bagis.unicefturk.org Open in urlscan Pro
172.67.143.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bagis.unicefturk.org/en
Submission: On January 10 via api (January 10th 2025, 4:04:07 am UTC) from US — Scanned from CH

Summary HTTP 109 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 49 IPs in 10 countries across 42 domains to perform 109 HTTP transactions. The main IP is 172.67.143.164, located in United States and belongs to CLOUDFLARENET, US. The main domain is bagis.unicefturk.org.
TLS certificate: Issued by WE1 on January 4th 2025. Valid for: 3 months.

This is the only time bagis.unicefturk.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	172.67.143.164 172.67.143.164	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
1	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	2606:4700:7::... 2606:4700:7::a29f:863d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.96.73.50 34.96.73.50	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
2	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
2 3	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	35.214.136.108 35.214.136.108	19527 (GOOGLE-2) (GOOGLE-2)
2 3	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-FR...) (IGUANE-FR Iguane Solutions SAS)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.214.247.153 52.214.247.153	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.116 162.19.138.116	16276 (OVH OVH SAS) (OVH OVH SAS)
1 2	34.250.141.206 34.250.141.206	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2.19.216.27 2.19.216.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.74.196.113 3.74.196.113	16509 (AMAZON-02) (AMAZON-02)
1	44.239.49.12 44.239.49.12	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.184.206.66 18.184.206.66	16509 (AMAZON-02) (AMAZON-02)
1	91.134.110.137 91.134.110.137	16276 (OVH OVH SAS) (OVH OVH SAS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
1	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f10:4ce... 2600:1f10:4ce4:4a02:550f:72f4:d87a:7008	14618 (AMAZON-AES) (AMAZON-AES)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS Cronon GmbH)
1	2.23.240.137 2.23.240.137	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	54.72.205.68 54.72.205.68	16509 (AMAZON-02) (AMAZON-02)
1	3.69.214.99 3.69.214.99	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (Amobee NE...) (Amobee NEXXEN GROUP LTD)
6	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
109	49

40 172.67.143.164 (United States)

ASN13335 (CLOUDFLARENET, US)

bagis.unicefturk.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f131.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

downloads.unicef.org.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)

unicefturk.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.73.50 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 50.73.96.34.bc.googleusercontent.com

cpi.unicefturk.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.136.108 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.85 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-FR Iguane Solutions SAS, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.247.153 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-247-153.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.250.141.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-141-206.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.216.27 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.196.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-196-113.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.49.12 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-49-12.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.206.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-206-66.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.134.110.137 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip137.ip-91-134-110.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f10:4ce4:4a02:550f:72f4:d87a:7008 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS Cronon GmbH, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.240.137 (Doha, Qatar)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-23-240-137.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.205.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-205-68.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.214.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-214-99.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (Amobee NEXXEN GROUP LTD, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	unicefturk.org bagis.unicefturk.org cpi.unicefturk.org	898 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	632 B
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 135 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	5 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 450 sslwidget.criteo.com — Cisco Umbrella Rank: 2375 dis.criteo.com — Cisco Umbrella Rank: 702	6 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	159 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	337 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 281	3 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	64 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	34 KB
3	gstatic.com fonts.gstatic.com	81 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 513	739 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 800	906 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 262	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1967	2 KB
2	google.ch www.google.ch — Cisco Umbrella Rank: 31394	562 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1246	378 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2034	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3004	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 6846	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 56696	580 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 429	140 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2884	398 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2996	278 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1988	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 739	587 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 530	58 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 419	1 KB
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 920	579 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 897	218 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1040	533 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1697	880 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 724	833 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 15557	265 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 533	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 848	341 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 393	183 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255	15 KB
1	useinsider.com unicefturk.api.useinsider.com	483 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	21 KB
1	unicef.org.uk downloads.unicef.org.uk	4 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 79
109	42

	Domain	Requested by
40	bagis.unicefturk.org	bagis.unicefturk.org
7	www.facebook.com	connect.facebook.net
5	connect.facebook.net	bagis.unicefturk.org connect.facebook.net cpi.unicefturk.org
4	www.googletagmanager.com	bagis.unicefturk.org www.googletagmanager.com
3	ib.adnxs.com	2 redirects
3	cdnjs.cloudflare.com	bagis.unicefturk.org
3	fonts.gstatic.com	fonts.googleapis.com
2	sync.1rx.io	2 redirects
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	www.google.ch
2	td.doubleclick.net	www.googletagmanager.com
2	www.google.com	www.googletagmanager.com
2	gum.criteo.com	1 redirects static.criteo.net
2	cpi.unicefturk.org	bagis.unicefturk.org cpi.unicefturk.org
2	fonts.googleapis.com	bagis.unicefturk.org
1	sync.targeting.unrulymedia.com
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	eb2.3lift.com
1	criteo-partners.tremorhub.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	contextual.media.net
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	x.bidswitch.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	sslwidget.criteo.com	static.criteo.net
1	maxcdn.bootstrapcdn.com	bagis.unicefturk.org
1	unicefturk.api.useinsider.com	bagis.unicefturk.org
1	static.criteo.net	bagis.unicefturk.org
1	downloads.unicef.org.uk	bagis.unicefturk.org
1	www.youtube.com	bagis.unicefturk.org
109	49

This site contains links to these domains. Also see Links.

Domain
www.unicefturk.org
www.hayatverenhediyeler.org
api.whatsapp.com
twitter.com
unicefturk.org
acikacik.org
www.crealive.net

Subject Issuer	Validity	Valid
unicefturk.org WE1	`2025-01-04` - `2025-04-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
downloads.unicef.org.uk WE1	`2024-12-31` - `2025-03-31`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-19` - `2025-01-17`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-25`	3 months	crt.sh
useinsider.com WE1	`2025-01-01` - `2025-04-02`	3 months	crt.sh
cpi.nissan.com.tr WR3	`2024-12-18` - `2025-03-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.doubleclick.net WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.google.ch WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-23`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
id5-sync.com E6	`2024-11-11` - `2025-02-09`	3 months	crt.sh
itm.ivitrack.com R11	`2024-12-08` - `2025-03-08`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2024-10-23` - `2025-10-22`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2024-05-06` - `2025-06-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M03	`2024-07-31` - `2025-08-30`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2024-11-13` - `2025-12-02`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-12-01` - `2025-12-31`	a year	crt.sh
teads.tv R10	`2024-11-25` - `2025-02-23`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M02	`2024-12-24` - `2026-01-23`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2024-12-19` - `2026-01-19`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-08` - `2025-08-10`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://bagis.unicefturk.org/en
Frame ID: 98FF775C8917E9FCC583C7EA3520381A
Requests: 77 HTTP requests in this frame

Frame: https://www.youtube.com/embed/0ZiEwDJMxjs
Frame ID: E51C9F654085385003AB3BFD12760CD7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=bagis.unicefturk.org&origin=onetag
Frame ID: 1B98B0AE5604938F4109569F64DD5AF8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v18.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df982d7096e683f03b%26domain%3Dbagis.unicefturk.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbagis.unicefturk.org%252Ffe7fe374d17c31400%26relation%3Dparent.parent&container_width=160&href=https%3A%2F%2Fbagis.unicefturk.org%2F&layout=button&locale=tr_TR&sdk=joey&size=large
Frame ID: 328D898DD8A99576F9C007D70B2286B3
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/5190/sw_iframe.html?origin=https%3A%2F%2Fbagis.unicefturk.org
Frame ID: 11F293606C0F8FD13DEF0773219A2A14
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/927726233?random=1736481841588&cv=11&fst=1736481841588&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5190v9102599439z8856505972za201zb856505972&gcd=13l3l3R3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fbagis.unicefturk.org%2Fen&hn=www.googleadservices.com&frm=0&tiba=What%20you%20are%20about%20to%20do%20can%20change%20a%20child%27s%20life%20forever.%20Donate%20now.%20%7C%20Ba%C4%9F%C4%B1%C5%9F%20Unicef%20T%C3%BCrk&npa=0&pscdl=noapi&auid=2023089454.1736481841&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 3111C2AD85EACCDAFDDB4502ADC6E81E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-LJ9J0VR4PB&gacid=1216777525.1736481842&gtm=45je5190v9104661066z8856505972za200zb856505972&dma=0&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=754955754
Frame ID: F966113ECF19A31D87D41CE31420D46D
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-PirX0saPRq3cZsbnxP2qxzovpY-4FXZXiNfSMQ&expires=30
Frame ID: 73443AA234850A5D79230F2AEFA1E243
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

What you are about to do can change a child's life forever. Donate now. | Bağış Unicef Türk

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

109
Requests

94 %
HTTPS

25 %
IPv6

42
Domains

49
Subdomains

49
IPs

10
Countries

1574 kB
Transfer

3238 kB
Size

58
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.unicefturk.org/
Title: UNICEF TMK

Search URL Search Domain Scan URL

URL: https://www.hayatverenhediyeler.org/
Title: Life Giving Gifts

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=En%20zor%20durumdaki%20%C3%A7ocuklar%C4%B1n%20ihtiya%C3%A7lar%C4%B1na%20destek%20olmak%20ad%C4%B1na%20UNICEF%27e%20ba%C4%9F%C4%B1%C5%9F%20yapt%C4%B1m.%20Sen%20de%20ba%C4%9F%C4%B1%C5%9F%C4%B1nla%20bu%20iyili%C4%9Fe%20ortak%20ol.%20https://bagis.unicefturk.org
Title: Whatsapp'ta paylaş

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=En%20zor%20durumdaki%20%C3%A7ocuklar%C4%B1n%20ihtiya%C3%A7lar%C4%B1na%20destek%20olmak%20ad%C4%B1na%20UNICEF%27e%20ba%C4%9F%C4%B1%C5%9F%20yapt%C4%B1m.%20Sen%20de%20ba%C4%9F%C4%B1%C5%9F%C4%B1nla%20bu%20iyili%C4%9Fe%20ortak%20ol.%20https://bagis.unicefturk.org/
Title: Twitter'da Paylaş

Search URL Search Domain Scan URL

URL: https://unicefturk.org/yazi/cerez-politikasi
Title: Çerez Politikasını

Search URL Search Domain Scan URL

URL: https://acikacik.org/

Search URL Search Domain Scan URL

URL: https://www.unicefturk.org/sayfa/iletisim
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.unicefturk.org/yazi/genel-kisisel-verileri-koruma-politikasi
Title: Personal Data Protection Policy

Search URL Search Domain Scan URL

URL: https://www.unicefturk.org/yazi/genel-aydinlatma-metni
Title: Clarification Text

Search URL Search Domain Scan URL

URL: https://www.unicefturk.org/yazi/ilgili-kisi-basvuru-formu
Title: Relevant Person Application Form

Search URL Search Domain Scan URL

URL: https://www.unicefturk.org/site-haritasi
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.crealive.net/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-gElLtcaPRq3cZsbnxP2qxzovpY9jh2ytqma_uA&google_cm&google_hm=ay1nRWxMdGNhUFJxM2Nac2JueFAycXh6b3ZwWTlqaDJ5dHFtYV91QQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-gElLtcaPRq3cZsbnxP2qxzovpY9jh2ytqma_uA&google_cm=&google_hm=ay1nRWxMdGNhUFJxM2Nac2JueFAycXh6b3ZwWTlqaDJ5dHFtYV91QQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-gElLtcaPRq3cZsbnxP2qxzovpY9jh2ytqma_uA&google_gid=CAESEFcVbQpjizKflhtGi_w38ho&google_cver=1&google_ula=913071,0

Request Chain 76

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5742185885915938801

Request Chain 78

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sRYtTsaPRq3cZsbnxP2qxzovpY_DM1ANJOHwzw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sRYtTsaPRq3cZsbnxP2qxzovpY_DM1ANJOHwzw&C=1

Request Chain 79

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Hw6eMCxlP1T0FckqjBQ3pyjmjN3Hj4uZ HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Hw6eMCxlP1T0FckqjBQ3pyjmjN3Hj4uZ

Request Chain 81

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-y1NdqMaPRq3cZsbnxP2qxzovpY_zyObz8l5b9g HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-y1NdqMaPRq3cZsbnxP2qxzovpY_zyObz8l5b9g

Request Chain 99

https://sync.1rx.io/usersync/criteodsp/k-F_DAu8aPRq3cZsbnxP2qxzovpY-juahE5_BloQ HTTP 302
https://sync.1rx.io/usersync/criteodsp/k-F_DAu8aPRq3cZsbnxP2qxzovpY-juahE5_BloQ?zcc=1&cb=1736481842141 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e979d372-122c-4051-938f-b2d79c499e1d-003

109 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request en Show response
bagis.unicefturk.org/ 65 KB
18 KB 286ms
240ms Document
text/html 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c710989880bc8bbbf43282f1bbe2cafee19682be4d5893403bb73d7fc3be56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8ff9c7ce8c12bbf6-ZRH
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 10 Jan 2025 04:04:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2FOnTGprauDRIzhkIg3VN5HfrBR2QEWkgrYYt4HmFi8mkxNvikc6ABCnadV3SQA%2FHJ5lFbGilY4rd4X%2B%2ByeeuTFFwbSUgUEoIB%2FPrkR%2BnGslplRPVdQoB2emgpCgQTShyDk%2B6EkVkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16015&min_rtt=15617&rtt_var=2762&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4146&recv_bytes=4489&delivery_rate=677&cwnd=12000&unsent_bytes=0&cid=f079dac55e610c12&ts=247&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 99ms
37ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind|Roboto

