www.medyafaresi.com Open in urlscan Pro
195.142.109.125 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://medyafaresi.com/
Effective URL:
https://www.medyafaresi.com/
Submission Tags: tranco_l324
Submission: On November 14 via api (November 14th 2021, 7:35:41 am UTC) from DE — Scanned from DE

Summary HTTP 332 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 60 IPs in 9 countries across 52 domains to perform 332 HTTP transactions. The main IP is 195.142.109.125, located in Turkey and belongs to BETAINTERNATIONAL, TR. The main domain is www.medyafaresi.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on November 6th 2020. Valid for: a year.

This is the only time www.medyafaresi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	195.142.109.125 195.142.109.125	199484 (BETAINTER...) (BETAINTERNATIONAL)
13 23	2606:4700:303... 2606:4700:3030::6815:1371	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3033::6815:3603	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.186.23 13.224.186.23	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
14	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	195.142.105.24 195.142.105.24	199484 (BETAINTER...) (BETAINTERNATIONAL)
1	13.224.186.52 13.224.186.52	16509 (AMAZON-02) (AMAZON-02)
1	3.142.157.144 3.142.157.144	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
41	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
1 2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
1	3.129.250.65 3.129.250.65	16509 (AMAZON-02) (AMAZON-02)
8	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
3	18.158.22.228 18.158.22.228	16509 (AMAZON-02) (AMAZON-02)
1 4	13.225.78.39 13.225.78.39	16509 (AMAZON-02) (AMAZON-02)
3 3	18.196.241.128 18.196.241.128	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
6	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
34	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	146.20.132.165 146.20.132.165	27357 (RACKSPACE) (RACKSPACE)
15	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
9 25	146.20.128.152 146.20.128.152	27357 (RACKSPACE) (RACKSPACE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
2 2	8.2.110.134 8.2.110.134	46636 (NATCOWEB) (NATCOWEB)
2	52.51.154.99 52.51.154.99	16509 (AMAZON-02) (AMAZON-02)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 25	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	68.71.249.118 68.71.249.118	20093 (ZEROLAG) (ZEROLAG)
9	146.20.128.160 146.20.128.160	27357 (RACKSPACE) (RACKSPACE)
14	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
9 22	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4 10	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 7	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	54.175.198.118 54.175.198.118	14618 (AMAZON-AES) (AMAZON-AES)
1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.49.134.174 52.49.134.174	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3 3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8100:f976:bfd0:751d:6023	16509 (AMAZON-02) (AMAZON-02)
2 2	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
2	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
3	35.156.156.223 35.156.156.223	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	74.205.28.1 74.205.28.1	27357 (RACKSPACE) (RACKSPACE)
1	34.255.212.32 34.255.212.32	() ()
332	60

18 195.142.109.125 (Turkey) 1 redirects

ASN199484 (BETAINTERNATIONAL, TR)
PTR: 195-142-109-125.rdns.saglayici.net

medyafaresi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.medyafaresi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.bilgin.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3030::6815:1371 (United States) 13 redirects

ASN13335 (CLOUDFLARENET, US)

s.medyafaresi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.medyafaresi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::6815:3603 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.bildirt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-23.fra2.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.dimml.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.142.105.24 (Turkey)

ASN199484 (BETAINTERNATIONAL, TR)

ad-cdn.bilgin.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-52.fra2.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.142.157.144 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-157-144.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creative.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.158.22.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-22-228.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.78.39 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-39.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.241.128 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-241-128.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.20.132.165 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 146.20.128.152 (United States) 9 redirects

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.2.110.134 (United States) 2 redirects

ASN46636 (NATCOWEB, US)

cs.krushmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.154.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-154-99.eu-west-1.compute.amazonaws.com

c.deployads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.71.249.118 (United States)

ASN20093 (ZEROLAG, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 146.20.128.160 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.162 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.173.27 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.198.118 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-198-118.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.134.174 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-134-174.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

tagm.tchibo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 4 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8100:f976:bfd0:751d:6023 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.137.69.120 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.156.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-156-223.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

vidoomy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.205.28.1 (United States)

ASN27357 (RACKSPACE, US)

server-204.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.212.32 (None, )

ASN- ()

baltar.dimml.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	794 KB
47	lkqd.net 9 redirects ad.lkqd.net v.lkqd.net cs.lkqd.net t.lkqd.net creative.lkqd.net server-204.lkqd.net	2 MB
47	doubleclick.net 9 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	317 KB
44	twimg.com cdn.syndication.twimg.com pbs.twimg.com abs.twimg.com ton.twimg.com	2 MB
40	medyafaresi.com 14 redirects medyafaresi.com www.medyafaresi.com s.medyafaresi.com i.medyafaresi.com	379 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com	255 KB
14	2mdn.net s0.2mdn.net	558 KB
10	casalemedia.com 4 redirects dsum-sec.casalemedia.com	9 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	214 KB
8	google.com 1 redirects www.google.com adservice.google.com	2 KB
7	adnxs.com 4 redirects ib.adnxs.com	7 KB
6	stickyadstv.com ads.stickyadstv.com	8 KB
6	googletagservices.com www.googletagservices.com	209 KB
5	pubmatic.com 4 redirects image6.pubmatic.com vpaid.pubmatic.com	3 KB
5	openx.net 4 redirects rtb.openx.net vidoomy-d.openx.net	910 B
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
4	vidoomy.com ads.vidoomy.com a.vidoomy.com	7 KB
4	google.de www.google.de adservice.google.de	1 KB
4	dimml.io cdn.dimml.io baltar.dimml.io	9 KB
4	googleapis.com fonts.googleapis.com	4 KB
3	advertising.com ads.adaptv.advertising.com	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	bilgin.pro ad-cdn.bilgin.pro ad.bilgin.pro	70 KB
3	bildirt.com cdn2.bildirt.com	28 KB
2	adform.net adx.adform.net	1 KB
2	gemius.pl 2 redirects googlecm.hit.gemius.pl	501 B
2	innovid.com ag.innovid.com	595 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	913 B
2	bidr.io 2 redirects match.prod.bidr.io	1001 B
2	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	turn.com 2 redirects ad.turn.com	818 B
2	deployads.com c.deployads.com	573 B
2	krushmedia.com 2 redirects cs.krushmedia.com	1 KB
2	clientgear.com event.clientgear.com	267 B
2	rlcdn.com idsync.rlcdn.com	110 B
2	facebook.com 1 redirects www.facebook.com	3 KB
2	facebook.net connect.facebook.net	84 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	spotxchange.com search.spotxchange.com	1 KB
1	tchibo.de tagm.tchibo.de	1 KB
1	rfihub.com p.rfihub.com	613 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	595 B
1	udmserve.net udmserve.net
1	googleadservices.com partner.googleadservices.com	411 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	832 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	263 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	49 B
1	alexametrics.com certify.alexametrics.com	550 B
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
1	jquery.com code.jquery.com	112 KB
0	quantserve.com Failed cms.quantserve.com Failed
0	adhaven.com Failed nxd.adhaven.com Failed
332	52

