www.gezginler.net&dtd=137
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 11 Jul 2021 02:45:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A7E 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYgLUKG-pcYamgo_uEEyLwuncEu-77aAEdIYoHSDfLGhi8EHGeSvfUVso8pZPwlvZBexAn4ek6G6Dx8eBRiA2NahURaGPkejbeZiSY5GsgCdobznBhk8C2qvx-8A&sai=AMfl-YTkGFLBpqkBKZ9cwgx_d8aPPdKLef82FVaQZmqtojyiHc0izkTMun5L3nkgksYVqyvtgcXSfD1ITHk8&sig=Cg0ArKJSzDeSuko5r8ofEAE&id=lidar2&mcvt=1000&p=50,555,140,1283&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210709&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1950978871&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625971518300&dlt=671&rpt=40&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 02:45:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gezginler.net/	1970-01-20 05:01:07	Name: __gads Value: ID=1977e3f797c5a71a-22e950a679c8001c:T=1625971518:RT=1625971518:S=ALNI_MYSA18ZV68Z4Ke-jYl91uk-CPWtAA
.gezginler.net/	1970-01-19 19:39:33	Name: __cf_bm Value: e7045423e50c583542819042c1088d05d4533d50-1625971518-1800-Ad7RRyBmseYDg+3BTUO6voTKvxCaEzW0jagcUT0GFONITXD0S3+X6gjFY2R1h4fJTrtBLnyPoeQ2OWjBBXLB+Rsfg0xQyXT6sN5Rqi2rHSSwXLCzpSAzytUrP31cvf8QMhxlB60KXv5cOBSdec+UiDk=
.gezginler.net/	1970-01-19 19:39:32	Name: __utmt Value: 1
.gezginler.net/	1970-01-20 00:02:19	Name: __utmz Value: 182196785.1625971518.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.doubleclick.net/	1970-01-20 05:01:07	Name: IDE Value: AHWqTUmdTLLNk4ZnVZ8kkgrI2a4ysbPX7uoQs7lZUaF-tsqH9kOzoASDXbPjY-FPsEA
.gezginler.net/	1970-01-19 19:39:33	Name: __utmb Value: 182196785.2.9.1625971518
.gezginler.net/	1969-12-31 23:59:59	Name: __utmc Value: 182196785
.gezginler.net/	1970-01-20 13:10:43	Name: __utma Value: 182196785.2014877360.1625971518.1625971518.1625971518.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.gezginler.net
eksiup.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.gezginler.net
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.181.226
2606:4700:10::ac43:1d90
2606:4700:3033::ac43:9ddd
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9a
2a00:1450:400c:c08::9a
2a02:2638:1::13
2a02:2638:1::3
31.3.2.119
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
04ddffc4ffd952b9d840ec2041222c19c8a8419e2307f4ce946f79649a868fbf
08830350e81b25f2e8a58f54f329b274bffdbde7261575d73e5794ab2921e40c
0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2
10d643bc23022abe69fa5010263edafc06b18797f7bcdbeea82bb5b9ca8f0aff
12fb1dfcd49105852d37abc76b93697291ba3d591c76e65ba0ac7b2f55b5cc93
15ad921a830f46ea33b930f13187352272249a2863ee3f680a08c98cbcee19cf
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d348602982cd67af361c6a797ddac873718ff6f6baea420091a2aab720d34ae
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
21aff6ee19f9a2fe36316e339b5e52383f4cbcc3c27325fb497223b81bb15686
2795a001fb1c7d634104ff8e0bf18c88a08568f429b7ce6e883a7031f7b0d7ea
2d0a9d40695d0b84d8a8d2e10df1fea835f901b23ac663ba1fe54c58dc36b1c6
35466afb94a4844480221bd124d3a110744a296c487096600c88d412b0629904
3ef9133306035626d8d0e27e5d8ddeeb4f40eb5616f93b5733b4181385a0075e
47f38599d2a8068f976ddbd6b89768338bfc4e63593e5045fb43846c43b1e3ad
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fc403da554fc336faf0f81b58d8e0365ffe727a9c422fe9d1a148ab3872892b