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7e4879a4ab1cf463d39797b10da465678d60ada59ad33b549c801e27c672c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 10 Jan 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 10 Jan 2025 04:04:00 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 97ms
35ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=latin,latin-ext&display=swap

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e31541388c63ed648c1c16302c042bd8d0305f0e44d0093d72a593a59503e26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 10 Jan 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 10 Jan 2025 04:04:00 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 font-awesome.min.min.css
bagis.unicefturk.org/assets/css/ 26 KB
7 KB 155ms
154ms Stylesheet
text/css 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/css/font-awesome.min.min.css?v=5.4.1ij

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1469439e8a702d51dcce0210f08984fa4f82d22bf8363c2638fa90005844a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"6840-5eda460e-340a54;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ifp645tkx%2FuzSPGkdPzJ%2B9NAKaoXXeDXl%2FVxkcs7%2FFqa%2BgAoysnHUYEd9jB2FZta81XexPHsfHFwgI5fSPhoK78vUGqHvOJcXTjBeYqBSWon7U0gGNHkHZkhZVvgHXDAvmsByoeHAw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18102&min_rtt=15617&rtt_var=1979&sent=50&recv=41&lost=0&retrans=0&sent_bytes=43148&recv_bytes=19972&delivery_rate=493524&cwnd=24000&unsent_bytes=0&cid=f079dac55e610c12&ts=421&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: text/css
last-modified: Fri, 05 Jun 2020 13:18:06 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02ccdbbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 style.minc225.css
bagis.unicefturk.org/assets/css/ 52 KB
9 KB 151ms
150ms Stylesheet
text/css 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/css/style.minc225.css?v=5.4.1

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83be2f6abce87bbf5c61970947091b05c0326ea68f209f7b9cc715dc12ddd58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"d1c8-5ece177e-340a57;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=94GSHGL5AIKWGv3kNRpX2dugShXabsCjRDjLtsBKAgwqf%2Frj7QSujcVgBNhfooQiYfhdIRwBcuxs6trAnB06F7DknAcwNsC9Q3%2BCsxrgzPIsUMF8E7kc7kUqxNNGzFu94%2FdNS6T%2FcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18102&min_rtt=15617&rtt_var=1979&sent=42&recv=41&lost=0&retrans=0&sent_bytes=33672&recv_bytes=19972&delivery_rate=493524&cwnd=24000&unsent_bytes=0&cid=f079dac55e610c12&ts=417&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: text/css
last-modified: Wed, 27 May 2020 07:32:14 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02ccebbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 main.min8cc3.css
bagis.unicefturk.org/assets/css/ 140 KB
26 KB 202ms
201ms Stylesheet
text/css 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/css/main.min8cc3.css?v=1pm6

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11645ae97ed41c5b453c83e0a78f3d3ac4cf688dcfab54e76007dd3056d49770

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"2303a-5f870d54-340a56;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2TLCoisOuobXMEoW3%2B4nEhrcoEfN4U71ggoKPIOAMy4Ncm1LO0E5XKWHt73SgG7qIDoJVVW1yqgcTrpNCqgNn7hSZA7bhv%2BA3pFZSDiFrqvdUl6kVKfCVAuz8xCWWXdZRECaGhgPA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17205&min_rtt=15579&rtt_var=935&sent=103&recv=57&lost=0&retrans=0&sent_bytes=99265&recv_bytes=20666&delivery_rate=1317792&cwnd=34800&unsent_bytes=0&cid=f079dac55e610c12&ts=464&x=1", cfExtPri, cfHdrFlush;dur=4
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: text/css
last-modified: Wed, 14 Oct 2020 14:38:12 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02ccfbbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 square_logo-x2.png
bagis.unicefturk.org/assets/uploads/2016/08/ 41 KB
41 KB 222ms
222ms Image
image/png 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bagis.unicefturk.org/assets/uploads/2016/08/square_logo-x2.png

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1c524c0bab6edaaeb8a283c38fe6e5fff943c2b41f6f2bbde0723434d073e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

cf-cache-status: MISS
etag: "a25a-5ece178c-3a1e49;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3dsM325OVoVfir08qhIjnYpn6If3DsAc%2BcRGUnM3AWu9kWZ6XeMcC9VVd%2FgL%2BBSF7nqpeUdXFMi8kx%2BC8TIAI8zwnUdIkRjBV8yTTCvQN%2FoapIsnYyWtligVFyaqr6zghHxxy2JUng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18270&min_rtt=15579&rtt_var=1345&sent=147&recv=77&lost=0&retrans=0&sent_bytes=148542&recv_bytes=21552&delivery_rate=2666233&cwnd=54000&unsent_bytes=0&cid=f079dac55e610c12&ts=489&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/png
last-modified: Wed, 27 May 2020 07:32:28 GMT
vary: Accept-Encoding
priority: u=2,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cd0bbf6-ZRH
accept-ranges: bytes
content-length: 41562
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 logo_en.png
bagis.unicefturk.org/assets/images/ 22 KB
23 KB 186ms
185ms Image
image/png 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bagis.unicefturk.org/assets/images/logo_en.png

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a91c2e1981743a889929531650204119fdc4059633ef947ad47809fbf2e73cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

cf-cache-status: MISS
etag: "5740-5f5b6979-340ab9;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B6paSXx1KiF6OZ4417gUpH%2BJmJj1oK568QLgmSVxlOuESntzowyiz5EqvCCbCcDxittGf1Ut4M3teKei2R6oOusCcDTvMj2Ar6MvKc2Klf64hqXoq02k2N8VUYH3u7rLG1MNPK01ng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17205&min_rtt=15579&rtt_var=935&sent=74&recv=57&lost=0&retrans=0&sent_bytes=65191&recv_bytes=20666&delivery_rate=1317792&cwnd=34800&unsent_bytes=0&cid=f079dac55e610c12&ts=452&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/png
last-modified: Fri, 11 Sep 2020 12:11:37 GMT
vary: Accept-Encoding
priority: u=2,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cd1bbf6-ZRH
accept-ranges: bytes
content-length: 22336
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 UNC-345-FORM%20BANNER-1920_7002.jpg
bagis.unicefturk.org/public/uploads/images/ 191 KB
192 KB 240ms
240ms Image
image/jpeg 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bagis.unicefturk.org/public/uploads/images/UNC-345-FORM%20BANNER-1920_7002.jpg

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5508eac16f64b7700be0922f007b0b001053afef4b98e4eee0acaa40d1df4b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

cf-cache-status: MISS
etag: "2fb28-63fef977-360b1b;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0HAdElwVs3kMr9Xvb6A9S3bVBMSxF%2FbAbXtLVLRPD005BSNupdYKnBi5zbpm9imosSen12aJyMLRIl1%2FxaNjE%2FzXkI1YXeKfJerlDXJIn4NbvrLA7ixRumHk9AxgbyUKUyzeVuAEKA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18227&min_rtt=15579&rtt_var=1096&sent=193&recv=78&lost=0&retrans=0&sent_bytes=202542&recv_bytes=21598&delivery_rate=2715960&cwnd=54000&unsent_bytes=0&cid=f079dac55e610c12&ts=493&x=1", cfExtPri, cfHdrFlush;dur=12
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/jpeg
last-modified: Wed, 01 Mar 2023 07:06:31 GMT
vary: Accept-Encoding
priority: u=2,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cd2bbf6-ZRH
accept-ranges: bytes
content-length: 195368
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 UNC-345-FORM%20BANNER-353_151.jpg
bagis.unicefturk.org/public/uploads/images/ 61 KB
62 KB 239ms
238ms Image
image/jpeg 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bagis.unicefturk.org/public/uploads/images/UNC-345-FORM%20BANNER-353_151.jpg

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

678d938d4348bbf8c8aa5299a77f3d9f652e0bc95f37fa339ed07e912200ebec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

cf-cache-status: MISS
etag: "f5bc-5f620ee4-360b26;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRIMsxWB8xgUBWHG5Yy4Q1yEV9aySID%2BF2wfSr2Th%2BBdwYm6aqcU4Rz8xo3C6TcYv3eyrItDhHwQ%2B5Gy3D8XuB58%2BUwSP5D1kyqRvX3JYNdoZdDr2g7zi%2F0YuwiEUZl%2B3jV9sSjKZA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18227&min_rtt=15579&rtt_var=1096&sent=193&recv=78&lost=0&retrans=0&sent_bytes=202542&recv_bytes=21598&delivery_rate=2715960&cwnd=54000&unsent_bytes=0&cid=f079dac55e610c12&ts=497&x=1", cfExtPri, cfHdrFlush;dur=8
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/jpeg
last-modified: Wed, 16 Sep 2020 13:11:00 GMT
vary: Accept-Encoding
priority: u=2,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cd3bbf6-ZRH
accept-ranges: bytes
content-length: 62908
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 UNC-345-FORM%20BANNER-353_15132(2).jpg
bagis.unicefturk.org/public/uploads/images/ 70 KB
71 KB 242ms
241ms Image
image/jpeg 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bagis.unicefturk.org/public/uploads/images/UNC-345-FORM%20BANNER-353_15132(2).jpg

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6861c77829c3876dd1eb5282a33b6c3e4e1ddd0b834404acc7890c6f37cd9080

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

cf-cache-status: MISS
etag: "119ad-5f33d6fd-360b40;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hTag2DAv3I08dtx9JL6VEDcmnC7z8Z0XkVQapAtxWoq7YaZAYwiyIZ8EjIZjTklsL6%2Bg2xtfg5%2B0Q3KVk8sGrSGetGH%2FlpKGwpDh0mGS7jYHeUtRsZogZ9LDiTeGPhgMWeqerD%2B33A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18227&min_rtt=15579&rtt_var=1096&sent=193&recv=78&lost=0&retrans=0&sent_bytes=202542&recv_bytes=21598&delivery_rate=2715960&cwnd=54000&unsent_bytes=0&cid=f079dac55e610c12&ts=503&x=1", cfExtPri, cfHdrFlush;dur=2
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/jpeg
last-modified: Wed, 12 Aug 2020 11:48:13 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cd5bbf6-ZRH
accept-ranges: bytes
content-length: 72109
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 UNC-345-FORM%20BANNER-353_1513.jpg
bagis.unicefturk.org/public/uploads/images/ 50 KB
51 KB 241ms
240ms Image
image/jpeg 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bagis.unicefturk.org/public/uploads/images/UNC-345-FORM%20BANNER-353_1513.jpg

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf53cfe53b612ff612002a4e8ea246d45fc4ea341b1a434106fdc1da23b402b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

cf-cache-status: MISS
etag: "c929-5f17e4d5-360b3b;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VIuNqVBfsHe0OAnCg652vIRbUJqawrlDEmiTD6aVDksEngH6SjUgDA9CVQPKZVuVG8tbEtX6zfviIz3SwSi0W2qG44poFhNpmaccXyKNZO5sdvSbMmj0GFBWRtBxl2TxB5fodW78%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18227&min_rtt=15579&rtt_var=1096&sent=193&recv=78&lost=0&retrans=0&sent_bytes=202542&recv_bytes=21598&delivery_rate=2715960&cwnd=54000&unsent_bytes=0&cid=f079dac55e610c12&ts=494&x=1", cfExtPri, cfHdrFlush;dur=13
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/jpeg
last-modified: Wed, 22 Jul 2020 07:03:49 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cd6bbf6-ZRH
accept-ranges: bytes
content-length: 51497
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 pay-logo-visa.png
bagis.unicefturk.org/assets/images/ 1 KB
2 KB 148ms
147ms Image
image/png 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bagis.unicefturk.org/assets/images/pay-logo-visa.png

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72301a4ec2cab608630c22fc1c3e30ce2390637e2eac24f41349bb2a46406e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

cf-cache-status: MISS
etag: "594-5ece1782-340ac6;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CUJZPdLUcvhdlYl%2BMAY%2FJu3zkqXQ0Zb%2FY4QQn3Okxt72teE%2B%2B9W1S4ji%2FiW9yUP4Vn6SeK9foqg%2FIbVIPuvCJ%2B2m%2FnmsiYVXUxD%2B7zzkLwPFlczGUvBnD4XhVXC4RmS4Igsug87OPA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18102&min_rtt=15617&rtt_var=1979&sent=40&recv=41&lost=0&retrans=0&sent_bytes=31426&recv_bytes=19972&delivery_rate=493524&cwnd=24000&unsent_bytes=0&cid=f079dac55e610c12&ts=416&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/png
last-modified: Wed, 27 May 2020 07:32:18 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cd7bbf6-ZRH
accept-ranges: bytes
content-length: 1428
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 pay-logo-mc.png
bagis.unicefturk.org/assets/images/ 5 KB
6 KB 164ms
163ms Image
image/png 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bagis.unicefturk.org/assets/images/pay-logo-mc.png

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34eea3d07ecfa69bcf4e90cf420884fd0a3a988c249df45c431da91144ac1e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

cf-cache-status: MISS
etag: "13f8-5ece1782-340ac4;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EANRKIvekSKK1m9z2v0U1z7R4pgH1k3ahaZFBoH78yEWKe%2BCRyJYdh6gL7YiUc94E%2F%2B0I4Zv71dbjmncuHnsPt75HSXu%2FseaearyKOr7yrMd8ssm0K6BA4CCUAwtZ2mfM%2BAU5ECRRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18102&min_rtt=15617&rtt_var=1979&sent=62&recv=41&lost=0&retrans=0&sent_bytes=55426&recv_bytes=19972&delivery_rate=493524&cwnd=24000&unsent_bytes=0&cid=f079dac55e610c12&ts=424&x=1", cfExtPri, cfHdrFlush;dur=8
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/png
last-modified: Wed, 27 May 2020 07:32:18 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cd8bbf6-ZRH
accept-ranges: bytes
content-length: 5112
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 lidio.png
bagis.unicefturk.org/assets/images/ 14 KB
15 KB 201ms
201ms Image
image/png 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bagis.unicefturk.org/assets/images/lidio.png