	Domain	Requested by
40	pbs.twimg.com	www.medyafaresi.com
34	pagead2.googlesyndication.com	ad-cdn.bilgin.pro pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
25	tpc.googlesyndication.com	1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
22	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
18	t.lkqd.net	ad.lkqd.net
16	cs.lkqd.net	9 redirects ad.lkqd.net
16	www.medyafaresi.com	www.medyafaresi.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	s0.2mdn.net	www.medyafaresi.com s0.2mdn.net googleads.g.doubleclick.net
14	fonts.gstatic.com	fonts.googleapis.com
13	s.medyafaresi.com	13 redirects
10	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
10	i.medyafaresi.com	www.medyafaresi.com
7	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
7	ad.lkqd.net	www.medyafaresi.com ad.lkqd.net
7	platform.twitter.com	www.medyafaresi.com platform.twitter.com
6	googleads4.g.doubleclick.net	www.medyafaresi.com googleads.g.doubleclick.net
6	ads.stickyadstv.com	ad.lkqd.net
6	www.googletagservices.com	www.medyafaresi.com googleads.g.doubleclick.net
5	www.google.com	1 redirects www.medyafaresi.com tpc.googlesyndication.com googleads.g.doubleclick.net
4	image6.pubmatic.com	4 redirects
4	v.lkqd.net	ad.lkqd.net
4	sb.scorecardresearch.com	1 redirects
4	fonts.googleapis.com	www.medyafaresi.com s0.2mdn.net googleads.g.doubleclick.net
3	ads.adaptv.advertising.com	ad.lkqd.net
3	rtb.openx.net	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	x.bidswitch.net	3 redirects
3	a.vidoomy.com	www.medyafaresi.com ad.lkqd.net
3	cdn.dimml.io	www.medyafaresi.com cdn.dimml.io
3	securepubads.g.doubleclick.net	www.medyafaresi.com securepubads.g.doubleclick.net
3	cdn2.bildirt.com	www.medyafaresi.com cdn2.bildirt.com
2	vidoomy-d.openx.net	1 redirects
2	adx.adform.net	ad.lkqd.net
2	googlecm.hit.gemius.pl	2 redirects
2	ag.innovid.com	googleads.g.doubleclick.net
2	pixel.rubiconproject.com	2 redirects
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	match.prod.bidr.io	2 redirects
2	ad.turn.com	2 redirects
2	c.deployads.com	ad.lkqd.net
2	cs.krushmedia.com	2 redirects
2	event.clientgear.com	ad.lkqd.net
2	idsync.rlcdn.com	ad.lkqd.net
2	ton.twimg.com	platform.twitter.com
2	www.facebook.com	1 redirects connect.facebook.net
2	syndication.twitter.com	1 redirects platform.twitter.com
2	ad-cdn.bilgin.pro	www.medyafaresi.com
2	connect.facebook.net	www.medyafaresi.com connect.facebook.net
2	www.google-analytics.com	www.medyafaresi.com www.google-analytics.com
1	baltar.dimml.io	cdn.dimml.io
1	server-204.lkqd.net
1	creative.lkqd.net
1	vpaid.pubmatic.com	ad.lkqd.net
1	search.spotxchange.com	ad.lkqd.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	tagm.tchibo.de	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	p.rfihub.com	ad.lkqd.net
1	sync.srv.stackadapt.com	1 redirects
1	udmserve.net	ad-cdn.bilgin.pro
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	ads.vidoomy.com	ad-cdn.bilgin.pro
1	abs.twimg.com	www.medyafaresi.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.google.de	www.medyafaresi.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ad.bilgin.pro	ad-cdn.bilgin.pro
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.medyafaresi.com
1	certify.alexametrics.com	www.medyafaresi.com
1	d31qbv1cthcecs.cloudfront.net	www.medyafaresi.com
1	code.jquery.com	www.medyafaresi.com
1	medyafaresi.com	1 redirects
0	cms.quantserve.com Failed	googleads.g.doubleclick.net
0	nxd.adhaven.com Failed	ad.lkqd.net
332	80

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
m.medyafaresi.com
ad.bilgin.pro
bilgin.pro

Subject Issuer	Validity	Valid
*.medyafaresi.com AlphaSSL CA - SHA256 - G2	`2020-11-06` - `2021-12-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.dimml.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-31` - `2022-09-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.bilgin.pro AlphaSSL CA - SHA256 - G2	`2020-03-16` - `2022-05-07`	2 years	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
ad.lkqd.net R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
udmserve.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-08-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
tagm.tchibo.de GeoTrust RSA CA 2018	`2021-10-22` - `2022-10-22`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
creative.lkqd.net R3	`2021-09-27` - `2021-12-26`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://www.medyafaresi.com/
Frame ID: 7176C92A84D62461FDD7B30E283369FB
Requests: 113 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.medyafaresi.com
Frame ID: 6C8EC0EDF703269CD31741D38186A2B4
Requests: 2 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1459781251963908102/_L98yWxs?format=jpg&name=600x314
Frame ID: 3375A63478613D434292C38FEF3DD939
Requests: 48 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D223774854478948%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df11f97cac600a4%2526domain%253Dwww.medyafaresi.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.medyafaresi.com%25252Fff890732500cac%2526relation%253Dparent.parent%26container_width%3D300%26height%3D250%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmedyafaresi%26locale%3Dtr_TR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline
Frame ID: 6A906ECE984EA0BBA8756CFFE208E1DB
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 05C14CC4CD6E010012E0F82E86D32FCB
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 66A18B6A2DC6B01DCC2202C5AE2B670F
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 7A51927272D28C1AA41C13C104C5FF0F
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 409D923A88526A228F918D1B4205B7F8
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 0EB2D032A300D61EBE93CB8CB9806647
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Frame ID: 1F0A202CC64CE13E3223D03DDD2FB6E5
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: B4D1834CFE5D11B75676ECB7A181824B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&adk=1812271804&adf=3025194257&lmt=1636875338&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.medyafaresi.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338235&bpp=3&bdt=2864&idt=103&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8398726754776&frm=20&pv=2&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121
Frame ID: EBDF35CF827448FAD08641BF36561CC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=90&slotname=5971014395&adk=1685382685&adf=938103623&pi=t.ma~as.5971014395&w=728&lmt=1636875338&psa=0&format=728x90&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338253&bpp=2&bdt=2881&idt=111&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=552&ady=59&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFWrOik7MP&p=https%3A//www.medyafaresi.com&dtd=117
Frame ID: CE285CD88B4C7F3DB5E5D16A3E833B87
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=280&slotname=9121065640&adk=3883732668&adf=3485054903&pi=t.ma~as.9121065640&w=1000&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338319&bpp=3&bdt=2947&idt=56&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=300&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=eXKjUYuSPs&p=https%3A//www.medyafaresi.com&dtd=59
Frame ID: 98C0E98EEF0AB2D2F89B600FF607DD67
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=250&slotname=5991205942&adk=603426187&adf=3336293135&pi=t.ma~as.5991205942&w=300&lmt=1636875338&psa=0&format=300x250&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338386&bpp=1&bdt=3014&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C1000x280&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=DE1kwA5fBp&p=https%3A//www.medyafaresi.com&dtd=5
Frame ID: FC4A3FA368DB5E8D3391E217B56DA52A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7
Frame ID: 22E5A4829BFD663A691311643721D68E
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: AED93D930C05251B1B66676BD279EE8A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0CC17BA7E2FA6DD54499B3F6A1AD82B0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7957212740&adk=2292013630&adf=2909724171&pi=t.ma~as.7957212740&w=160&lmt=1636875338&psa=0&format=160x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338483&bpp=1&bdt=3112&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250%2C300x600&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=142&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=IBtRF9Tkmo&p=https%3A//www.medyafaresi.com&dtd=6
Frame ID: A0C57A52F6CA26ADE2B6D0CBC4A85D98
Requests: 15 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 166E20E0F8B557A69BDC547820D009BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL3EGxCGqhwY1Lq4ZjAB&v=APEucNU3ijE1WOS5MfhLKewaN_TcPiMSjwsI-EuA7zfwZFkazVsA1Kv55JbU3Th2_qdkKZkY6otvO05Av1jBUpPWVMaL3LBMnMoYUbQ9-2z-72bGNw85qVjKAOVYTK7Nzj_X3cuMxvUyth0L3uAIa7isEwAdt1osVhNI6KBzj40Yo3javpNR_sE
Frame ID: C645A67DDB241B983A31EA2A2EB4E40B
Requests: 5 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 84D22EF3C62BD747BDD5F35617FB095D
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 6C7A829660A4ADDF8FA84A621BCBE1DB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C420BAC496D2E3455507DEC43C276AD0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4173881934964850688/index.html
Frame ID: D7891A9047A86A159917398061AE9A3C
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: D1F93B3E191418B0CA15AA5627D8C976
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiR58qhATAB&v=APEucNUAZ0onc0sCqxI9v-YhMpLaH9MXcENOJRaPXoE0MHwV46yIn8haTig9euxiAGNhjViiiZc1DZ90ZT-VS1gMKjDKWKwozstBLAs8vOmB7pqcFZetYycEMbaX7Ip0dDGEzPT5Xyse1roa3Mhu14ig8r8APxqapkQq7OXX1G0vB_P8RmdmOpQ
Frame ID: EAC499BC091249254A1CBDD972DF9735
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8DF05C8DAB0E05C6A310951C384CEF2C
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/9951322/1616590441068/index.html
Frame ID: 126C6FA4203B2B3C7CD4F722C9DEDE31
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhjY-O-6ATAB&v=APEucNXM0eztOQCX-7E851TqfBj5CcqGnyjHmtSPHbr2nAV48oEY_YcPtyyiGJtEvaxn6r1LUyKmsop1fUhO95DjoeRoBlWgBsJOGzQ7AqvvVwbmhRtoDk0gcFLsLKolXMKGUgchWwDBaakepVR7747265KrdNpvzCKlXGZdS80UeEMFMOHRUS4
Frame ID: EF0D87B1A998D1678BA92CF39BB16143
Requests: 5 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 5B13577E732D5B265B8C816AFD893701
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 44FF4DF04AD4C05040279A63A6E0748C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 707694BCF3AAFE36D4A303292A895642
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Frame ID: 09890B7267B5C355D984AE610A794D55
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 39F4073A387C82FFEE6984120BE79F63
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 685E6B42EABC9292DFAE7039BEC47022
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Frame ID: 25F06791FE76373C1215CD38508A1F45
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/ad.js
Frame ID: 334B19A79E1435FB2E29C467ED699B72
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medyafaresi Haber | Son Dakika Haberleri Gündem Haberleri Reytingler