517198cd60dd97e03ad1a988c83a99992d1e62f805ffe247ddda67a79a269cbe
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5815efa1056a1afc825e71221ff7722e0d891ea624851d1652a41c905d205d5c
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5ad73612f12f05dfb07d437a5d3d9a19c5ed14ced0b78362eadd9ac8effde3ec
5eeaa12304219a8441ac4250614690b10e00d8d7a78d92a5ea50114733a3a08e
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f
76a825c7f8a656424694118b8f694564ff1d0c4a67da1e34d5d71b1e8cf459dd
803a3884fbe842882c95d1353508f0fdb8d8b8a6dfc850541b5e6154c121dbff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8732ecd03e74a025ce2d26fb67e8b5e91e54c915fc086f74b6f56f6fbba4fdcc
87393d4c182d0d9cd7346df536fb50ef6306c63b11600279b1878daef7e8596c
8df7d2c68be6671394e4afa2dbb56930ccd29851aea8a898ce6168fb4b1b6b5d
8ff02b10d653ce09779d08866d3f5d91be0d23d4a75af849e9308b9611d473b9
905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4
9508aa970ba8c5a693b07525437dcaff354ba32ae4d4c35b64df9413ced64c92
9b0f6ac75980f9d4eeaff60259a52a156c959b07d368f69ea02658f512bc2f17
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a1c8e45988843e6ad79e763b6220524c01fda09e7a0229fc1b520143d2a2d6c9
a2eb9d88c19218d2e62a9247794581a983ba9e9d3fceeb5ac208c030f2a46ec8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cd51b7abf26bfcb32e0ad117f5010932d24f6603f4ed18ed206e3ee24ec36f
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7192590ddffde990a58a5bafde5ce39a66a21e833220ef37d8364ca0045514a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b572b294d955c258deca6e5b451e4a85092672b6d88f5c09a92bdb324370d963
b63d3a021bc40338676b7587fc61214da3ab273779ffa0a97b1a94921f655734
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
c3b406c28b6fdda80a2471a8bd3960375399bbceed1195c6a76c01fcd9324985
d190b33e3768d3d52e4ace23765ec377bbb939773376813d72cc22c298a59f3c
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d3bcc257feb459d015ff851e04618a75b96a0bde593a83848518cb7ec0b9a28a
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dd817e323af210fa8a77dde86a58e57468d9d259af3b513cf1ed7a5e367b53a1
dea8c278973d775788ae536f4ae102a50739825f7b68d579127e2f836f3bc3d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4119835228203de3978d98f27c2d326dd14f7d0fb412f9a05f4d1589cc83111
e490fc9b091806a3c0f4a58e148a3e117b55a218d18a05c8a763ea5dfa3f1561
e6cc07feb1139efe8dd909ed14d198f34bd6f765259a8ec7f39276667f578724
ea13739a6ab669cc2f16a95685c1ed8c0fa771606e3a217cc2093b91103012df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f8bab1c2ea88d143e25657a5084f98a9bfcba4c572bbfaac71d2fc49c615741e
fd140742c354c506c7bb90f383e236b9b6886581b286fa810ebdd27540181846
ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3

www.gezginler.net Open in urlscan Pro 2606:4700:10::ac43:1d90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

100 %HTTPS

91 %IPv6

12 Domains

18 Subdomains

23 IPs

4 Countries

728 kBTransfer

1841 kBSize

8 Cookies

4 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gezginler.net Open in urlscan Pro
2606:4700:10::ac43:1d90 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

100 %
HTTPS

91 %
IPv6

12
Domains

18
Subdomains

23
IPs

4
Countries

728 kB
Transfer

1841 kB
Size

8
Cookies

79 HTTP transactions
2 data transactions