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8278a41dd58cdbc9b6375fb298b3c3d39e5b7ddebab84013cd88c1baa0609f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

cf-cache-status: MISS
etag: "3721-638f004a-340177;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F4JyyMaabvg305qDeQp3Up7ajIBHvEnGklgrJsnFN%2BbmgcbxT%2FIyOIkVaOgtk9mzs7vb1LtIhuP91YbCANL3bhkFvWlBtzeXIgJQ8I5dgDWUIOaqOxI%2BQirtEfbkLgJabOpYP1sJaA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17205&min_rtt=15579&rtt_var=935&sent=103&recv=57&lost=0&retrans=0&sent_bytes=99265&recv_bytes=20666&delivery_rate=1317792&cwnd=34800&unsent_bytes=0&cid=f079dac55e610c12&ts=458&x=1", cfExtPri, cfHdrFlush;dur=10
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/png
last-modified: Tue, 06 Dec 2022 08:41:46 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cdabbf6-ZRH
accept-ranges: bytes
content-length: 14113
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 bkmex.png
bagis.unicefturk.org/assets/images/ 6 KB
7 KB 156ms
156ms Image
image/png 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bagis.unicefturk.org/assets/images/bkmex.png

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0375320484e7de34e399a97e25e7dfd491119d6e0f57335b6dcc4393f35037fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

cf-cache-status: MISS
etag: "17d7-5eda70d0-340aad;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LALBIuuTowEBG63bLyhSWcqirsNNUxglaH9T%2BlfZ5sCBYjgd%2BiddJprmSo3Y9lm4UcTWDB3v8Z7XvKI9MxenjILWKN%2BrJ63gBSd1Pq%2BteNJnlpHAwRj3ccCKMIR3mqP4b4SdgzsEdw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18102&min_rtt=15617&rtt_var=1979&sent=57&recv=41&lost=0&retrans=0&sent_bytes=50405&recv_bytes=19972&delivery_rate=493524&cwnd=24000&unsent_bytes=0&cid=f079dac55e610c12&ts=424&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/png
last-modified: Fri, 05 Jun 2020 16:20:32 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cdbbbf6-ZRH
accept-ranges: bytes
content-length: 6103
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 UNC-342-BAGIS%20FORMU%201920x7003.jpg
bagis.unicefturk.org/public/uploads/images/ 138 KB
139 KB 224ms
223ms Image
image/jpeg 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bagis.unicefturk.org/public/uploads/images/UNC-342-BAGIS%20FORMU%201920x7003.jpg

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

147d73d9f905e8eea2673c6bae62cf6bf0f61caf81684ef265462e6395a9380b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

cf-cache-status: MISS
etag: "2286b-63fef933-360b13;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Et%2FP4MT0%2Bmycx5mvLTK8t%2BFSASYzb8cPrFwEJG2y%2F3Go4J9o0cqoYf68XZLri%2BzG%2FGxGM%2FXo%2FVUvCbqUHgEhAlvvZwksA8iyMdyWrgv3%2BT4cBvVxVHhKVJaKllsIzjXJend2pinycw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18227&min_rtt=15579&rtt_var=1096&sent=184&recv=78&lost=0&retrans=0&sent_bytes=191809&recv_bytes=21598&delivery_rate=2715960&cwnd=54000&unsent_bytes=0&cid=f079dac55e610c12&ts=491&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/jpeg
last-modified: Wed, 01 Mar 2023 07:05:23 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cdcbbf6-ZRH
accept-ranges: bytes
content-length: 141419
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 STK.png
bagis.unicefturk.org/assets/img/ 16 KB
16 KB 186ms
185ms Image
image/png 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bagis.unicefturk.org/assets/img/STK.png

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5d5208ef085a01688a3f18212cb225ad8d054d0c888334adaf872b47471950

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

cf-cache-status: MISS
etag: "3ec8-5c49ab0b-340acb;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FBQ8pEjwe4%2Bgurgxa8j5clb1UJVZ2lETco7%2BJSZ1LbWozYAisbcLzw%2B1WOAu71vaOwLZrV12xFTb2KTPXnv6Wdp45h4jsV1TmKuW2739WBMPnJzb7oF2bujw9O0AKaaJvsWRVZ4c6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17205&min_rtt=15579&rtt_var=935&sent=94&recv=57&lost=0&retrans=0&sent_bytes=88778&recv_bytes=20666&delivery_rate=1317792&cwnd=34800&unsent_bytes=0&cid=f079dac55e610c12&ts=454&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/png
last-modified: Thu, 24 Jan 2019 12:09:47 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cddbbf6-ZRH
accept-ranges: bytes
content-length: 16072
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 crealive.png
bagis.unicefturk.org/assets/img/ 872 B
2 KB 165ms
165ms Image
image/png 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bagis.unicefturk.org/assets/img/crealive.png

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a02c92aca26ff75785646936160c80d829c7695278f1c6797e730d70c44cc3bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

cf-cache-status: MISS
etag: "368-57ced31f-340acf;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AqLRwSROTorhLiaI4xmwPp7C93lzs%2B3LDuf0v32Wyr4jXdoOpufeoJcmFZ3v8AfqnziinxQsxlWp%2BpWQfpKHregWR8wefaQGglfCpOehbWmQlKSvDPqqp1JFPbcWlhzYU8LIpuEqhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18102&min_rtt=15617&rtt_var=1979&sent=62&recv=41&lost=0&retrans=0&sent_bytes=55426&recv_bytes=19972&delivery_rate=493524&cwnd=24000&unsent_bytes=0&cid=f079dac55e610c12&ts=425&x=1", cfExtPri, cfHdrFlush;dur=8
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/png
last-modified: Tue, 06 Sep 2016 14:30:55 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cdebbf6-ZRH
accept-ranges: bytes
content-length: 872
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery.fancybox.min.css
bagis.unicefturk.org/assets/js/ 12 KB
4 KB 27ms
26ms Stylesheet
text/css 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/jquery.fancybox.min.css

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"31fb-5e727d74-340aeb;br"
age: 344530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K76%2BKs51mW1n0lRp7Ahi5NqtH1u%2FO0FH1F%2Bys19%2FZa1pAp3l7G7IGVsr4Mu1gvigVEF%2FTNhlLiuF8fpNcyyxAULvW0koHFvhJQCBIKTYk%2BZePysO5N1BoP4h6J8pkCL78TR1IZQEhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 05 Feb 2025 04:21:49 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17097&min_rtt=15617&rtt_var=1153&sent=36&recv=37&lost=0&retrans=0&sent_bytes=27101&recv_bytes=19800&delivery_rate=410981&cwnd=24000&unsent_bytes=0&cid=f079dac55e610c12&ts=294&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: text/css
last-modified: Wed, 18 Mar 2020 19:58:44 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d02cd4bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 rocket-loader.min.js Show response
bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 23ms
22ms Script
application/javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

strict-transport-security: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"677d0bc5-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o42cDMmQjIqDlur%2BASjR4aheS1R1bXCqwb1K6YJVA4xrAaL7NkCq34tx37RXfQPh4Jhwk%2FRhhK%2FFMBEqpLrexmTUnE%2FFVfdJ8gueBDWN%2BnNTFWGnpRVYf84x%2FeZTKNDpNe16EBCejg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ff9c7d02cdfbbf6-ZRH
expires: Sun, 12 Jan 2025 04:04:00 GMT
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: application/javascript
last-modified: Tue, 07 Jan 2025 11:11:01 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 0ZiEwDJMxjs
www.youtube.com/embed/ Frame E51C 0
0 161ms
74ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/0ZiEwDJMxjs

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bagis.unicefturk.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jan 2025 04:04:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b5ddeb71394a98f99d5f5ee876c96648ccdea1a341b226b6578fdf6cb0bc642

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2
fonts.gstatic.com/s/roboto/v47/ 20 KB
20 KB 76ms
44ms Font
font/woff2 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind|Roboto

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f131.1e100.net

Software

sffe /

Resource Hash

e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bagis.unicefturk.org
Referer: https://fonts.googleapis.com/

Response headers

age: 120653
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 18:33:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Jan 2025 18:33:07 GMT
last-modified: Wed, 08 Jan 2025 18:23:11 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20612
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 56ms
24ms Font
font/woff2 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=latin,latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f131.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bagis.unicefturk.org
Referer: https://fonts.googleapis.com/

Response headers

age: 281077
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 06 Jan 2026 21:59:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 06 Jan 2025 21:59:23 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H2 200 fontello.woff2
downloads.unicef.org.uk/wp-content/themes/unicef/assets/fonts/ 4 KB
4 KB 129ms
42ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.unicef.org.uk/wp-content/themes/unicef/assets/fonts/fontello.woff2?15235237
Requested by: Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/assets/css/main.min8cc3.css?v=1pm6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 935273e784b626850c65e77cca59e734ea371d71cddc0b40c976a336ba7580aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bagis.unicefturk.org
Referer: https://bagis.unicefturk.org/

Response headers

cache-control: public, max-age=31536000
cf-cache-status: HIT
etag: "6532514f-e5c"
age: 61248
cf-ray: 8ff9c7d21bda65bd-FRA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 3676
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: font/woff2
last-modified: Fri, 20 Oct 2023 10:07:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 fontawesome-webfont.woff2
bagis.unicefturk.org/assets/fonts/ 63 KB
64 KB 223ms
222ms Font
font/woff2 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/fonts/fontawesome-webfont.woff2?v=4.4.1

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/assets/css/font-awesome.min.min.css?v=5.4.1ij

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bagis.unicefturk.org
Referer: https://bagis.unicefturk.org/assets/css/font-awesome.min.min.css?v=5.4.1ij

Response headers

cf-cache-status: MISS
etag: "fbd0-5eda4596-340a66;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BB7IcyNWa3YU8%2Bq1TlK%2FtBU8lCdsGF0nHjyTaJAgZpKTOxDw7LMRbVHKdw%2FSTsjh9ag0zIirhXt1sUfyC4mpT8UuW8anjguTUO0cf%2Bb0WxILuNDT%2Fa7EhG6proIQqZ1Q%2BAwjQidnsA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15940&min_rtt=15531&rtt_var=374&sent=748&recv=158&lost=0&retrans=0&sent_bytes=834625&recv_bytes=40283&delivery_rate=1863026&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=711&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: font/woff2
last-modified: Fri, 05 Jun 2020 13:16:06 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d18d7bbbf6-ZRH
accept-ranges: bytes
content-length: 64464
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmaiArmlw.woff2
fonts.gstatic.com/s/roboto/v47/ 13 KB
13 KB 68ms
37ms Font
font/woff2 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmaiArmlw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind|Roboto

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f131.1e100.net

Software

sffe /

Resource Hash

fdd953c288159a1f149911720d8a19fad17dc80f1a0609948cfa1458c368899d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bagis.unicefturk.org
Referer: https://fonts.googleapis.com/

Response headers

age: 120653
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 18:33:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Jan 2025 18:33:07 GMT
last-modified: Wed, 08 Jan 2025 18:23:09 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13740
x-xss-protection: 0
server: sffe

GET
H3 200 jquery.maskedinput.min.js Show response
bagis.unicefturk.org/assets/js/ 4 KB
3 KB 151ms
151ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/jquery.maskedinput.min.js

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"10e4-5edf99f9-340aee;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNLAxUzkQxa4LVmJP9QolXFRvWVaW%2BGsZ8AQSEm3QJavE5H2trhTVvW5DrP%2B4aThtCl0BfiIVuXnC2C1Q9hoUuGyPiP4BtmDvqnhwjMWcrOEf3CAfvAyaFvPeNiAlZ3A6rodv4%2BWCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=663&recv=150&lost=0&retrans=0&sent_bytes=745741&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=643&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Tue, 09 Jun 2020 14:17:29 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d18d7cbbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 appeal.js Show response
bagis.unicefturk.org/assets/js/ 9 KB
3 KB 151ms
148ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/appeal.js?ver=1.5.11

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12b93dfb8b88ff2003910fafa58e5540e1294475646a21130b826753c8bedd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"2411-5ece178a-340ae3;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HrUACd8l9rHYSATSSShrM1CgSq3VId2yR3LX%2Bwd22YVW3Wtnyr56pLonfPx1J%2FAETM5hLdK6bOCaN%2B1NrPToUbkmbCjALNWApd%2Bi4CPOnxPAwDrGvlNSjYwfn0zGMsCEKKIMhYAHWg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=666&recv=150&lost=0&retrans=0&sent_bytes=748676&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=643&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d86bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 parsley.min.js Show response
bagis.unicefturk.org/assets/js/ 42 KB
14 KB 154ms
149ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/parsley.min.js?ver=1.5.11