Page URL History Show full URLs

http://medyafaresi.com/ HTTP 301
https://www.medyafaresi.com/ Page URL

Page Statistics

332
Requests

83 %
HTTPS

42 %
IPv6

52
Domains

80
Subdomains

60
IPs

9
Countries

6664 kB
Transfer

11149 kB
Size

60
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/medyafaresi
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/medyafaresi
Title: Twitter

Search URL Search Domain Scan URL

URL: http://m.medyafaresi.com/
Title: Mobil

Search URL Search Domain Scan URL

URL: https://ad.bilgin.pro/out/143

Search URL Search Domain Scan URL

URL: http://bilgin.pro/
Title: Bilgin Pro

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://medyafaresi.com/ HTTP 301
https://www.medyafaresi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://s.medyafaresi.com/assets/site/cs/swiper5.3.7.min.css?v=0.036 HTTP 301
https://www.medyafaresi.com/assets/site/cs/swiper5.3.7.min.css?v=0.036

Request Chain 1

https://s.medyafaresi.com/assets/site/cs/style.css?v=0.036 HTTP 301
https://www.medyafaresi.com/assets/site/cs/style.css?v=0.036

Request Chain 2

https://s.medyafaresi.com/assets/site/cs/weather.css?v=0.036 HTTP 301
https://www.medyafaresi.com/assets/site/cs/weather.css?v=0.036

Request Chain 4

https://s.medyafaresi.com/assets/site/js/lozad.min.js?v=0.036 HTTP 301
https://www.medyafaresi.com/assets/site/js/lozad.min.js?v=0.036

Request Chain 5

https://s.medyafaresi.com/assets/site/js/jq_1.11.3.js?v=0.036 HTTP 301
https://www.medyafaresi.com/assets/site/js/jq_1.11.3.js?v=0.036

Request Chain 7

https://s.medyafaresi.com/assets/site/js/jq_touchs.js?v=0.036 HTTP 301
https://www.medyafaresi.com/assets/site/js/jq_touchs.js?v=0.036

Request Chain 8

https://s.medyafaresi.com/assets/site/js/jquery.lazyload.min.js?v=0.036 HTTP 301
https://www.medyafaresi.com/assets/site/js/jquery.lazyload.min.js?v=0.036

Request Chain 9

https://s.medyafaresi.com/assets/site/js/jquery.history.js?v=0.036 HTTP 301
https://www.medyafaresi.com/assets/site/js/jquery.history.js?v=0.036

Request Chain 10

https://s.medyafaresi.com/assets/site/js/writeCapture.js?v=0.036 HTTP 301
https://www.medyafaresi.com/assets/site/js/writeCapture.js?v=0.036

Request Chain 11

https://s.medyafaresi.com/assets/site/js/loadMoreHistory.js?v=0.036 HTTP 301
https://www.medyafaresi.com/assets/site/js/loadMoreHistory.js?v=0.036

Request Chain 12

https://s.medyafaresi.com/assets/site/js/mf.js?v=0.036 HTTP 301
https://www.medyafaresi.com/assets/site/js/mf.js?v=0.036

Request Chain 13

https://s.medyafaresi.com/assets/site/js/swiper5.3.7.min.js?v=0.036 HTTP 301
https://www.medyafaresi.com/assets/site/js/swiper5.3.7.min.js?v=0.036

Request Chain 15

https://s.medyafaresi.com/assets/site/cs/logo2015.png HTTP 301
https://www.medyafaresi.com/assets/site/cs/logo2015.png

Request Chain 91

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=223774854478948&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11f97cac600a4%26domain%3Dwww.medyafaresi.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.medyafaresi.com%252Fff890732500cac%26relation%3Dparent.parent&container_width=300&height=250&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fmedyafaresi&locale=tr_TR&sdk=joey&show_facepile=true&small_header=true&tabs=timeline HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D223774854478948%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df11f97cac600a4%2526domain%253Dwww.medyafaresi.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.medyafaresi.com%25252Fff890732500cac%2526relation%253Dparent.parent%26container_width%3D300%26height%3D250%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmedyafaresi%26locale%3Dtr_TR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline

Request Chain 121

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

Request Chain 122

https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=413098&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1636875338 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=413098&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1636875338

Request Chain 123

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=730449371.50290391922045498.7174305 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=730449371.50290391922045498.7174305 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=0906a715-5937-47b9-97b7-5eb1d66e60e3 HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=181398446&expires=5&ssp=vidoomy HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0906a715-5937-47b9-97b7-5eb1d66e60e3

Request Chain 133

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 134

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://idsync.rlcdn.com/464986.gif?partner_uid=aoS2uJISfIo

Request Chain 135

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=o9Qvxl-WyxM

Request Chain 136

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=huJjphIK-cM&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=7651628c-2ad3-4c2c-91af-361db6c0ba4a

Request Chain 137

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://c.deployads.com/cs/NXST?b=GJWg8XL6y9A

Request Chain 138

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2399048842812203411

Request Chain 139

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://idsync.rlcdn.com/464986.gif?partner_uid=M0r42hGOJa0

Request Chain 140

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=yb6rx65gR3A

Request Chain 141

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=1nDvq1LfxCk&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=df9c97e4-4d47-4a3e-9989-67020b4be795

Request Chain 142

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://c.deployads.com/cs/NXST?b=wWzfowTGL-w

Request Chain 143

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8595720455097295251

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFW7TrT4cEygVuhlE-aqZOc&google_cver=1

Request Chain 184

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZC8S5896Fuc3XioZ5OgaAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtINDhm73OxRvtJh_Uea1o&google_cver=1

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELqH9P8bieeS8l9jGNZ7cnU&google_cver=1

Request Chain 186

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4MzQ2OTU4NDEzNjMzODk4NQ%3D%3D

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtINDhm73OxRvtJh_Uea1o&google_cver=1

Request Chain 212

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZC8S5896Fuc3XioZ5OgaAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDJuTGUl5qYI8pikNNcBC0&google_cver=1

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDRolSWYJo0vyg6XS0ga7kY&google_cver=1

Request Chain 214

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4MzQ2OTU4NDEzNjMzODk4NQ%3D%3D

Request Chain 219

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=JOFBYosuRylS7l9mSSw82ah3GcQ

Request Chain 222

https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D85%2526partnerUserId%253D%2524TF_USER_ID_ENC%2524&r=if HTTP 302
https://a.tribalfusion.com/i.match?p=b30&u=1nDvq1LfxCk&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b30&u=1nDvq1LfxCk&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662303698504749

Request Chain 223

https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1 HTTP 303
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAEm4E7DIXkAACjipB65dg

Request Chain 264

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP-7vrpAEQ6AcY6AcyCEPlfr8JziOv HTTP 301
https://tpc.googlesyndication.com/simgad/6940406974179512899

Request Chain 266

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDJuTGUl5qYI8pikNNcBC0&google_cver=1

Request Chain 267

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZC8S5896Fuc3XioZ5OgaAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDJuTGUl5qYI8pikNNcBC0&google_cver=1

Request Chain 268

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMIpStULqsGFMgY2ivfXJxE&google_cver=1

Request Chain 269

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4MzQ2OTU4NDEzNjMzODk4NQ%3D%3D

Request Chain 270

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 281

https://rtb.openx.net/sync/dds?google_gid=CAESEJ6X8laWxo-yzJTyUWoYMhY&google_cver=1&google_push=AYg5qPLSzpLrbms2fShVByh2XRQJ0ctaTCCgbsvJJN9tcZVwhZLFDzaMVHV9XS13qEdKi2iOvzQz4GSzW6j9Sewj1LYy1ho8gWM HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEJ6X8laWxo-yzJTyUWoYMhY&google_cver=1&google_push=AYg5qPLSzpLrbms2fShVByh2XRQJ0ctaTCCgbsvJJN9tcZVwhZLFDzaMVHV9XS13qEdKi2iOvzQz4GSzW6j9Sewj1LYy1ho8gWM&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLSzpLrbms2fShVByh2XRQJ0ctaTCCgbsvJJN9tcZVwhZLFDzaMVHV9XS13qEdKi2iOvzQz4GSzW6j9Sewj1LYy1ho8gWM&google_hm=PpM_0T1ez7QCL78qiVeq_g==