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdacad6dba64a09bbc98378cf92bd24787e2661788391ba808348cc5f4b23d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"a84e-5ece1782-340af2;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LLmNzbDCTV073APmRptX%2FYKqPk5UrPN6VwPtriBb1VFPLDPiGjP%2FefghiWeS1VqhTdAzDwYP4XHvSideHaaQrpddUwGefoVlmzKXgSjHz2A5SaDnvz%2B4%2FAtHsZfJUzv4hFirbkJBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=671&recv=150&lost=0&retrans=0&sent_bytes=754137&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=646&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:18 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d89bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
1 KB 46ms
24ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bagis.unicefturk.org
Referer: https://bagis.unicefturk.org/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec1-514"
age: 116991
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3dFoGLPo5s0aH01Est52S4YhF9WJMvWuObcY3kbMZK3Iw8t3tf3Oq67HeEifKZPw04QNaAyRWEIoMR4RdVny%2FDe335%2FgxPjUuPH%2F2l5FAV3tRBpVt15zvku%2BVBYOLA6zCKIq9IGR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:45 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ff9c7d1bec1be77-ZRH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 591
server: cloudflare

GET
H3 200 wp-embed.minc225.js Show response
bagis.unicefturk.org/assets/js/ 1 KB
2 KB 155ms
149ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/wp-embed.minc225.js?ver=5.4.1

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"59a-5ece1783-340af8;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4O8c1Kv8mMU2dU8%2FzpBiEQXwFLkcgdDFoor5YaxLm8%2BysJYQo4ygtDx90b%2FSnafEQLpeelyM8fYfVXLIFxBHL7bnV%2BulA%2BTKStrkDhQxb8SEN684OMa%2FOA%2BjrVBvK93zx%2BHYXk9WA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=684&recv=150&lost=0&retrans=0&sent_bytes=768581&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=647&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:19 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d8dbbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 scroll-tracking.min25fe.js Show response
bagis.unicefturk.org/assets/js/dist/ 3 KB
2 KB 153ms
148ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/dist/scroll-tracking.min25fe.js?ver=1506348479

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c16decbba43aeddc24ec3ddca3dca8125e40486d18fc36d33687c04c0fdc9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"cef-5ece178a-3a1dbf;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCQ89Dvds52%2BGpbUQWPGbsgYT4eRxI3TZ0oFXF9FESCXsiQFnapvfKv5ZBBQln5rF2w5i29nYGSZ2kqoxVc4a2Ud0NjSS9R7CT%2Fa2u4nCb66MK%2FK7S%2BsVBiUpWKdAGBk9hJ2hMvV7g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=669&recv=150&lost=0&retrans=0&sent_bytes=752046&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=645&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d8fbbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 storytelling.min8cc3.js Show response
bagis.unicefturk.org/assets/js/dist/ 4 KB
2 KB 160ms
156ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/dist/storytelling.min8cc3.js?ver=1589893531

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b7b1f9e62dffd381d4ce4837eaefc3299886a8d99d85a1842335b823ff173d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"e32-5ece178a-3a1dc0;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FHHOwADe9DKvMVrAgwMEa2vkbD6iNBDnw6NR3YtvBNHzlY42nCi17JDLdbNlPObiza41sVBt7%2Fk%2FiBwAfl3w0WtdVaJavhHb16PoO2IeqaoUnrIoECJ3wT59BQI8YnL1xHltuu8SRw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=695&recv=150&lost=0&retrans=0&sent_bytes=778392&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=651&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d90bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 maps.min1335.js Show response
bagis.unicefturk.org/assets/js/dist/ 997 B
1 KB 166ms
161ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/dist/maps.min1335.js?ver=1533119154

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6281121ee43c6500bbe657f53481752fa8bf993b335eb0417ddae01edb33e9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"3e5-5ece178a-3a1dbe;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rjQFwKxDrcqhXeeirfybHH7dY6lrMYSVuz3CL%2Ba3Bo238ZDpZbA0w8lNeKj0Wi9dfr1H2CfRZ9emt9KSqFQ7CMoOe5I7QbJQuc63TIoUvft8A8n2jxm8D6ZwFd%2Fl5%2FpnqiCM5MvPfg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=711&recv=150&lost=0&retrans=0&sent_bytes=795447&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=659&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d92bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 formstack-api.min2e46.js Show response
bagis.unicefturk.org/assets/js/dist/ 8 KB
4 KB 159ms
154ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/dist/formstack-api.min2e46.js?ver=1565019131

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

474581c5af85d6bfb956446fd64bdabca08e8801d4ab4e99e8d3db02931e7c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"1e59-5ece178a-3a1dbb;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1d4z%2BL6iOKAlIA8otUyes8jbCrL6yoMdGrD1KbyU2cHfiAYyls4s%2BXaJnqLnx0qgqWHeLqY8OggHYstcatif7%2Bmr27TRDdKm%2BL3LV8lglviSYTMFoOu300mN8jOcg0oOzFo6dAIa5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=691&recv=150&lost=0&retrans=0&sent_bytes=774677&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=651&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d93bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 formstack-api-sequenced.mine83e.js Show response
bagis.unicefturk.org/assets/js/dist/ 5 KB
2 KB 76ms
71ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/dist/formstack-api-sequenced.mine83e.js?ver=1559640515

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f867aeaace6a7f6a16195350caa95bded32a5048c5b9a9fdb24327e74755110

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"12bd-5ece178a-3a1dba;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ft1hU3YKzAmjCL4RVtEF7cobcS0Zk0emgMExLC0qeX%2BVeuyZq%2BJ7omET%2FcmBR7veOwKYG5GI7LLIQnhpQKlgBq4OvITCHL9MDdFuVMtzexJ6pBgAefPHxMo1oS6Bk6A9%2BNmmq2mAIA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15996&min_rtt=15531&rtt_var=312&sent=649&recv=145&lost=0&retrans=0&sent_bytes=731012&recv_bytes=39697&delivery_rate=11914891&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=569&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d94bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 legacies.minab0c.js Show response
bagis.unicefturk.org/assets/js/dist/ 5 KB
3 KB 159ms
156ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/dist/legacies.minab0c.js?ver=1568894791

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

970480f5a120e4cbfb0fde03ea9ed6a7ece2d8d00eabdabb4eec865e4503aeaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"1594-5ece178a-3a1dbc;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9xNhRQYg4wjI82MSgMLNKY9wxpm0i4hVw0r8AqBUZP2HCgvLvMxUGs7VSX%2FMM9FwHdf0Ld4EhbBoefESDUun7Upc%2F6y5UMEuU%2BWfuFzBFDZXTluJBvQ3S7nE3uxpv%2BM7OEVSA4yiCw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=691&recv=150&lost=0&retrans=0&sent_bytes=774677&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=651&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d95bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 donation.min1335.js Show response
bagis.unicefturk.org/assets/js/dist/ 14 KB
4 KB 161ms
157ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/dist/donation.min1335.js?ver=15dfffd33119154

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b999004a230a128a38249cb4c5d530aa9522d4ad13e12b16c52f1c25b95a9c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"39bf-5edf9cab-3a1db9;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vPx8E%2BLYgasvdvbes6iZMs14lI%2B4aViQUT5ASsBvRuDp0%2FRhYSRqrf84uCX2Ee8OhVUdqF4K8ov1KPbJADU6gijloZsM1qMsMeKqCCpNCAsW0pP%2BlQ6m9U%2FHK33I9nEaYs0X3FUGZw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=704&recv=150&lost=0&retrans=0&sent_bytes=788243&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=654&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Tue, 09 Jun 2020 14:28:59 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d96bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 main.min83fe.js Show response
bagis.unicefturk.org/assets/js/dist/ 6 KB
3 KB 156ms
152ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/dist/main.min83fe.js?ver=1553081959

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0ec2c1c75ea080576dfe2042a079abeb3c5d4b91075579a79226083284e7a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"17f0-5ece178a-3a1dbd;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CCO0cQ3g%2BL8eysw5pcW0D45vg%2FvZqg0kTybmjc6cCaio83BfFSq5bLabUml4ASUjI8KX1zjxNTSWRxaDhSEQN7HbdgqPdA2FM%2F82TA3kjficO4pEnrAWjpl5Uid3uZtP3L5TiGl8GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=686&recv=150&lost=0&retrans=0&sent_bytes=770214&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=649&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d97bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery.actual.min4963.js Show response
bagis.unicefturk.org/assets/js/libs/ 1 KB
1 KB 156ms
152ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/libs/jquery.actual.min4963.js?ver=1.1

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

842788712ba690f61e6d83f456a4aef70d8e33e84426bd8e1e748a30f12169f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"4d7-5ece178a-3a1dc2;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxQkDsUrwq7VcJdo6x%2FSOCA1aGv0Z4F66NZv8Bpv5C5jTdSdfZzXgossxx6hqdLdJjhSKDfG008TLt9Z64oiEVrcj3RruiVxfKOJK6zL1mVIImJNK2cwKLGmfjwzNDakQIrQsV4Xxw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=689&recv=150&lost=0&retrans=0&sent_bytes=773132&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=649&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d98bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 validate.min4963.js Show response
bagis.unicefturk.org/assets/js/libs/ 23 KB
9 KB 166ms
162ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/libs/validate.min4963.js?ver=1.1

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80413c4ff8dc96062fd1cbb56c2e3bfb397c89d8e6f351a5a0ab0320cb63c4ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"5a1f-5ece178a-3a1dc6;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BXXCgZDcNLd2X7trNaRLoeyYubj3KxEybbc1ycYIf2aVhGOJamf9zeSVcLD992nyx813GycDvjasuLaA9fYjw76ExUQwXRPAVHuLDFSJ70asadImV%2Fy6Gx4J3q6OKV%2FxJAwgYtlUmg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=713&recv=150&lost=0&retrans=0&sent_bytes=796823&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=659&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d99bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 counter8a54.js Show response
bagis.unicefturk.org/assets/js/libs/ 10 KB
4 KB 158ms
155ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/libs/counter8a54.js?ver=1.0.0

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f07c42f1d9f277b467257684ecc68c184d174a2421916664af93e3488a85b4c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"26a9-5ece178a-3a1dc1;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FwBP4D4%2B7jAVc%2FU0uMLd5P9MP10aVQEEaPk2Z95snLCY9nvERtS1Et3k0YYzoEYbC20pBtD%2F%2BgZWFGHMhBV1lNTFXRfZ1NWsGGFzdP%2FTWlEueW3Pv6cjPdD1mNMp7uimJGebzrmJiw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=700&recv=150&lost=0&retrans=0&sent_bytes=783574&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=653&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d9abbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery.fancybox.min.js Show response
bagis.unicefturk.org/assets/js/ 67 KB
24 KB 205ms
202ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/jquery.fancybox.min.js

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"10a9d-5e727d74-340aec;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FhN71%2BFOfbqn2GeWmJimlHNIgX5mYlSaMW1u%2F3d9rBHZz4i0Q9SgiccwsL4xtf0lfEe9SWo0d9HvJR87GN1V7ir32Ka2lrnF9UOxxrmAh8S%2FHZ%2F6AIpIp9pQjAVqPlmoP%2F4%2FRA57uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15940&min_rtt=15531&rtt_var=374&sent=726&recv=158&lost=0&retrans=0&sent_bytes=809927&recv_bytes=40283&delivery_rate=1863026&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=700&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Mar 2020 19:58:44 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d9bbbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 slick.min4963.js Show response
bagis.unicefturk.org/assets/js/libs/ 41 KB
12 KB 76ms
73ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/libs/slick.min4963.js?ver=1.1

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f210d1ee9f958d2ede1d955a5a4b46275f60213c3b6fc65ec99822d3d16ce92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"a3e2-5ece178a-3a1dc5;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UVyHPl11g9K9%2Bnq3TRSpxNOw2nJ%2BOsnTHTwDemYBDzr4heD0cNwBfjRo3PvGNIF6YxyyFS9PWerLQ7cEILcBuGUJs1knmwU77FsRjvflaQN9O%2FepJanYUA2F3cBXEnzeF0tz2OKbcw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15937&min_rtt=15531&rtt_var=272&sent=652&recv=147&lost=0&retrans=0&sent_bytes=733496&recv_bytes=39787&delivery_rate=13650104&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=571&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d9dbbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ 3 KB
2 KB 54ms
27ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

c91c87dbe65345edd06d25e0da594bdf877e9e106aa518762371dc899358bb98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bagis.unicefturk.org
Referer: https://bagis.unicefturk.org/

Response headers

content-md5: fVZabkkA1sgUf7Y4sxti8A==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "ea8dffcb2d8c1e722c71e14627e5924d"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Fri, 10 Jan 2025 04:20:01 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=1
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 7df9b11f51a63385a69ca8412677a46a
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4491, tp=9, tpl=0, uplat=2, ullat=-1
x-fb-debug: vH4h7DYxgDk3SykARpRwM6iKWi95B9A3vp6nfrS8kbnSyrDXOZrxz5PQE/K/cM7OQ9Hstd0NKUEqIC39dJ3A/g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1687
origin-agent-cluster: ?1

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 62 KB
21 KB 167ms
65ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

0a85068d15429ca312b29e0b654840b59dd1ce228b9cafec3a049f0eca6949a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"6776d4b0-f8f8"
cross-origin-resource-policy: cross-origin
expires: Sat, 11 Jan 2025 04:04:01 GMT
access-control-allow-origin: *
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: text/javascript
last-modified: Thu, 02 Jan 2025 18:02:24 GMT
server: nginx

GET
H3 200 modernizr-custom68b3.js Show response
bagis.unicefturk.org/assets/js/libs/ 8 KB
3 KB 160ms
157ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/libs/modernizr-custom68b3.js?v=1

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f33ff2b59321dbbea72739164f02eed37abce3af2f9ba713343a33c822b063f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"2159-5ece178a-3a1dc3;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9hRxgdJCFuBtB9vCaf%2BIfLQpWdrTdhq6QvfGR%2Fu5ugUQrqbkMv3E3fdhTysRF0HGCPCyiaEw686hDW5ztpayR5zxigui08e04hazc5bDon0fsQU4vBZf%2F7%2BTEBIcKrhaGyzhS9857g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15896&min_rtt=15531&rtt_var=172&sent=708&recv=150&lost=0&retrans=0&sent_bytes=792421&recv_bytes=39922&delivery_rate=1004879&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=654&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19d9ebbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 scrollreveal.min68b3.js Show response
bagis.unicefturk.org/assets/js/libs/ 8 KB
4 KB 168ms
166ms Script
application/x-javascript 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/js/libs/scrollreveal.min68b3.js?v=1

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9140213f193f683ccee63ed57bb1e303d1e156af982fb15d4c1b03dc1eefdc60

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"2127-5ece178a-3a1dc4;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VLZA9h9ialXR%2B26GmFJQCDakrUwgDb6QYkFExmASzdLvqlYNhMqSiHRerjasCNsizPB8W8GWKELepO3iqF0YKjEhjjA5292TK%2BZCGqd5O1FyeRr4YhlBZjXbTJfXI2R%2BiJuKxVZIQg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15974&min_rtt=15531&rtt_var=238&sent=722&recv=152&lost=0&retrans=0&sent_bytes=805911&recv_bytes=40012&delivery_rate=1168675&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=665&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
last-modified: Wed, 27 May 2020 07:32:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d19da0bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 ins.js Show response
unicefturk.api.useinsider.com/ 0
483 B 109ms
37ms Script
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unicefturk.api.useinsider.com/ins.js?id=10006539

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

cf-cache-status: HIT
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 1156
x-amz-version-id: hMASlgPPS27HjkEUe7J27.S0AH1PLEvV
x-content-type-options: nosniff
expires: Fri, 10 Jan 2025 04:09:00 GMT
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 24 Apr 2023 14:50:12 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-amz-id-2: 8D05UEaMCdwbOP0MbtwIE7DZlM+WHsPKFEKltUv8j+G/hY3VGlGv1gbhoa3E6Sy+GIion1Rj6Vc=
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=300
pragma: public
x-amz-request-id: BVSD1Q5K7C54WMG7
cf-ray: 8ff9c7d20ba4904c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-xss-protection: 1
server: cloudflare

GET
H2 200 bagis.unicefturk.org Show response
cpi.unicefturk.org/js/v4.2/ 33 KB
33 KB 182ms
105ms Script
text/javascript 34.96.73.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpi.unicefturk.org/js/v4.2/bagis.unicefturk.org
Requested by: Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.73.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.73.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2ac39411e14d64d428f18d1448efdae5205428704832b51fd56f8f3708e59a7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

via: 1.1 google
cache-control: max-age=3600, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: text/javascript;charset=UTF-8
server: nginx

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/ 88 KB
28 KB 25ms
25ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bagis.unicefturk.org
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "63a24ddb-6dd0"
age: 33426
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t5NXf9z2vHs%2FfMRQsjXpcWPyv2pnVKCcoKKDVtUJVrbDLM60w1PqR4253B%2FJE5%2BTWH0URC16hnfI7e3nDylF3DFbVtYJH0kbD7ilMnG%2FsB3pj8vg%2FGKcFQ4I%2FD6ilDtHeLhWKpmL"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 04:04:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Dec 2022 00:05:47 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ff9c7d3af72be77-ZRH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28112
server: cloudflare

GET
H3 200 favicon.ico
bagis.unicefturk.org/assets/images/ 15 KB
8 KB 83ms
83ms Other
image/x-icon 172.67.143.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bagis.unicefturk.org/assets/images/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.164 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d0cdee3c86241d78ea9e0568df8a6e315f7458eaf3c856ed8dd90f0f51b1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/en

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"3aee-5f86e957-340ab3;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zk76wZLKd00LBDkX%2Ftesm%2FVdnOuryVQtytlJ942UZ0QLhZtLFIXmnALtG8MEgmuidrh6NWRybDg1ncReQ1nUHGhHSa1cq153zaAysxkiFqAZKZxwJ4pHMaLYIip%2BrUxcf5%2B1kQEpkA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Feb 2025 04:04:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16485&min_rtt=15531&rtt_var=803&sent=806&recv=168&lost=0&retrans=0&sent_bytes=901413&recv_bytes=41532&delivery_rate=5663311&cwnd=247200&unsent_bytes=0&cid=f079dac55e610c12&ts=906&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: image/x-icon
last-modified: Wed, 14 Oct 2020 12:04:39 GMT
vary: Accept-Encoding
priority: u=1,i
strict-transport-security: max-age=2592000
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff9c7d3ae79bbf6-ZRH
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.4.0/ 13 KB
5 KB 25ms
24ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.4.0/jquery-migrate.min.js

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16eb18d9c6303cdd50ac58db5b2b116c5dcc4c43c89424f268f6d13fc599fb19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bagis.unicefturk.org
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "623ccece-10d1"
age: 108070
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ogFQ3WVsPcU6vgTRFGGnquJbbS4cqktq4XRdNVhDdXsKc6f6KuTTSrH2S6nJId4jLjHJSzzgLxNdCEjJQF5HZj5R7mbGgJxA2U6qGLePAXnPo7kgJ7ZjPzk4RM3%2BgbF8QhNFN2Y"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 04:04:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 24 Mar 2022 20:04:30 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ff9c7d3ef8fbe77-ZRH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4305
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 308 KB
107 KB 126ms
46ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PL56789

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82fc58be6a5cecb686b86c83c11c8e1fbfc986e93f23edcf3202f4611724532d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 10 Jan 2025 04:04:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 10 Jan 2025 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108646
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 syncframe
gum.criteo.com/ Frame 1B98 0
0 112ms
32ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=bagis.unicefturk.org&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bagis.unicefturk.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jan 2025 04:04:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 349562
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
15 KB 55ms
27ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: bagis.unicefturk.org
URL: https://bagis.unicefturk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bagis.unicefturk.org
Referer: https://bagis.unicefturk.org/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
age: 34365
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 04:04:01 GMT
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 03/18/2024 12:46:36
cdn-requestpullcode: 200
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d24672fb63c8950bd26fe100f905b362
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8ff9c7d45fe60229-ZRH
access-control-allow-origin: *
cdn-edgestorageid: 1048
server: cloudflare
cdn-requestcountrycode: US

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ 254 KB
75 KB 25ms
25ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=232098ee3dcc17331a067b32dfaffd75

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

b37f7263630b4de1bfe43c6dbe6fbd978736e5da82aa2d21b2a7d2714013e0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bagis.unicefturk.org
Referer: https://bagis.unicefturk.org/

Response headers

content-md5: UrLyCYEbzrLVweAbv/ofUQ==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "a3db52a159e7200494e8a419749c2327"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 10 Jan 2026 03:39:57 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: a04c864565bd5b8accbe6cf39ee1e330
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=27, mss=1232, tbw=8868, tp=16, tpl=0, uplat=1, ullat=-1
x-fb-debug: nTnru9CGaWzbqUGndM/EvkjFa1Xi8gbQFEBEjzwtuf0Ek2D8aWdrHNua3jwH65KpmuRZXRAOIUVi6LPVA4YgeQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 76741
origin-agent-cluster: ?1

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 24ms
24ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cpi.unicefturk.org
URL: https://cpi.unicefturk.org/js/v4.2/bagis.unicefturk.org

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

5332fd32d8be28eb2531721220e8c3c561000378988be4b4d7f97568f0b3f224

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-gs8XMQsd' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gs8XMQsd' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1888, tp=5, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: Pk0vg6M1ZHTBbl9oQB/jPfCg36NaWL3wIXTvPS+SpgZHRbmbqX2tRYS5HHssBBxvNdjL58HUO692AwH6Kb8bVA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62279
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 / Show response
cpi.unicefturk.org/push/ 56 B
69 B 101ms
72ms XHR
text/html 34.96.73.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpi.unicefturk.org/push/?woc=true&v=3.0.3492687488873476
Requested by: Host: cpi.unicefturk.org
URL: https://cpi.unicefturk.org/js/v4.2/bagis.unicefturk.org
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.73.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.73.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9d5e162385b0b6da27284c3d8e825fefc747c70f2aeca519c5f2fd60740793c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://bagis.unicefturk.org/

Response headers

via: 1.1 google
access-control-allow-origin: https://bagis.unicefturk.org
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: text/html; charset=UTF-8
server: nginx

GET
H3 200 share_button.php
www.facebook.com/v18.0/plugins/ Frame 328D 0
0 175ms
145ms Document
text/html 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v18.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df982d7096e683f03b%26domain%3Dbagis.unicefturk.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbagis.unicefturk.org%252Ffe7fe374d17c31400%26relation%3Dparent.parent&container_width=160&href=https%3A%2F%2Fbagis.unicefturk.org%2F&layout=button&locale=tr_TR&sdk=joey&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js?hash=232098ee3dcc17331a067b32dfaffd75

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bagis.unicefturk.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jan 2025 04:04:01 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v18.0
origin-agent-cluster: ?1
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
priority: u=0,i
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7458132717816272693"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7458132717816272693", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=23, mss=1232, tbw=4489, tp=9, tpl=0, uplat=121, ullat=0
x-fb-debug: gEOET02Kn7AfJptqhxUS/6jGtxlolrRo7cnx6lmMW9nWoX1xUv7KwjhbHQzBjbKIK0vo7Inl3sumqCx8pPzHTw==
x-xss-protection: 0

GET
H3 200 246751043316716 Show response
connect.facebook.net/signals/config/ 73 KB
16 KB 160ms
160ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/246751043316716?v=2.9.179&r=stable&domain=bagis.unicefturk.org&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

e37d5ab59436f0244c593c0d412dbc227bfe9c6f58e74e2184a6d10da06f564f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-LcTg96bO' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LcTg96bO' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=75, mss=1232, tbw=68351, tp=64, tpl=0, uplat=137, ullat=0
pragma: public
x-fb-debug: 8aAlW8P55p9A7B8HKd7HhGY+iDFEYJxBOkdPVIkTX4qhgYFY6LRFbu1pSgv8B3rKmpmSPnVbYnQFRlPvrgEBdQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 collect
www.google.com/ccm/ 0
0 82ms
35ms Ping
text/plain 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fbagis.unicefturk.org%2Fen&scrsrc=www.googletagmanager.com&frm=0&rnd=1284104967.1736481841&dt=What%20you%20are%20about%20to%20do%20can%20change%20a%20child%27s%20life%20forever.%20Donate%20now.%20%7C%20Ba%C4%9F%C4%B1%C5%9F%20Unicef%20T%C3%BCrk&auid=2023089454.1736481841&navt=n&npa=0&gtm=45He5190v856505972za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1736481841495&tfd=1146&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL56789
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s65-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 419 KB
135 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJ9J0VR4PB&l=dataLayer&cx=c&gtm=45He5190v856505972za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL56789

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21c38f7aa7fb0bbd6faafcef48d161cca404dbf4de61a847c2610da6b4b417cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 10 Jan 2025 04:04:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 137755
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 269 KB
95 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-927726233&l=dataLayer&cx=c&gtm=45He5190v856505972za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL56789

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d5df181de5b743c3c8fe3efc9c4e550c2c4bf3f519172472724ebb58d223557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 10 Jan 2025 04:04:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 10 Jan 2025 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96994
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/5190/ Frame 11F2 0
0 83ms
26ms Document
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/5190/sw_iframe.html?origin=https%3A%2F%2Fbagis.unicefturk.org

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL56789

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 21874
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Jan 2025 21:59:27 GMT
expires: Fri, 09 Jan 2026 21:59:27 GMT
last-modified: Thu, 09 Jan 2025 17:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
4 KB 123ms
37ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=42838&v=5.31.0&otl=1&csp-nonce=jJHYn3yG&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3Dhttps%25253A%25252F%25252Fbagis.unicefturk.org%25252Fen&p3=e%3Ddis&adce=1&bundle=IFtTDF93NW9idVJwM29qRDdzd2FKTVJsd05MYUhycmxIWFp2MTJMYzQlMkZRUElFOGt3N0JDRFNHbk1PSnc4WXplanV4TEVkbkhMeVFDeiUyQkpIdSUyRmhGV1JkdjM5eTNNc3ltekN0bG5zbnNvNDFCbGpKUUFiUDJGRkxmaU53STdxSU5mamhtJTJCWEZNYTVEck9ZN2QzM3BnWkRON0dWViUyQld1aHNTbmZ1eUk4cWZmNmw1WDRVJTNE&tld=unicefturk.org&fu=https%253A%252F%252Fbagis.unicefturk.org%252Fen&ceid=0862aa0a-f247-49c8-b90d-dd39aa4feaf9

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ab9e8e743e252dc75fff9340b96b972abdc649ac2e9e19c974934e60f5067ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 8542617
expires: 0
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript
server: Kestrel

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/927726233/ 5 KB
2 KB 88ms
40ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/927726233/?random=1736481841588&cv=11&fst=1736481841588&bg=ffffff&guid=ON&async=1&gtm=45be5190v9102599439z8856505972za201zb856505972&gcd=13l3l3R3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fbagis.unicefturk.org%2Fen&hn=www.googleadservices.com&frm=0&tiba=What%20you%20are%20about%20to%20do%20can%20change%20a%20child%27s%20life%20forever.%20Donate%20now.%20%7C%20Ba%C4%9F%C4%B1%C5%9F%20Unicef%20T%C3%BCrk&npa=0&pscdl=noapi&auid=2023089454.1736481841&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-927726233&l=dataLayer&cx=c&gtm=45He5190v856505972za200