Request Chain 282

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIt5dXDQij8SH94Jp3XGn2E&google_cver=1&google_push=AYg5qPKtbA0hbxsWFWcqYWC8uFj7mzlvE-9TRALZFJ20CrursrIOJtiTB9cWv0OkUAmmdA9w5rGyLetjdNwbNsTWf7XdPARCZA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIt5dXDQij8SH94Jp3XGn2E&google_cver=1&google_push=AYg5qPKtbA0hbxsWFWcqYWC8uFj7mzlvE-9TRALZFJ20CrursrIOJtiTB9cWv0OkUAmmdA9w5rGyLetjdNwbNsTWf7XdPARCZA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7NaCcE0ISAqZggE_Ps1Xbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKtbA0hbxsWFWcqYWC8uFj7mzlvE-9TRALZFJ20CrursrIOJtiTB9cWv0OkUAmmdA9w5rGyLetjdNwbNsTWf7XdPARCZA

Request Chain 283

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGBU4___xro5jnhNVGGnt8s&google_cver=1&google_push=AYg5qPJm0v5mbOdTmyikf33ookqHP2hrL-4-7e9m6EpqY7PMr0pvWD1aWhpZie7ZRp3Va8z5EcFfvdIQUEq6AGaFZPgJBVBqC_o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZZWEJCTEYtMy0zMzFQ&google_push=AYg5qPJm0v5mbOdTmyikf33ookqHP2hrL-4-7e9m6EpqY7PMr0pvWD1aWhpZie7ZRp3Va8z5EcFfvdIQUEq6AGaFZPgJBVBqC_o

Request Chain 284

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY

Request Chain 286

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEK3JZoIxf55uliOGev1qt-g&google_cver=1&google_push=AYg5qPJu6F_QI18PUfGNIBV3OLl0E6ZwEaRsdsKsaW_uDqgVjYS8uDCFLZAiHL63XomyLGgP1Gpm_uE128NWnGopPPPub6SLo94l HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJu6F_QI18PUfGNIBV3OLl0E6ZwEaRsdsKsaW_uDqgVjYS8uDCFLZAiHL63XomyLGgP1Gpm_uE128NWnGopPPPub6SLo94l&google_hm=

Request Chain 293

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.medyafaresi.com%2F&cb=1787478557&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C1704424290620367696489901529,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.medyafaresi.com%2F&cb=1787478557&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C1704424290620367696489901529,, HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmY4MDRjMGEtYWQxYi02NTA5LTYwNzUtYjUzYjdiZjhiZDlk

Request Chain 306

https://rtb.openx.net/sync/dds?google_gid=CAESEEtGTB1InZXBss-jJAUGGaY&google_cver=1&google_push=AYg5qPLmWlxC51NQfbOokO88s3qip8oA01cJBO04J2Cq3lSAtFJ-O0rZU-qjg7mlbHvWm6ID_UIIZ1Lkqda6PccUhR3yH4T4Vtpx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLmWlxC51NQfbOokO88s3qip8oA01cJBO04J2Cq3lSAtFJ-O0rZU-qjg7mlbHvWm6ID_UIIZ1Lkqda6PccUhR3yH4T4Vtpx&google_hm=PpM_0T1ez7QCL78qiVeq_g==

Request Chain 307

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI43kbvhIpnty5GbCUZdlSE&google_cver=1&google_push=AYg5qPINo8P9rAlPEFrQYHMsYq9aTS-JzxvuxAqN2gb83NLHnvCuEH3-iDeNg7-F9zcqK0_Xf5VE6ROLSvL5EjrLn_DMfSrmZLEA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI43kbvhIpnty5GbCUZdlSE&google_cver=1&google_push=AYg5qPINo8P9rAlPEFrQYHMsYq9aTS-JzxvuxAqN2gb83NLHnvCuEH3-iDeNg7-F9zcqK0_Xf5VE6ROLSvL5EjrLn_DMfSrmZLEA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7NaCcE0ISAqZggE_Ps1Xbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPINo8P9rAlPEFrQYHMsYq9aTS-JzxvuxAqN2gb83NLHnvCuEH3-iDeNg7-F9zcqK0_Xf5VE6ROLSvL5EjrLn_DMfSrmZLEA

Request Chain 308

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECYJlguUtRjYT2hWoR210L8&google_cver=1&google_push=AYg5qPJbXserb8x68rKJtfnE88ST1iyX5HcBZt_5pYkRxIkTLi8qg2ZIPTGDhWBO_YOxC4yBaKJKbyiPGpGG3co8zLZSUeiHRoY_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZZWEJCTUctOS01NkIz&google_push=AYg5qPJbXserb8x68rKJtfnE88ST1iyX5HcBZt_5pYkRxIkTLi8qg2ZIPTGDhWBO_YOxC4yBaKJKbyiPGpGG3co8zLZSUeiHRoY_

Request Chain 309

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU

Request Chain 311

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEL9uwiFsOlZMLJ_hqTbuKVY&google_cver=1&google_push=AYg5qPICmiyayPs6n_QpOKTNzFYLBW-ngUCBMBLkdWX2cpUzxySqBUcJe3qFKip6T3QLJ3Dcovxg97qccn0cIbh14oDBqNaUYT6F HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPICmiyayPs6n_QpOKTNzFYLBW-ngUCBMBLkdWX2cpUzxySqBUcJe3qFKip6T3QLJ3Dcovxg97qccn0cIbh14oDBqNaUYT6F&google_hm=

Request Chain 317

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.medyafaresi.com%2F&cb=1787478557&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C1704424290620367696489901529,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.medyafaresi.com%2F&cb=1787478557&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C1704424290620367696489901529,,

332 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.medyafaresi.com/
Redirect Chain

http://medyafaresi.com/
https://www.medyafaresi.com/

154 KB
21 KB

566ms
441ms

Document
text/html

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: d6ebb7138ca0b8f88676a394e7cf985631ab69fb9f7e60b17bc562d0cbec833a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sun, 14 Nov 2021 07:35:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
x-lb-cache: HIT
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sun, 14 Nov 2021 07:35:35 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.medyafaresi.com/

GET
H2

200

swiper5.3.7.min.css
www.medyafaresi.com/assets/site/cs/
Redirect Chain

https://s.medyafaresi.com/assets/site/cs/swiper5.3.7.min.css?v=0.036
https://www.medyafaresi.com/assets/site/cs/swiper5.3.7.min.css?v=0.036

13 KB
4 KB

76ms
76ms

Stylesheet
text/css

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/assets/site/cs/swiper5.3.7.min.css?v=0.036
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: a5b11cbc4a16ce02e18d18a9ee1009b115c9bb49cad4783200e49dd7c6bc07cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:35 GMT
content-encoding: gzip
last-modified: Tue, 14 Apr 2020 09:55:24 GMT
server: nginx
etag: W/"5e95888c-3560"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 14 Nov 2022 07:35:35 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1404817
x-rocket-cachestatus: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
access-control-allow-origin: *
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJurxAxyLJ1IkDxjgFBt8vyHk7Ag5uIGSJcgMvuV5iaJ9lkk0d%2B2Uh%2BTPX2MqH6pSH537tWgZGfO0t2NygIQvSrZRu%2FIsuFoki6Y6R4yzABWeLph%2FEwzZVpY8dlqIP0jqPIkpdNpBRXkAqewxDgVPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.medyafaresi.com/assets/site/cs/swiper5.3.7.min.css?v=0.036
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
cf-ray: 6ade90612e22696f-FRA
expires: Sun, 28 Nov 2021 01:21:58 GMT

GET
H2

200

style.css
www.medyafaresi.com/assets/site/cs/
Redirect Chain

https://s.medyafaresi.com/assets/site/cs/style.css?v=0.036
https://www.medyafaresi.com/assets/site/cs/style.css?v=0.036

68 KB
13 KB

64ms
63ms

Stylesheet
text/css

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/assets/site/cs/style.css?v=0.036
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: 7cb07429f86892247acef969076c9d5c2e275d5cfc0f2e0aae535b043c3f078f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:35 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 11:13:14 GMT
server: nginx
etag: W/"605dc1ca-10f41"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 14 Nov 2022 07:35:35 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209388
x-rocket-cachestatus: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
access-control-allow-origin: *
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vo%2F6owdHUWYfoJbHetVPUmMNkzJzr%2FGF0chraE5pHWvTbx2pX13SecKa%2BPVVtjS9qTe4X%2FO7mQ12iPsavta%2Bba3Aer7iS8b0C70ppV6ZJm837FTv1D%2F1jTBqOIpirXXpNWhhTV1TM67fWBJKzawCPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.medyafaresi.com/assets/site/cs/style.css?v=0.036
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
cf-ray: 6ade90612e24696f-FRA
expires: Tue, 30 Nov 2021 07:39:07 GMT