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

4525b43254cf30643fe9ba7809a22100d2d6ce980df90a7f4a12ff1f75458ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2341
date: Fri, 10 Jan 2025 04:04:01 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 927726233
td.doubleclick.net/td/rul/ Frame 3111 0
0 109ms
45ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/927726233?random=1736481841588&cv=11&fst=1736481841588&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5190v9102599439z8856505972za201zb856505972&gcd=13l3l3R3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fbagis.unicefturk.org%2Fen&hn=www.googleadservices.com&frm=0&tiba=What%20you%20are%20about%20to%20do%20can%20change%20a%20child%27s%20life%20forever.%20Donate%20now.%20%7C%20Ba%C4%9F%C4%B1%C5%9F%20Unicef%20T%C3%BCrk&npa=0&pscdl=noapi&auid=2023089454.1736481841&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-927726233&l=dataLayer&cx=c&gtm=45He5190v856505972za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bagis.unicefturk.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jan 2025 04:04:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 111ms
40ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LJ9J0VR4PB&gtm=45je5190v9104661066z8856505972za200zb856505972&_p=1736481841287&_gaz=1&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1216777525.1736481842&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1736481841&sct=1&seg=0&dl=https%3A%2F%2Fbagis.unicefturk.org%2Fen&dt=What%20you%20are%20about%20to%20do%20can%20change%20a%20child%27s%20life%20forever.%20Donate%20now.%20%7C%20Ba%C4%9F%C4%B1%C5%9F%20Unicef%20T%C3%BCrk&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&tfd=1277
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ9J0VR4PB&l=dataLayer&cx=c&gtm=45He5190v856505972za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://bagis.unicefturk.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
557 B 112ms
35ms Ping
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LJ9J0VR4PB&cid=1216777525.1736481842&gtm=45je5190v9104661066z8856505972za200zb856505972&aip=1&dma=0&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ9J0VR4PB&l=dataLayer&cx=c&gtm=45He5190v856505972za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://bagis.unicefturk.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame F966 0
0 63ms
40ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-LJ9J0VR4PB&gacid=1216777525.1736481842&gtm=45je5190v9104661066z8856505972za200zb856505972&dma=0&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=754955754

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ9J0VR4PB&l=dataLayer&cx=c&gtm=45He5190v856505972za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bagis.unicefturk.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jan 2025 04:04:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
408 B 121ms
41ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LJ9J0VR4PB&cid=1216777525.1736481842&gtm=45je5190v9104661066z8856505972za200zb856505972&aip=1&dma=0&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=286027418

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 10 Jan 2025 04:04:01 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 1423115299093351 Show response
connect.facebook.net/signals/config/ 34 KB
6 KB 87ms
87ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1423115299093351?v=2.9.179&r=stable&domain=bagis.unicefturk.org&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C147%2C174%2C160%2C119%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

21fafbc1f33e138cac34e0ec19cb0242adff2d6973d7dd985a6289bcfa4087a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-SbfGtGOs' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-SbfGtGOs' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=89, mss=1232, tbw=85343, tp=80, tpl=0, uplat=64, ullat=0
pragma: public
x-fb-debug: hf3owxUnIIEnxa82IFdtohvZbeLR0p5MB4Y3Wb9G49pAcwGe9DWYHyL1Mn5MQI+uc/N03kcH6CduY5MX47Nicg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 sync
x.bidswitch.net/ Frame 7344 43 B
183 B 250ms
33ms Image
image/gif 35.214.136.108
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-PirX0saPRq3cZsbnxP2qxzovpY-4FXZXiNfSMQ&expires=30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 7344
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-gElLtcaPRq3cZsbnxP2qxzovpY9jh2ytqma_uA&google_cm&google_hm=ay1nRWxMdGNhUFJxM2Nac2JueFAycXh6b3ZwWTlqaDJ5d...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-gElLtcaPRq3cZsbnxP2qxzovpY9jh2ytqma_uA&google_cm=&google_hm=ay1nRWxMdGNhUFJxM2Nac2JueFAycXh6b3ZwWTlqaDJ...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-gElLtcaPRq3cZsbnxP2qxzovpY9jh2ytqma_uA&google_gid=CAESEFcVbQpjizKflhtGi_w38ho&google_cver=1&google_ula=913071,0

43 B
686 B

29ms
29ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-gElLtcaPRq3cZsbnxP2qxzovpY9jh2ytqma_uA&google_gid=CAESEFcVbQpjizKflhtGi_w38ho&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1749446
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: image/gif
server: Kestrel

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-gElLtcaPRq3cZsbnxP2qxzovpY9jh2ytqma_uA&google_gid=CAESEFcVbQpjizKflhtGi_w38ho&google_cver=1&google_ula=913071,0
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 398
date: Fri, 10 Jan 2025 04:04:01 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 7344
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5742185885915938801

43 B
686 B

56ms
28ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5742185885915938801

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1042173
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: image/gif
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5742185885915938801
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.81; 149.88.27.81; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: cf88863a-2af0-40c7-8500-2b46c0128782
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 10 Jan 2025 04:04:01 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 7344 49 B
341 B 114ms
32ms Image
image/gif 185.255.84.152
IGUANE-FR Iguane ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-FioPO8aPRq3cZsbnxP2qxzovpY85yQPSycjIng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-FR Iguane Solutions SAS, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 0
x-content-type-options: nosniff
expires: 0
p3p: CP="CAO PSA OUR"
content-length: 49
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: image/gif
vary: Accept-Encoding
server: ayl-lb-fra02

GET
H3

200

rum
r.casalemedia.com/ Frame 7344
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sRYtTsaPRq3cZsbnxP2qxzovpY_DM1ANJOHwzw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sRYtTsaPRq3cZsbnxP2qxzovpY_DM1ANJOHwzw&C=1

43 B
753 B

42ms
42ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sRYtTsaPRq3cZsbnxP2qxzovpY_DM1ANJOHwzw&C=1
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dMoEyALyRrIgnZntHSqCHZfIAOZeAFmWl32ia3mDFOIw19d8wrCn92HzEvl8%2BVS5ynaVaSQz5yZ6ZL%2FBaPuqinofYfMIrFLZwz8VbJkHdwQZItPMAQ%2Fdn8bGixeyED9EIXkS"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: image/gif
vary: Accept-Encoding
priority: u=3,i
cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8ff9c7d6ecfe23f7-ZRH
content-length: 43
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kXpx7g6kX%2BqZr%2B3p9ym4blsy84rAXuDEEPybkfCAGx0mx99m4yPgdTuo5Lih4xP0Z0tEEL%2FxQuU2JSdMJoep4CKCVvxMeWX7BFx254bFXISDKOU4X1ASCnNLHxkmU89vDpt5"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 10 Jan 2025 04:04:01 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: no-cache
location: /rum?cm_dsp_id=20&external_user_id=k-sRYtTsaPRq3cZsbnxP2qxzovpY_DM1ANJOHwzw&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8ff9c7d69cde23f7-ZRH
content-length: 0
server: cloudflare

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 7344
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Hw6eMCxlP1T0FckqjBQ3pyjmjN3Hj4uZ
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Hw6eMCxlP1T0FckqjBQ3pyjmjN3Hj4uZ

42 B
717 B

50ms
50ms

Image
image/gif

52.214.247.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Hw6eMCxlP1T0FckqjBQ3pyjmjN3Hj4uZ

Protocol

Server

52.214.247.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-247-153.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v069-0b644b034.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: bWrbRgJCSP4=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Hw6eMCxlP1T0FckqjBQ3pyjmjN3Hj4uZ
dcs: dcs-prod-irl1-1-v069-0a0a712a4.edge-irl1.demdex.com 0 ms
pragma: no-cache
x-tid: +Y6NnKeERKE=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Fri, 10 Jan 2025 04:04:01 GMT

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 7344 43 B
1 KB 109ms
34ms Image
image/gif 162.19.138.116
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-9UGkUcaPRq3cZsbnxP2qxzovpY_vJI1RTO61ow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 7344
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-y1NdqMaPRq3cZsbnxP2qxzovpY_zyObz8l5b9g
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-y1NdqMaPRq3cZsbnxP2qxzovpY_zyObz8l5b9g

43 B
462 B

53ms
53ms

Image
image/gif

34.250.141.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-y1NdqMaPRq3cZsbnxP2qxzovpY_zyObz8l5b9g
Protocol: H2
Server: 34.250.141.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-141-206.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: image/gif

Redirect headers

access-control-allow-origin: *
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-y1NdqMaPRq3cZsbnxP2qxzovpY_zyObz8l5b9g
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: text/plain

GET
H2 200 sync
matching.ivitrack.com/ Frame 7344 42 B
265 B 110ms
40ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-kngIvMaPRq3cZsbnxP2qxzovpY92YXR56fGGag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: image/gif
server: istio-envoy

GET
H2 200 cksync.php
contextual.media.net/ Frame 7344 59 B
833 B 168ms
76ms Image
image/gif 2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-UTKxTMaPRq3cZsbnxP2qxzovpY8KOATWlfmBFA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bd95e8a7f7c6225934f3f14a6cdc3876566284966667fc32f88fe141e3713da6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
pragma: no-cache
expires: Fri, 10 Jan 2025 04:04:01 GMT
x-mnet-hl2: E
alt-svc: h3=":443"; ma=93600
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-length: 59
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: image/gif
server: Apache

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 7344 0
880 B 83ms
27ms Image
text/html 3.74.196.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-aDrhpMaPRq3cZsbnxP2qxzovpY-_5PR4aYHYqQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.196.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-196-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache
content-encoding: gzip
date: Fri, 10 Jan 2025 04:04:01 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 7344 43 B
533 B 591ms
192ms Image
image/gif 44.239.49.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-PS_a78aPRq3cZsbnxP2qxzovpY9qlS21oaB0tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.49.12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-49-12.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin: *
content-length: 43
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 10 Jan 2025 04:04:02 GMT
content-type: image/gif
server: nginx

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 7344 0
218 B 334ms
104ms Image
text/plain 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-eljZ3caPRq3cZsbnxP2qxzovpY8ZpYVvouaIng&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 0
date: Fri, 10 Jan 2025 04:04:02 GMT
x-traceid: 751793eba2e37ff80ed61deb3e2e6f2d

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 7344 42 B
579 B 113ms
28ms Image
image/gif 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-0iMh_MaPRq3cZsbnxP2qxzovpY8PRTXsDmEAgA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 10 Jan 2025 04:04:00 GMT
content-type: image/gif; charset=utf-8
server: nginx

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 7344 42 B
1 KB 113ms
26ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-t87ecMaPRq3cZsbnxP2qxzovpY8ME89qlJXJrQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 5e091a4bda7cb1b96cf60040ae4e8596
Pragma: no-cache
content-length: 42
Content-Type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 7344 0
58 B 103ms
27ms Image
text/plain 18.184.206.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-rB_MIcaPRq3cZsbnxP2qxzovpY-MA8lb0Mf3kw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.184.206.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-206-66.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 7344 43 B
587 B 223ms
36ms Image
image/gif 91.134.110.137
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-29x6_MaPRq3cZsbnxP2qxzovpY97fQih7AGbGg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.134.110.137 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip137.ip-91-134-110.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Fri, 10 Jan 2025 04:04:01 GMT
pragma: no-cache
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 7344 0
99 B 113ms
32ms Image
text/plain 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-MBAi68aPRq3cZsbnxP2qxzovpY9zjeS2_zttbQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt: 29614
date: Fri, 10 Jan 2025 04:04:02 GMT
server: nginx
access-control-allow-credentials: true

GET
H2 200 um
criteo-sync.teads.tv/ Frame 7344 23 B
278 B 167ms
53ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-6ozJCsaPRq3cZsbnxP2qxzovpY_cRT598SXU7A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

expires: Fri, 10 Jan 2025 04:04:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
pragma: no-cache
date: Fri, 10 Jan 2025 04:04:02 GMT
content-type: image/gif
server: pekko-http/1.0.1

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 7344 43 B
398 B 474ms
142ms Image
image/gif 2600:1f10:4ce4:4a02:550f:72f4:d87a:7008
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-YCvawsaPRq3cZsbnxP2qxzovpY_3Jvl12Rzalg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f10:4ce4:4a02:550f:72f4:d87a:7008 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 10 Jan 2025 04:04:02 GMT
content-type: image/gif
server: nginx

GET
H2 200 xuid
eb2.3lift.com/ Frame 7344 37 B
140 B 84ms
23ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-GZplB8aPRq3cZsbnxP2qxzovpY_xiwuJszgQpA&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Fri, 10 Jan 2025 04:04:02 GMT
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 7344 43 B
580 B 115ms
41ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-ESeyvsaPRq3cZsbnxP2qxzovpY8ONim0n6tGRg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS Cronon GmbH, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin: *
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
content-length: 43
date: Fri, 10 Jan 2025 04:04:02 GMT
content-type: image/gif
x-powered-by: PHP/7.3.29
server: Apache

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 7344 0
235 B 107ms
30ms Image
text/plain 2.23.240.137
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-AFyVO8aPRq3cZsbnxP2qxzovpY-YtAez8_55IA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.23.240.137 Doha, Qatar, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-23-240-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Expires: Thu, 09 Jan 2025 04:04:02 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Date: Fri, 10 Jan 2025 04:04:02 GMT
Connection: keep-alive