GET
H2

200

weather.css
www.medyafaresi.com/assets/site/cs/
Redirect Chain

https://s.medyafaresi.com/assets/site/cs/weather.css?v=0.036
https://www.medyafaresi.com/assets/site/cs/weather.css?v=0.036

24 KB
4 KB

134ms
134ms

Stylesheet
text/css

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/assets/site/cs/weather.css?v=0.036
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: 119bc3cd74e57ee681ef28b285b2fac8b802f36d2f40c06934d716381464fede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:35 GMT
content-encoding: gzip
last-modified: Tue, 20 Dec 2016 12:54:51 GMT
server: nginx
etag: W/"58592a1b-61fe"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 14 Nov 2022 07:35:35 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209388
x-rocket-cachestatus: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
access-control-allow-origin: *
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwkFUBZcRg2awb%2FH0Y0hhOtpHh2fduC998rWgyR3Nvjp4iZo%2BMRkp0HVvuqr14rHbZ8DF%2BhGSjxJdM1P5zjxyCMGBHjU7fNq%2FcsinboR7idIuhJBZhcVOGz8PIrhyoNq6nY7inYOnN8rbvbm3kFr6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.medyafaresi.com/assets/site/cs/weather.css?v=0.036
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
cf-ray: 6ade90612e26696f-FRA
expires: Tue, 30 Nov 2021 07:39:07 GMT

GET
H2 200 BildirtSDKfiles.js Show response
cdn2.bildirt.com/ 74 KB
24 KB 54ms
26ms Script
application/javascript 2606:4700:3033::6815:3603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.bildirt.com/BildirtSDKfiles.js
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 11aee507ab8b3c466a74a9448c5ba338d01f6e975b1416877ea538cc8a4a024c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 18:28:08 GMT
server: cloudflare
etag: W/"604a6138-12729"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2BgoG1W6D1SxBvAH9GEAXoH%2BGE8aUxvNO%2FxNmb%2FeOkpZhMd9xLVrlL9oydShcx0bC%2FCpU4cVq5NJB%2FxY0L1Z0uXMX7VlbK6Ge75XMbm70OPhgZVO0qmV3tFAzcJGQipIPFaumR%2FupvJLQwgKCaq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6ade90656cb24aaf-FRA

GET
H2

200

lozad.min.js Show response
www.medyafaresi.com/assets/site/js/
Redirect Chain

https://s.medyafaresi.com/assets/site/js/lozad.min.js?v=0.036
https://www.medyafaresi.com/assets/site/js/lozad.min.js?v=0.036

3 KB
1 KB

74ms
74ms

Script
application/javascript

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/assets/site/js/lozad.min.js?v=0.036
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: 86cb70843986570663230b7a4a54c6eac4014445ab5930635538a4fc92e56f56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:35 GMT
content-encoding: gzip
last-modified: Tue, 14 Apr 2020 09:55:32 GMT
server: nginx
etag: W/"5e958894-aa1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 14 Nov 2022 07:35:35 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1210424
x-rocket-cachestatus: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
access-control-allow-origin: *
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nxu5kItsefJFl9vso8k2fQzVBeAHYklYynnZwwvk9ajiZZtrjc%2Fe3nEfA2CoZ%2BwvO5wfWy696DmBtQMaZYmps4DwkQrDbzrS4Gn2RzXlUyJyQFJOpzdPQppIJMxn8EVGR5Af5ap5kqKzpd%2Bv7hC2Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.medyafaresi.com/assets/site/js/lozad.min.js?v=0.036
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
cf-ray: 6ade90612e28696f-FRA
expires: Tue, 30 Nov 2021 07:21:51 GMT

GET
H2

200

jq_1.11.3.js Show response
www.medyafaresi.com/assets/site/js/
Redirect Chain

https://s.medyafaresi.com/assets/site/js/jq_1.11.3.js?v=0.036
https://www.medyafaresi.com/assets/site/js/jq_1.11.3.js?v=0.036

157 KB
54 KB

73ms
72ms

Script
application/javascript

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/assets/site/js/jq_1.11.3.js?v=0.036
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: fd13a6788be83d91c42504b9cf7fa02996648ae13b8bce65f3f1c56592af312d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:35 GMT
content-encoding: gzip
last-modified: Mon, 21 Dec 2020 13:16:58 GMT
server: nginx
etag: W/"5fe0a04a-27245"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 14 Nov 2022 07:35:35 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1210424
x-rocket-cachestatus: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
access-control-allow-origin: *
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BuJC%2FdCcaVQRsHZJhkF25MhMnUbXHzvys%2FGOJG6BLFjCqEOyCDCq9GucIH2poreNVv3tYObLvzo0iP6VR73t1OQsd2lwTfmfmOwP4RWxkqp8QymBgqtfU%2FbIle2APHcZnXu0GUc0vorXaqNIQTrFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.medyafaresi.com/assets/site/js/jq_1.11.3.js?v=0.036
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
cf-ray: 6ade90612e2a696f-FRA
expires: Tue, 30 Nov 2021 07:21:51 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.11.4/ 460 KB
112 KB 35ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/jquery-ui.js?v=0.036
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:35 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2015 13:03:17 GMT
server: nginx
etag: W/"55003d15-72e44"
vary: Accept-Encoding
x-hw: 1636875335.dop241.fr8.t,1636875335.cds208.fr8.hn,1636875335.cds125.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 114093

GET
H2

200

jq_touchs.js Show response
www.medyafaresi.com/assets/site/js/
Redirect Chain

https://s.medyafaresi.com/assets/site/js/jq_touchs.js?v=0.036
https://www.medyafaresi.com/assets/site/js/jq_touchs.js?v=0.036

11 KB
4 KB

81ms
80ms

Script
application/javascript

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/assets/site/js/jq_touchs.js?v=0.036
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: f65f3aeed46b79940849fa2022f2cbdf368288de9046f2b3da075c42f9dde8f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:35 GMT
content-encoding: gzip
last-modified: Thu, 17 Sep 2015 21:47:07 GMT
server: nginx
etag: W/"55fb34db-2d38"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 14 Nov 2022 07:35:35 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1517385
x-rocket-cachestatus: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
access-control-allow-origin: *
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVHDgBRyOxn8P4sd1m%2FvfnHiOggHZ6T0e4eMLMt%2B559kLtOLvgutPwbNCebnjMBgqI%2FMbKaAPfuQ2dmPZtsm6AvVMtNqxIxKO3pOe3Gu1VEN1DaNsP%2BBsBbf28fGqnaEFAVp0aoTB1r1TEsMx0Ku0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.medyafaresi.com/assets/site/js/jq_touchs.js?v=0.036
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
cf-ray: 6ade90612e33696f-FRA
expires: Fri, 26 Nov 2021 18:05:50 GMT

GET
H2

200

jquery.lazyload.min.js Show response
www.medyafaresi.com/assets/site/js/
Redirect Chain

https://s.medyafaresi.com/assets/site/js/jquery.lazyload.min.js?v=0.036
https://www.medyafaresi.com/assets/site/js/jquery.lazyload.min.js?v=0.036

9 KB
2 KB

134ms
134ms

Script
application/javascript

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/assets/site/js/jquery.lazyload.min.js?v=0.036
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: fb739545f3414931d0729a155824d6ca1fcea16cd1f08e445f4f9a9b9a11eea6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:35 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2016 10:50:15 GMT
server: nginx
etag: W/"56dd5ce7-2361"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 14 Nov 2022 07:35:35 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1598334
x-rocket-cachestatus: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
access-control-allow-origin: *
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xma10ZIHRi50IMNRMUPPkEeHKdpeitHoAqaQAOOMGUILRer5dz8UiNgnSxVIEQLdmc4G%2FJq5XYvY8Wn0g9QeM5UZ4jY0bp5SvsMLvRVPYafC%2FYCrcI0%2Bgg5CUUZ6VC1NkKX9aS6iDkY7d9tscIRZ0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.medyafaresi.com/assets/site/js/jquery.lazyload.min.js?v=0.036
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
cf-ray: 6ade90612e32696f-FRA
expires: Thu, 25 Nov 2021 19:36:41 GMT