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 7344 0
38 B 233ms
48ms Image
text/plain 54.72.205.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-KP2FEsaPRq3cZsbnxP2qxzovpY-zXiC6PQQhEw&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.205.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-205-68.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Fri, 10 Jan 2025 04:04:02 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 7344 0
44 B 110ms
26ms Image
text/plain 3.69.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-vlCR08aPRq3cZsbnxP2qxzovpY8DFP0cUAYv5Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.214.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-214-99.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Fri, 10 Jan 2025 04:04:02 GMT
server: awselb/2.0

GET
H2

200

RX-e979d372-122c-4051-938f-b2d79c499e1d-003
sync.targeting.unrulymedia.com/csync/ Frame 7344
Redirect Chain

https://sync.1rx.io/usersync/criteodsp/k-F_DAu8aPRq3cZsbnxP2qxzovpY-juahE5_BloQ
https://sync.1rx.io/usersync/criteodsp/k-F_DAu8aPRq3cZsbnxP2qxzovpY-juahE5_BloQ?zcc=1&cb=1736481842141
https://sync.targeting.unrulymedia.com/csync/RX-e979d372-122c-4051-938f-b2d79c499e1d-003

43 B
378 B

120ms
34ms

Image
image/gif

46.228.174.117
Amobee NEXXEN GRO...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-e979d372-122c-4051-938f-b2d79c499e1d-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Fri, 10 Jan 2025 04:04:02 GMT
content-length: 43

Redirect headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
location: https://sync.targeting.unrulymedia.com/csync/RX-e979d372-122c-4051-938f-b2d79c499e1d-003
date: Fri, 10 Jan 2025 04:04:02 GMT
pragma: no-cache
content-type: text/html

GET
H3 200 /
www.google.com/pagead/1p-user-list/927726233/ 42 B
64 B 40ms
40ms Image
image/gif 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/927726233/?random=1736481841588&cv=11&fst=1736481600000&bg=ffffff&guid=ON&async=1&gtm=45be5190v9102599439z8856505972za201zb856505972&gcd=13l3l3R3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fbagis.unicefturk.org%2Fen&hn=www.googleadservices.com&frm=0&tiba=What%20you%20are%20about%20to%20do%20can%20change%20a%20child%27s%20life%20forever.%20Donate%20now.%20%7C%20Ba%C4%9F%C4%B1%C5%9F%20Unicef%20T%C3%BCrk&npa=0&pscdl=noapi&auid=2023089454.1736481841&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dkdwwzql6SQLxh3WopLLHlatmSlI4kA&random=2420523085&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 10 Jan 2025 04:04:01 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.ch/pagead/1p-user-list/927726233/ 42 B
154 B 39ms
39ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/927726233/?random=1736481841588&cv=11&fst=1736481600000&bg=ffffff&guid=ON&async=1&gtm=45be5190v9102599439z8856505972za201zb856505972&gcd=13l3l3R3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fbagis.unicefturk.org%2Fen&hn=www.googleadservices.com&frm=0&tiba=What%20you%20are%20about%20to%20do%20can%20change%20a%20child%27s%20life%20forever.%20Donate%20now.%20%7C%20Ba%C4%9F%C4%B1%C5%9F%20Unicef%20T%C3%BCrk&npa=0&pscdl=noapi&auid=2023089454.1736481841&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dkdwwzql6SQLxh3WopLLHlatmSlI4kA&random=2420523085&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 10 Jan 2025 04:04:02 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 45ms
22ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=246751043316716&ev=PageView&dl=https%3A%2F%2Fbagis.unicefturk.org&rl=&if=false&ts=1736481841750&cd[value]=0&cd[currency]=TRY&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1736481841749.618084015319545215&pm=1&hrl=97f6aa&ler=empty&cdl=API_unavailable&it=1736481841482&coo=false&eid=1736481841424-2ef868aa.3568470522546127.1736481841424-612514&tm=1&cs_cc=1&cas=8579769025468017%2C6836781876366241%2C6710221029037162%2C7381095758633126%2C5610407072419633&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4587, tp=11, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 10 Jan 2025 04:04:02 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 209ms
194ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=246751043316716&ev=PageView&dl=https%3A%2F%2Fbagis.unicefturk.org&rl=&if=false&ts=1736481841750&cd[value]=0&cd[currency]=TRY&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1736481841749.618084015319545215&pm=1&hrl=97f6aa&ler=empty&cdl=API_unavailable&it=1736481841482&coo=false&eid=1736481841424-2ef868aa.3568470522546127.1736481841424-612514&tm=1&cs_cc=1&cas=8579769025468017%2C6836781876366241%2C6710221029037162%2C7381095758633126%2C5610407072419633&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7458132722620851664"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 04:04:02 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7458132722620851664", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: 1UAErexdrdFDFbEh/AZa/HYcLPU+6AI6UJLRjmbwOkxfghYD46guqhgD5Tk8a0UQHV7Qlk8yJJ4qJk/ccQqq9Q==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=24, mss=1232, tbw=5458, tp=21, tpl=0, uplat=171, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 30ms
23ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1423115299093351&ev=PageView&dl=https%3A%2F%2Fbagis.unicefturk.org%2Fen&rl=&if=false&ts=1736481841752&cd[value]=0&cd[currency]=TRY&cd[url]=https%3A%2F%2Fbagis.unicefturk.org%2Fen&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1736481841749.618084015319545215&ler=empty&cdl=API_unavailable&it=1736481841482&coo=false&eid=1736481841424-2ef868aa.3568470522546127.1736481841424-612514&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4859, tp=12, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 10 Jan 2025 04:04:02 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 186ms
186ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1423115299093351&ev=PageView&dl=https%3A%2F%2Fbagis.unicefturk.org%2Fen&rl=&if=false&ts=1736481841752&cd[value]=0&cd[currency]=TRY&cd[url]=https%3A%2F%2Fbagis.unicefturk.org%2Fen&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1736481841749.618084015319545215&ler=empty&cdl=API_unavailable&it=1736481841482&coo=false&eid=1736481841424-2ef868aa.3568470522546127.1736481841424-612514&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7458132722773145283"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 04:04:02 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: LGo3NKSPhyesY1zTGNzGrMdx1bF2RMpFaQICfRmx7u0UoDkCRwAJc26AR6mDcJ7opL3NuVrX6L/hCIANuKQcGA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7458132722773145283", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=24, mss=1232, tbw=8866, tp=24, tpl=0, uplat=162, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 24ms
23ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=246751043316716&ev=PageView&dl=https%3A%2F%2Fbagis.unicefturk.org&rl=&if=false&ts=1736481841752&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12316&fbp=fb.1.1736481841749.618084015319545215&pm=1&hrl=97f6aa&ler=empty&cdl=API_unavailable&it=1736481841482&coo=false&tm=1&cs_cc=1&cas=8579769025468017%2C6836781876366241%2C6710221029037162%2C7381095758633126%2C5610407072419633&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=24, mss=1232, tbw=5195, tp=17, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 10 Jan 2025 04:04:02 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 189ms
188ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=246751043316716&ev=PageView&dl=https%3A%2F%2Fbagis.unicefturk.org&rl=&if=false&ts=1736481841752&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12316&fbp=fb.1.1736481841749.618084015319545215&pm=1&hrl=97f6aa&ler=empty&cdl=API_unavailable&it=1736481841482&coo=false&tm=1&cs_cc=1&cas=8579769025468017%2C6836781876366241%2C6710221029037162%2C7381095758633126%2C5610407072419633&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bagis.unicefturk.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7458132722197531888"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 04:04:02 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ZvAuoIOIC5UpTKwNXgMjLQUOQZ1GbdIpVtw1hzgdq6I5UHdozaMHokJhYxJPxLQ5sEpVwRId273Dym8Q8Y5OfA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7458132722197531888", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=24, mss=1232, tbw=9746, tp=25, tpl=0, uplat=165, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 setuid
ib.adnxs.com/ Frame 7344 43 B
1 KB 28ms
28ms Image
image/gif 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-_W0_OMaPRq3cZsbnxP2qxzovpY8Iq196bFDB6g