GET
H2

200

jquery.history.js Show response
www.medyafaresi.com/assets/site/js/
Redirect Chain

https://s.medyafaresi.com/assets/site/js/jquery.history.js?v=0.036
https://www.medyafaresi.com/assets/site/js/jquery.history.js?v=0.036

15 KB
5 KB

73ms
72ms

Script
application/javascript

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/assets/site/js/jquery.history.js?v=0.036
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: 153302ccd34df160b9a5c101e8abdfb45f802882ae11ba76b51f7a59f4071e8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:35 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2016 10:50:13 GMT
server: nginx
etag: W/"56dd5ce5-3ca3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 14 Nov 2022 07:35:35 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1404817
x-rocket-cachestatus: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
access-control-allow-origin: *
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwaPIQuu7fg330y7axqnidx%2F1hE27n95ev1gm6SRJNE7C93nPnwK4izwm6m8TDpQbq%2FfJZKM8T%2FNvE2Wut0IX9l6qpuZc5gAZtLhscFvuXI4y2gYeptc8Koru2AO6%2F72y9W3w18553TjrGFW9Ic8hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.medyafaresi.com/assets/site/js/jquery.history.js?v=0.036
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
cf-ray: 6ade90612e2e696f-FRA
expires: Sun, 28 Nov 2021 01:21:58 GMT

GET
H2

200

writeCapture.js Show response
www.medyafaresi.com/assets/site/js/
Redirect Chain

https://s.medyafaresi.com/assets/site/js/writeCapture.js?v=0.036
https://www.medyafaresi.com/assets/site/js/writeCapture.js?v=0.036

26 KB
9 KB

81ms
80ms

Script
application/javascript

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/assets/site/js/writeCapture.js?v=0.036
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: dbe2f7f2d48165e7f3be5b77acce743d26a0671c4286bbf8230ea4a90bb4488a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:35 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2016 10:50:20 GMT
server: nginx
etag: W/"56dd5cec-6668"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 14 Nov 2022 07:35:35 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1210424
x-rocket-cachestatus: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
access-control-allow-origin: *
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcJc8yR0ssp9sPaL18f77qGiSnqHK16Tdhp1EpgaVtJ2S02NjTrcZ%2FpWjAw6hi70CdKyhvP%2F%2BzZCIPai0rVNM%2BclAmpP5tCJbv2ndAH3OgmKBoXKVd1D0SXjgnYmrHrvmnDzUK9MZ5X7eeY105YTzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.medyafaresi.com/assets/site/js/writeCapture.js?v=0.036
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
cf-ray: 6ade90612e2f696f-FRA
expires: Tue, 30 Nov 2021 07:21:51 GMT

GET
H2

200

loadMoreHistory.js Show response
www.medyafaresi.com/assets/site/js/
Redirect Chain

https://s.medyafaresi.com/assets/site/js/loadMoreHistory.js?v=0.036
https://www.medyafaresi.com/assets/site/js/loadMoreHistory.js?v=0.036

6 KB
2 KB

81ms
81ms

Script
application/javascript

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/assets/site/js/loadMoreHistory.js?v=0.036
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: 2a1fd46254fb32dcd41b2abb01049b84c47f76cbf32d73f8a199c98b00509b40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:35 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2016 10:50:17 GMT
server: nginx
etag: W/"56dd5ce9-19c7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 14 Nov 2022 07:35:35 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1210424
x-rocket-cachestatus: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
access-control-allow-origin: *
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3yruUgKsmsRvmz4BVJMIkEZuWhi%2B%2BwaEKhQQFnGurHt1BBNs17BSodPStxYWQj1M6C1iEE5Bi0oN94uQfyoKbRtmwXMTEBKPlS6GHbq%2BY2lFTlTBt1CPdQhtbQMYAyCwJ8Zig7GkTYqV%2BIjkgFEzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.medyafaresi.com/assets/site/js/loadMoreHistory.js?v=0.036
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
cf-ray: 6ade90612e34696f-FRA
expires: Tue, 30 Nov 2021 07:21:51 GMT

GET
H2

200

mf.js Show response
www.medyafaresi.com/assets/site/js/
Redirect Chain

https://s.medyafaresi.com/assets/site/js/mf.js?v=0.036
https://www.medyafaresi.com/assets/site/js/mf.js?v=0.036

5 KB
2 KB

62ms
62ms

Script
application/javascript

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/assets/site/js/mf.js?v=0.036
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: ae0eab5b6808163a8f52311840b81f942e95edce1990ac60a3fe66177b51484f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:35 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2019 14:33:58 GMT
server: nginx
etag: W/"5cee9856-12a4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 14 Nov 2022 07:35:35 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 188769
x-rocket-cachestatus: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
access-control-allow-origin: *
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtiY1T5pDKyxc%2Ffk94lkqU0TsPIlYgzcNa%2F5UBGU72OCZRVvpQmwiez93rKmD77HAwjnpcKGrrexB4Ms3ioB%2FNLkCMsuDN31MZ5NFhuJ%2BXCB5FrIfjCUw9yngHKw5VNaxltW7rKuf4Gx%2FHXgZI6oLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.medyafaresi.com/assets/site/js/mf.js?v=0.036
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
cf-ray: 6ade90612e2c696f-FRA
expires: Sun, 12 Dec 2021 03:09:26 GMT

GET
H2

200

swiper5.3.7.min.js Show response
www.medyafaresi.com/assets/site/js/
Redirect Chain

https://s.medyafaresi.com/assets/site/js/swiper5.3.7.min.js?v=0.036
https://www.medyafaresi.com/assets/site/js/swiper5.3.7.min.js?v=0.036

136 KB
35 KB

82ms
81ms

Script
application/javascript

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/assets/site/js/swiper5.3.7.min.js?v=0.036
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: df64cb1101d248333fe1ecd1e259a9d85f6c47c9f106691a0cba7705bb3c9a0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:35 GMT
content-encoding: gzip
last-modified: Tue, 14 Apr 2020 09:55:34 GMT
server: nginx
etag: W/"5e958896-22123"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 14 Nov 2022 07:35:35 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1210424
x-rocket-cachestatus: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
access-control-allow-origin: *
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMG73yzmdZx3o3Mfjq7bwm3GrDW%2F2b36PwrEpoFj8mby4p23g40mHJjWBeD8b0Lqgb5tM0u75DSnGqfLvbX0tE%2FcQxqlH1fzS%2BhKrvFrNOGOWOR%2Bn4kHa2iB%2B%2F3p%2F8xhgZp3xodkRIxnKM79tme%2FFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.medyafaresi.com/assets/site/js/swiper5.3.7.min.js?v=0.036
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
cf-ray: 6ade90612e2b696f-FRA
expires: Tue, 30 Nov 2021 07:21:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 50ms
21ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

4743bde81c1c82725553cd6f972874b01c61cec6c54c85d320c05e0e5aed5177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1043 / 91 of 1000 / last-modified: 1636758328"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: clear
content-length: 26742
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Nov 2021 07:35:36 GMT

GET
H2

200

logo2015.png
www.medyafaresi.com/assets/site/cs/
Redirect Chain

https://s.medyafaresi.com/assets/site/cs/logo2015.png
https://www.medyafaresi.com/assets/site/cs/logo2015.png

9 KB
10 KB

58ms
58ms

Image
image/png

195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medyafaresi.com/assets/site/cs/logo2015.png
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: ade61d6cb05c3a21d242626ad133f21e5966f74a2f930f40a9a176a4d9005ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
last-modified: Wed, 09 Sep 2015 08:17:58 GMT
server: nginx
etag: "55efeb36-257a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9594
expires: Mon, 14 Nov 2022 07:35:36 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1210424
x-rocket-cachestatus: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
access-control-allow-origin: *
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYY5TlhTxRQ%2BDR8fydXSnI2nuqK3hTFy8ptzwvoN0oqhqsHpCAOey4yilaZnPAoskdnlexA9ICx3sL7ESmegjHYUr0egdjF%2BXlmqBhMuz1t2g4CAX1PMPlVBEgMWP8d1rk7kY9IuJfecSkABLxc9Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.medyafaresi.com/assets/site/cs/logo2015.png
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
cf-ray: 6ade90658ea5696f-FRA
expires: Tue, 30 Nov 2021 07:21:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 489ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin,latin-ext

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/assets/site/cs/style.css?v=0.036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1bf5b1b16e02956377f2b4a2dda9eea5c5a4d1488137b2be48b3abc6b354090d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 07:35:36 GMT
server: ESF
date: Sun, 14 Nov 2021 07:35:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 07:35:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 488ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700,300italic&subset=latin,latin-ext

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/assets/site/cs/style.css?v=0.036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

baa958ba0ada2db95b0047a3822df13589ef19dec86ecf7c0a9f46600b28d2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 07:16:32 GMT
server: ESF
date: Sun, 14 Nov 2021 07:35:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 07:35:36 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 57ms
8ms Script
application/javascript 13.224.186.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 17328490
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: Z7Lg_F4I6bGWHK-JLAvoZeJzC4GK6QmkXPyhaxyM8zjMg1Stk1ASpg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c20fb3853e78f1fd105254860320de5dba68c02eccade762896c91c205954a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1043 / 130 of 1000 / last-modified: 1636758378"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: clear
content-length: 26699
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Nov 2021 07:35:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 46ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5702
date: Sun, 14 Nov 2021 06:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Sun, 14 Nov 2021 08:00:34 GMT

GET
H2 200 dimml.js Show response
cdn.dimml.io/ 18 KB
7 KB 60ms
9ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dimml.io/dimml.js
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1f03edc0fddabfcb872fbeeaffb3ea6528557ac10a6bcce97170a3cccc109def

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-77-nzt: AcO1ryyfxRD/awsAAA==
x-accel-expires: @1636958813
date: Sun, 14 Nov 2021 07:35:36 GMT
content-encoding: br
etag: W/"e28000734479"
server: CDN77-Turbo
x-77-nzt-ray: 2KV8G/bXzNM=
x-77-cache: HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400
x-cache: HIT
x-age: 2923
x-77-pop: frankfurtDE
expires: Mon, 15 Nov 2021 06:46:53 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ 3 KB
2 KB 42ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e0cefa9583b44b0a5e6623ee51b7fb83ee0433a29751311f40b1f43422c4686d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yUOpJ/fUe4Aq7XpiGNVBSQ==
cross-origin-resource-policy: cross-origin
expires: Sun, 14 Nov 2021 07:46:41 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 7KyB5ZIEi3q/oBGo3Sytu47fU/BV7oPEjnh65ElmEeDyTFv3lC5rUuhimw+r3A5fUIQ4lAMvxrQn1Wv2Dnn/jg==
x-fb-trip-id: 917726464
x-fb-content-md5: 63559d66b12ceac9cc91e5051d5bfd73
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 14 Nov 2021 07:35:36 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "71b39647b1afb00987261414b9bba42c"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 s.png
www.medyafaresi.com/assets/site/cs/ 47 KB
47 KB 60ms
59ms Image
image/png 195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medyafaresi.com/assets/site/cs/s.png
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/assets/site/cs/style.css?v=0.036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: 31239ed42d0fc9bee2adbe220b5c1bb51fbde1428252885997b9e6c7c5644d85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/assets/site/cs/style.css?v=0.036
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
last-modified: Mon, 24 Jul 2017 08:56:46 GMT
server: nginx
etag: "5975b64e-bcbf"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48319
expires: Mon, 14 Nov 2022 07:35:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 50ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 150948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 13:39:48 GMT

GET
H2 200 weathericons-regular-webfont.woff2
www.medyafaresi.com/assets/site/fonts/ 44 KB
44 KB 61ms
60ms Font
application/octet-stream 195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medyafaresi.com/assets/site/fonts/weathericons-regular-webfont.woff2
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/assets/site/cs/weather.css?v=0.036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: 9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5

Request headers

Referer: https://www.medyafaresi.com/assets/site/cs/weather.css?v=0.036
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
last-modified: Tue, 20 Dec 2016 12:55:04 GMT
server: nginx
etag: "58592a28-aeb0"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 44720
expires: Mon, 14 Nov 2022 07:35:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 41ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:24:36 GMT
x-content-type-options: nosniff
age: 238260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11860
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 13:24:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 42ms
10ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 01:55:14 GMT
x-content-type-options: nosniff
age: 193222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 01:55:14 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 40ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 07:35:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (frb/67DF)
Age: 645
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29104

GET
H2 200 ad-3.0.5.min.js Show response
ad-cdn.bilgin.pro/app/ 23 KB
9 KB 114ms
25ms Script
application/javascript 195.142.105.24
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.bilgin.pro/app/ad-3.0.5.min.js
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.24 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 80ba741f6d24fc0c269092bfac6787b1cf3113bed88cfff2e84eb64b369b4797

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
content-encoding: gzip
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Tue, 14 Dec 2021 07:35:36 GMT
cache-control: max-age=2592000
x-rocket-cachestatus: HIT
last-modified: Wed, 06 Oct 2021 07:49:24 GMT
x-rocket-mastercachestatus: HIT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 02:15:42 GMT
x-content-type-options: nosniff
age: 278394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 02:15:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:46:35 GMT
x-content-type-options: nosniff
age: 190141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 02:46:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 02:40:20 GMT
x-content-type-options: nosniff
age: 276916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 02:40:20 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 16 KB
16 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700,300italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:19:17 GMT
x-content-type-options: nosniff
age: 479779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 16256
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 18:19:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 11ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:28:39 GMT
x-content-type-options: nosniff
age: 245217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11836
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 11:28:39 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuvMR6WR.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 12 KB
12 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuvMR6WR.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700,300italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f80a4400f2156c30fd477da8dc093094eedc2ef344a69555f1858139362aae12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:35:06 GMT
x-content-type-options: nosniff
age: 151230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 12412
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 13:35:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 11 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 08:16:13 GMT
x-content-type-options: nosniff
age: 256763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11768
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 08:16:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2ce8b09ebd9244a50af55a930614aef2ae1c39e96a5275a80af8523c5404ea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:44:22 GMT
x-content-type-options: nosniff
age: 150674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11784
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 13:44:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b448446e0e9bcadc01d54b55d28469282d21d55e98fab894c289192ba62b0478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 12:11:19 GMT
x-content-type-options: nosniff
age: 588257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11812
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 07 Nov 2022 12:11:19 GMT

GET
H2 200 pubads_impl_2021110901.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 16ms
16ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 118212
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 09:34:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Nov 2021 07:35:36 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 211 B
643 B 38ms
17ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.medyafaresi.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e56d028b3475445ff601399b7743758a3f1eeedaa1dc4ae2ebfb68dbcbe4c2b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 130
x-xss-protection: 0
expires: Sun, 14 Nov 2021 07:35:36 GMT

GET
H2 200 ozdilden-dolar-yazisi-hala-milletimizin-10urunu-koruyoruz-diyor_Qh7M.jpg.webp
i.medyafaresi.com/2/190/107/files/2021/11/14/974963/ 4 KB
4 KB 28ms
19ms Image
image/webp 2606:4700:3030::6815:1371
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medyafaresi.com/2/190/107/files/2021/11/14/974963/ozdilden-dolar-yazisi-hala-milletimizin-10urunu-koruyoruz-diyor_Qh7M.jpg.webp
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1371 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ebd127a26e7491069ceff93b78fac5be84a03ede16394e063aab174b6568170f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 937
x-powered-by: Express
x-rocket-cachestatus: HIT
x-proudly-served-by: Bilgin Pro
app-name: node-picasso
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
last-modified: Sun, 14 Nov 2021 07:19:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2B4LWU%2FFKbVP8yIfve2CRYiuIikAOcIt%2BtfR2jhtcjoSqx53wBkRoxVRnR7Xko61hXuW3wXzNii0kieMLukdRQdWEqAHgSw4s%2F36TnlDNX5a%2Fkt419ki338eGUjNsFx4IY6MB8PqO0kmbP3wabpeYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: HIT
cf-ray: 6ade9066c909696f-FRA
expires: Tue, 14 Dec 2021 07:19:59 GMT

GET
H2 200 kanser-ile-mucadele-eden-simale-nisanlisindan-duygusal-surpriz_eK7W.jpg.webp
i.medyafaresi.com/2/218/123/files/2021/11/14/974960/ 5 KB
6 KB 29ms
20ms Image
image/webp 2606:4700:3030::6815:1371
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medyafaresi.com/2/218/123/files/2021/11/14/974960/kanser-ile-mucadele-eden-simale-nisanlisindan-duygusal-surpriz_eK7W.jpg.webp
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1371 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9ecd429e89d6a5a4f1418c3ddc50cfc24dac377acba17bc707ca4d6eb7b169fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2408
x-powered-by: Express
x-rocket-cachestatus: HIT
x-proudly-served-by: Bilgin Pro
app-name: node-picasso
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
last-modified: Sun, 14 Nov 2021 06:55:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GewGDKXKRFgnXiwSA1Hnt7Gw95dS24i011wgovnfkHtL16QhMmWYdIrHfYYt3ec4KQcHUA3NfDciWMIWWiKFp%2BjJ1Aa6ux%2FOIZGN8DSr%2FEq9USp10CSHvKMNL3egNNVGpe5BwZlxJbQXhSwED6T%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: HIT
cf-ray: 6ade9066c906696f-FRA
expires: Tue, 14 Dec 2021 06:55:28 GMT