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 149.88.27.81; 149.88.27.81; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 2212c7c1-6d3f-4f82-b1eb-9ce02e52ed9b
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 10 Jan 2025 04:04:01 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bagis.unicefturk.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: ok5vfqf79o5v7uv0sq4t1flf97
bagis.unicefturk.org/	1970-01-21 02:27:21	Name: XSRF-TOKEN Value: eyJpdiI6InB4WXAvbXNmZ2F6eEVSTzFrNks1VEE9PSIsInZhbHVlIjoiczVWano4Zmw0VzYyMDJ3L09FUGlFSjdoM1Q4YklzM2cwWnFGMlF4MExRaDNYODBDdWhqV1kxVDQvbUE3eTBYaiIsIm1hYyI6IjliMTZiNWFmZGM3NWMyYWRkNTU3MDQ1ZTAzMDg2ZWQ1YTk5M2ZhOTFiNWQwNjkyMTEzODEyZWZlOTI4YTA1ODEifQ%3D%3D
bagis.unicefturk.org/	1969-12-31 23:59:59	Name: bagis_unicef_turk_session Value: eyJpdiI6InErU0VOMEFMMVlkN2tYbGI4UjJZeVE9PSIsInZhbHVlIjoiekNrUjFZcE1Sa1dOMmhBUmdHZjBXWUdEN21DQXBpY1NuZGoxd0VGUzFGSEF6YnZXYmtaeWJqUURrNVZIY3RGUiIsIm1hYyI6IjAxODMzM2ViNDM1OTBjMjAzNGE1ODBiODIxYjY5OWYzN2U4NDhiMTg0MWY4NTEzNjU5ZTM1Njk5ZmIyYjU2NGEifQ%3D%3D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: G75ZEv89eP4
.youtube.com/	1970-01-21 06:40:33	Name: VISITOR_INFO1_LIVE Value: mQqfT6v4LNM
.youtube.com/	1970-01-21 06:40:33	Name: VISITOR_PRIVACY_METADATA Value: CgJDSBIEGgAgXw%3D%3D
.youtube.com/	1970-01-21 06:40:33	Name: __Secure-ROLLOUT_TOKEN Value: CPSPgKv36bfW5wEQsr6c-qLqigMYsr6c-qLqigM%3D
bagis.unicefturk.org/	1970-01-21 02:22:48	Name: visitedtr Value: yes
.criteo.com/	1970-01-21 11:42:57	Name: uid Value: ac04b496-6756-4122-a723-dc54a0a2ea2c
.criteo.com/	1970-01-21 11:42:57	Name: receive-cookie-deprecation Value: 1
.bagis.unicefturk.org/	1970-01-21 11:06:57	Name: _p2s_uvi Value: 2ef868aa.3568470522546127.1736481841424
.unicefturk.org/	1970-01-21 04:30:57	Name: _gcl_au Value: 1.1.2023089454.1736481841
.unicefturk.org/	1970-01-21 11:50:45	Name: cto_bundle Value: IFtTDF93NW9idVJwM29qRDdzd2FKTVJsd05MYUhycmxIWFp2MTJMYzQlMkZRUElFOGt3N0JDRFNHbk1PSnc4WXplanV4TEVkbkhMeVFDeiUyQkpIdSUyRmhGV1JkdjM5eTNNc3ltekN0bG5zbnNvNDFCbGpKUUFiUDJGRkxmaU53STdxSU5mamhtJTJCWEZNYTVEck9ZN2QzM3BnWkRON0dWViUyQld1aHNTbmZ1eUk4cWZmNmw1WDRVJTNE
.unicefturk.org/	1970-01-21 11:57:21	Name: _ga_LJ9J0VR4PB Value: GS1.1.1736481841.1.0.1736481841.60.0.0
.unicefturk.org/	1970-01-21 11:57:21	Name: _ga Value: GA1.1.1216777525.1736481842
.casalemedia.com/	1970-01-21 11:06:57	Name: CMID Value: Z4CcMbmqPMQAACThCyJqnQAA
.casalemedia.com/	1970-01-21 04:30:57	Name: CMPS Value: 2165
.casalemedia.com/	1970-01-21 04:30:57	Name: CMPRO Value: 2165
.adnxs.com/	1970-01-21 04:30:57	Name: XANDR_PANID Value: 9AI4E-IiwpU4OFWLSmvVKQpiJpxb1wzR6w-jEFFgRF_FxE-yV_plhGcVCawYBnr3M6-R-ag90OT4-iAcaTI9s_8aBbBVDXcc9xHZa2xfvk4.
.adnxs.com/	1970-01-21 11:57:21	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 04:30:57	Name: uuid2 Value: 5742185885915938801
.unicefturk.org/	1970-01-21 04:30:57	Name: _fbp Value: fb.1.1736481841749.618084015319545215
.omnitagjs.com/	1970-01-21 03:04:33	Name: ayl_visitor Value: d5280f5adfe055c660c507ec40723813
.doubleclick.net/	1970-01-21 11:57:21	Name: IDE Value: AHWqTUlDGmAeGQomazi_uEYyBJiODYcq-pbDD8WUl7X8k29cIxmp9juOCE0VQIyYqTQ
.criteo.com/	1970-01-21 11:42:57	Name: cto_bundle Value: RahzYF8lMkJYTXF3OHJ3SE5YaDhLZ3VybHAzVktOcXlaTFpGNnBlJTJGdmtjZjk0dDRCdjdWUHphYjhDbGlMVGkyaSUyRkZXcEslMkI5YVM4JTJGa3ElMkJUZFVxRzl3RHN5QTRvZTFWSkNVZiUyRlk0N3JrdUVEaFljJTJGeTNsU0R2ZmdHdjNMSHJRUjdCS0N6R0g
exchange.mediavine.com/	1970-01-21 02:41:31	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22ecec8920-cf07-11ef-ac5f-9f9738c3486c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 02:41:31	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ecec8920-cf07-11ef-ac5f-9f9738c3486c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 02:41:31	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22ecec8920-cf07-11ef-ac5f-9f9738c3486c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 02:41:31	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ecec8920-cf07-11ef-ac5f-9f9738c3486c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 02:41:31	Name: criteo Value: %7B%22id%22%3A%22k-aDrhpMaPRq3cZsbnxP2qxzovpY-_5PR4aYHYqQ%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/	1970-01-21 04:30:57	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2In99i$zb!@wnfH1YdP.dEXlSkbUIHDq>-Vmzb=FYl(FW@V*jCwY9-U!`U)G$R61FTIisp5Ou?3!OAhinPGVP(hw9P-HC_#tzJC+hr#B
.360yield.com/	1970-01-21 04:30:57	Name: tuuid Value: 80815511-8dde-4356-8c49-0f4c10a413d8
.360yield.com/	1970-01-21 04:30:57	Name: tuuid_lu Value: 1736481841
.demdex.net/	1970-01-21 06:40:33	Name: demdex Value: 07755886827472985920972965119036030935
.360yield.com/	1970-01-21 04:30:57	Name: um Value: !38,83z-sENSbUwtFtZTQHh7WCQHt1TOMdiT.kgZr0p0eYrs1AtESuqQ5nfMm4gZyt6ZCClsMlI3,1744257841
.360yield.com/	1970-01-21 04:30:57	Name: umeh Value: !38,0,1798689841,-1
.media.net/	1970-01-21 11:06:57	Name: visitor-id Value: 3794834417934526000V10
.media.net/	1970-01-21 03:04:33	Name: data-c-ts Value: 1736481841
.media.net/	1970-01-21 03:04:33	Name: data-c Value: k-UTKxTMaPRq3cZsbnxP2qxzovpY8KOATWlfmBFA~~3
.pubmatic.com/	1970-01-21 03:04:33	Name: KRTBCOOKIE_97 Value: 3385-uid:k-0iMh_MaPRq3cZsbnxP2qxzovpY8PRTXsDmEAgA&KRTB&23037-uid:k-0iMh_MaPRq3cZsbnxP2qxzovpY8PRTXsDmEAgA&KRTB&23144-uid:k-0iMh_MaPRq3cZsbnxP2qxzovpY8PRTXsDmEAgA&KRTB&23286-uid:k-0iMh_MaPRq3cZsbnxP2qxzovpY8PRTXsDmEAgA
.pubmatic.com/	1970-01-21 03:04:33	Name: PugT Value: 1736481840
.dpm.demdex.net/	1970-01-21 06:40:33	Name: dpm Value: 07755886827472985920972965119036030935
.rubiconproject.com/	1970-01-21 11:06:57	Name: audit_p Value: 1\|GcV6K2lHvnH+pi4Tf8CE6rufTnvDl1RLmi2hDhT7vOkkumglJvU0EydbMtfUMBvxHkAd1s7AkXswHTRO1/p4iCck1N7K9KkV0dqlR5NoluSCD9zFQIvrTZ1SpQSrr0O0Oocb5O4q7bv4V7AyDgPJrYDC6bNySDW0fJz02r1TWMh16h2LKXkYaJDy+KCnXKr4N6JXMcYuiJM=
.rubiconproject.com/	1970-01-21 11:06:57	Name: khaos Value: M5Q8GCGN-1U-HQDN
.rubiconproject.com/	1970-01-21 11:06:57	Name: khaos_p Value: M5Q8GCGN-1U-HQDN
.rubiconproject.com/	1970-01-21 11:06:57	Name: audit Value: 1\|GcV6K2lHvnH+pi4Tf8CE6rufTnvDl1RLmi2hDhT7vOkkumglJvU0EydbMtfUMBvxHkAd1s7AkXswHTRO1/p4iCck1N7K9KkV0dqlR5NoluSCD9zFQIvrTZ1SpQSrr0O0Oocb5O4q7bv4V7AyDgPJrYDC6bNySDW0fJz02r1TWMh16h2LKXkYaJDy+KCnXKr4N6JXMcYuiJM=
.rubiconproject.com/	1970-01-21 04:30:57	Name: receive-cookie-deprecation Value: 1
a.twiago.com/	1970-01-21 03:04:33	Name: deuxesse_uxid Value: 805d026f4461d6cf19267ea268e5461e514c78a9c8bea5f663a6ddbda9a0ea38
.smartadserver.com/	1970-01-21 04:30:57	Name: pid Value: 4293496888853296294
.smartadserver.com/	1970-01-21 11:51:36	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 04:30:57	Name: csync Value: 79:k-29x6_MaPRq3cZsbnxP2qxzovpY97fQih7AGbGg
.teads.tv/	1970-01-21 11:05:31	Name: tt_viewer Value: f56bab3c-f15c-4d2b-a9f8-a9a0ee2613ff
.1rx.io/	1970-01-21 11:06:57	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e979d372-122c-4051-938f-b2d79c499e1d-003%22%7D
.targeting.unrulymedia.com/	1970-01-21 11:06:57	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e979d372-122c-4051-938f-b2d79c499e1d-003%22%7D
.postrelease.com/	1970-01-21 11:06:57	Name: visitor Value: 37df7889-f7ff-4d5e-9e0e-88aa02a1079c
.postrelease.com/	1970-01-21 11:06:57	Name: status Value: 0
.tremorhub.com/	1970-01-21 11:07:18	Name: tvid Value: 76ef5e05a9374342b1ccf9fb087b1f7f
.tremorhub.com/	1970-01-21 03:04:33	Name: tv_UICR Value: k-YCvawsaPRq3cZsbnxP2qxzovpY_3Jvl12Rzalg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	error	URL: https://bagis.unicefturk.org/en(Line 1159) Message: Custom state pseudo classes have been changed from ":--webkit-media-controls-play-button" to ":state(webkit-media-controls-play-button)". See more here: https://github.com/w3c/csswg-drafts/issues/4805

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
bagis.unicefturk.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cpi.unicefturk.org
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
downloads.unicef.org.uk
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
maxcdn.bootstrapcdn.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.targeting.unrulymedia.com
td.doubleclick.net
unicefturk.api.useinsider.com
visitor.omnitagjs.com
www.facebook.com
www.google.ch
www.google.com
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
104.17.25.14
104.18.11.207
104.18.26.193
13.248.245.213
141.193.213.21
141.226.228.48
157.240.252.13
157.240.252.35
157.240.253.35
162.19.138.116
172.217.16.196
172.67.143.164
178.250.1.9
18.184.206.66
185.255.84.152
198.47.127.205
2.19.216.27
2.23.240.137
2001:4860:4802:34::36
216.58.206.66
216.58.212.131
23.32.185.35
2600:1f10:4ce4:4a02:550f:72f4:d87a:7008
2606:4700:7::a29f:863d
2a00:1450:4001:806::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c0b::9b
2a02:2638:3::3
2a02:2638:3::c
3.69.214.99
3.74.196.113
34.117.157.22
34.250.141.206
34.96.73.50
35.214.136.108
37.252.171.85
44.239.49.12
46.228.174.117
52.214.247.153
54.72.205.68
69.173.144.138
70.42.32.31
85.215.5.31
91.134.110.137
0375320484e7de34e399a97e25e7dfd491119d6e0f57335b6dcc4393f35037fa
0a85068d15429ca312b29e0b654840b59dd1ce228b9cafec3a049f0eca6949a8
0c16decbba43aeddc24ec3ddca3dca8125e40486d18fc36d33687c04c0fdc9bc
11645ae97ed41c5b453c83e0a78f3d3ac4cf688dcfab54e76007dd3056d49770
147d73d9f905e8eea2673c6bae62cf6bf0f61caf81684ef265462e6395a9380b
16eb18d9c6303cdd50ac58db5b2b116c5dcc4c43c89424f268f6d13fc599fb19
21c38f7aa7fb0bbd6faafcef48d161cca404dbf4de61a847c2610da6b4b417cb
21fafbc1f33e138cac34e0ec19cb0242adff2d6973d7dd985a6289bcfa4087a4
2ac39411e14d64d428f18d1448efdae5205428704832b51fd56f8f3708e59a7b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34eea3d07ecfa69bcf4e90cf420884fd0a3a988c249df45c431da91144ac1e43
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4525b43254cf30643fe9ba7809a22100d2d6ce980df90a7f4a12ff1f75458ae1
474581c5af85d6bfb956446fd64bdabca08e8801d4ab4e99e8d3db02931e7c49
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c710989880bc8bbbf43282f1bbe2cafee19682be4d5893403bb73d7fc3be56d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50d0cdee3c86241d78ea9e0568df8a6e315f7458eaf3c856ed8dd90f0f51b1ce
5332fd32d8be28eb2531721220e8c3c561000378988be4b4d7f97568f0b3f224
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5508eac16f64b7700be0922f007b0b001053afef4b98e4eee0acaa40d1df4b70
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5f867aeaace6a7f6a16195350caa95bded32a5048c5b9a9fdb24327e74755110
6281121ee43c6500bbe657f53481752fa8bf993b335eb0417ddae01edb33e9e5
678d938d4348bbf8c8aa5299a77f3d9f652e0bc95f37fa339ed07e912200ebec
6861c77829c3876dd1eb5282a33b6c3e4e1ddd0b834404acc7890c6f37cd9080
6d5df181de5b743c3c8fe3efc9c4e550c2c4bf3f519172472724ebb58d223557
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f33ff2b59321dbbea72739164f02eed37abce3af2f9ba713343a33c822b063f
72301a4ec2cab608630c22fc1c3e30ce2390637e2eac24f41349bb2a46406e67
7b5ddeb71394a98f99d5f5ee876c96648ccdea1a341b226b6578fdf6cb0bc642
80413c4ff8dc96062fd1cbb56c2e3bfb397c89d8e6f351a5a0ab0320cb63c4ce
8278a41dd58cdbc9b6375fb298b3c3d39e5b7ddebab84013cd88c1baa0609f81
82fc58be6a5cecb686b86c83c11c8e1fbfc986e93f23edcf3202f4611724532d
83be2f6abce87bbf5c61970947091b05c0326ea68f209f7b9cc715dc12ddd58a
842788712ba690f61e6d83f456a4aef70d8e33e84426bd8e1e748a30f12169f7
89b7b1f9e62dffd381d4ce4837eaefc3299886a8d99d85a1842335b823ff173d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9140213f193f683ccee63ed57bb1e303d1e156af982fb15d4c1b03dc1eefdc60
935273e784b626850c65e77cca59e734ea371d71cddc0b40c976a336ba7580aa
970480f5a120e4cbfb0fde03ea9ed6a7ece2d8d00eabdabb4eec865e4503aeaa
9d5e162385b0b6da27284c3d8e825fefc747c70f2aeca519c5f2fd60740793c7
a02c92aca26ff75785646936160c80d829c7695278f1c6797e730d70c44cc3bd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12b93dfb8b88ff2003910fafa58e5540e1294475646a21130b826753c8bedd6
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a91c2e1981743a889929531650204119fdc4059633ef947ad47809fbf2e73cce
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab9e8e743e252dc75fff9340b96b972abdc649ac2e9e19c974934e60f5067ac9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37f7263630b4de1bfe43c6dbe6fbd978736e5da82aa2d21b2a7d2714013e0b0
b999004a230a128a38249cb4c5d530aa9522d4ad13e12b16c52f1c25b95a9c67
ba0ec2c1c75ea080576dfe2042a079abeb3c5d4b91075579a79226083284e7a7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd95e8a7f7c6225934f3f14a6cdc3876566284966667fc32f88fe141e3713da6
c91c87dbe65345edd06d25e0da594bdf877e9e106aa518762371dc899358bb98
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
daf53cfe53b612ff612002a4e8ea246d45fc4ea341b1a434106fdc1da23b402b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e31541388c63ed648c1c16302c042bd8d0305f0e44d0093d72a593a59503e26e
e37d5ab59436f0244c593c0d412dbc227bfe9c6f58e74e2184a6d10da06f564f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa
e7e4879a4ab1cf463d39797b10da465678d60ada59ad33b549c801e27c672c21
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ed5d5208ef085a01688a3f18212cb225ad8d054d0c888334adaf872b47471950
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07c42f1d9f277b467257684ecc68c184d174a2421916664af93e3488a85b4c3
f1469439e8a702d51dcce0210f08984fa4f82d22bf8363c2638fa90005844a87
f1c524c0bab6edaaeb8a283c38fe6e5fff943c2b41f6f2bbde0723434d073e15
f210d1ee9f958d2ede1d955a5a4b46275f60213c3b6fc65ec99822d3d16ce92b
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62
fdacad6dba64a09bbc98378cf92bd24787e2661788391ba808348cc5f4b23d71
fdd953c288159a1f149911720d8a19fad17dc80f1a0609948cfa1458c368899d

bagis.unicefturk.org Open in urlscan Pro 172.67.143.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

94 %HTTPS

25 %IPv6

42 Domains

49 Subdomains

49 IPs

10 Countries

1574 kBTransfer

3238 kBSize

58 Cookies

12 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bagis.unicefturk.org Open in urlscan Pro
172.67.143.164 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

94 %
HTTPS

25 %
IPv6

42
Domains

49
Subdomains

49
IPs

10
Countries

1574 kB
Transfer

3238 kB
Size

58
Cookies

109 HTTP transactions
1 data transactions