GET
H2 200 arka-sokaklarin-yildizi-camdaki-kiza-transfer-oluyor_8O85.jpg.webp
i.medyafaresi.com/2/218/123/files/2021/11/14/974957/ 9 KB
9 KB 28ms
19ms Image
image/webp 2606:4700:3030::6815:1371
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medyafaresi.com/2/218/123/files/2021/11/14/974957/arka-sokaklarin-yildizi-camdaki-kiza-transfer-oluyor_8O85.jpg.webp
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1371 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3cb7f6da16c490942ffb57e20c0359f1f865ba9bb7450ff6e3ea2a4099491451

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2573
x-powered-by: Express
x-rocket-cachestatus: HIT
x-proudly-served-by: Bilgin Pro
app-name: node-picasso
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: HIT
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
last-modified: Sun, 14 Nov 2021 06:52:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wz6UuVlVCrztp%2FPahaTzzY4LcqoyZfLr8aHUYK3OsDT3Hus1oqQf37VAGhoIs9ESdAWBU1iROxlTEpWAm%2Bj%2B6Zav0arcwbVLZJbMHBVklzvY5iqcw0OHwPqqMpKOB%2BbR%2B541uGearlagkTfgo%2Ffiyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
cf-ray: 6ade9066c911696f-FRA
expires: Tue, 14 Dec 2021 06:52:43 GMT

GET
H2 200 gokce-akyildiz-ekranlara-geri-donuyor-iste-yeni-projesi_xJHM.jpg.webp
i.medyafaresi.com/2/218/123/files/2021/11/14/974954/ 7 KB
8 KB 27ms
18ms Image
image/webp 2606:4700:3030::6815:1371
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medyafaresi.com/2/218/123/files/2021/11/14/974954/gokce-akyildiz-ekranlara-geri-donuyor-iste-yeni-projesi_xJHM.jpg.webp
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1371 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c8231c8359d3fb7d02308b0aa87e803ca4c63a629a30bcdf11c7e6e4e60e232b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4490
x-powered-by: Express
x-rocket-cachestatus: MISS
x-proudly-served-by: Bilgin Pro
app-name: node-picasso
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
last-modified: Sun, 14 Nov 2021 06:20:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIzZMoJMATOKGWhFkip0sik6xsF6o%2BasFFPqqrHq1xT67ZEhNOBo5MYSUQDhZfPSo5IPn2SQpa34lfegfJ7pXIw9f2TnMDLzgT9GqhINjK3vXeHMuDR2uoMxsK4xxi10ZYX0TFaXlrAx7aPnZ8udSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
cf-ray: 6ade9066c90e696f-FRA
expires: Tue, 14 Dec 2021 06:20:46 GMT

GET
H2 200 nevra-serezliden-carpici-sihirli-annem-itirafi_WTde.jpg.webp
i.medyafaresi.com/2/218/123/files/2021/11/14/974950/ 4 KB
4 KB 27ms
18ms Image
image/webp 2606:4700:3030::6815:1371
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medyafaresi.com/2/218/123/files/2021/11/14/974950/nevra-serezliden-carpici-sihirli-annem-itirafi_WTde.jpg.webp
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1371 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fd5a0a665c72fa8e8a7a2eadb0d64a23463ecd585f179a203a47d87e5ab7db80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4490
x-powered-by: Express
x-rocket-cachestatus: HIT
x-proudly-served-by: Bilgin Pro
app-name: node-picasso
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
last-modified: Sun, 14 Nov 2021 06:20:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERQbNZr13pcIgrCGSNZ6jvFS9%2FYzuwZbs%2BYgZNl5%2FqyJpUbyOrPbxVqcn4frD8%2BvzEGzYXnlx9Xma%2FvSyGRq88BJGwI9GcGo9TZzoKKlkmHgignu%2BNYnpu3PQUGOVQTup4elkVw41001daF8V0fK6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: HIT
cf-ray: 6ade9066c90b696f-FRA
expires: Tue, 14 Dec 2021 06:20:46 GMT

GET
H2 200 son-dakika-13-kasim-2021-cumartesi-reyting-sonuclari-turkiye-cebelitarik-kardeslerim_HwCm.jpg.webp
i.medyafaresi.com/2/630/354/files/2021/11/14/974962/ 34 KB
35 KB 43ms
34ms Image
image/webp 2606:4700:3030::6815:1371
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medyafaresi.com/2/630/354/files/2021/11/14/974962/son-dakika-13-kasim-2021-cumartesi-reyting-sonuclari-turkiye-cebelitarik-kardeslerim_HwCm.jpg.webp
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1371 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0b9acb05e03df0fb0a9fcebeac2103025badd7b3552c0e8ab473fa40e7a3d2a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1672
x-powered-by: Express
x-rocket-cachestatus: HIT
x-proudly-served-by: Bilgin Pro
app-name: node-picasso
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
last-modified: Sun, 14 Nov 2021 07:07:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xkog68J%2FQNdEUqlYMJ5DHeyVeSW62ZTThqC0FgZ4J0P%2Fh1o36tIwcIJKF9EYBJ2e7snsbLMZt8jHHG3sGj77A65ZxarOsJ7cHV747fYiwIpR3nQl1UYLInB0Xeh%2BXN0TTcKmg1RPm3qQPgdBP3u8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: HIT
cf-ray: 6ade9066c90d696f-FRA
expires: Tue, 14 Dec 2021 07:07:44 GMT

GET
H2 200 gazinocular-kralinin-oglu-sacit-aslandan-sedat-peker-aciklamasi_ib0Z.jpg.webp
i.medyafaresi.com/2/630/354/files/2021/11/14/974955/ 20 KB
21 KB 16ms
15ms Image
image/webp 2606:4700:3030::6815:1371
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medyafaresi.com/2/630/354/files/2021/11/14/974955/gazinocular-kralinin-oglu-sacit-aslandan-sedat-peker-aciklamasi_ib0Z.jpg.webp
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1371 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b23150e9601b33aac3b26c73c3138949f455a7892018b8f02f1db65c0d151b2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3686
x-powered-by: Express
x-rocket-cachestatus: HIT
x-proudly-served-by: Bilgin Pro
app-name: node-picasso
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
last-modified: Sun, 14 Nov 2021 06:34:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3HD%2Fjr3PaMtXOwhwIm%2B3nXdyRNoxOQl5u8lMui%2Frv0muC2flubqHZo%2BgeNJvq9yqy3CLHKdB%2FxZC7TsTLg8b19mPYKs9N%2BVTb94YCgiBHAsn00aBIQn2QcbDGsg6UBnR7zt%2BuMx3mKvU%2BTOaxWhyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: HIT
cf-ray: 6ade9066e941696f-FRA
expires: Tue, 14 Dec 2021 06:34:10 GMT

GET
H2 200 hande-sarioglunun-temel-icgudu-pozu-gundeme-oturdu_PZWc.jpg.webp
i.medyafaresi.com/2/300/169/files/2021/11/14/974956/ 15 KB
15 KB 24ms
23ms Image
image/webp 2606:4700:3030::6815:1371
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medyafaresi.com/2/300/169/files/2021/11/14/974956/hande-sarioglunun-temel-icgudu-pozu-gundeme-oturdu_PZWc.jpg.webp
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1371 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e9a316390c2702cb68576bf0fe5f109807d1bf604b1a6844c610447857186819

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2573
x-powered-by: Express
x-rocket-cachestatus: HIT
x-proudly-served-by: Bilgin Pro
app-name: node-picasso
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: HIT
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
last-modified: Sun, 14 Nov 2021 06:52:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=js1y8HJLaau%2BVEBEZE5O9Z8fYhqx0d5aks25D3d9p4plCeRSBnveF3sY30ZfXqDqREs3%2BvXhTY5Hy0baifSJE9q43QCKopvUf9Ce2GIY0gQ7mD2%2FkXkIx%2B6IozUeMWBA6aVt3XS4CSs1bMC0zg%2FgAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
cf-ray: 6ade9066e942696f-FRA
expires: Tue, 14 Dec 2021 06:52:43 GMT

GET
H2 200 kaymakamin-ise-gelmeyen-esine-tutanak-tutuldu-hastane-muduru-suruldu_2zcb.jpg.webp
i.medyafaresi.com/2/300/169/files/2021/11/14/974944/ 9 KB
9 KB 23ms
23ms Image
image/webp 2606:4700:3030::6815:1371
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medyafaresi.com/2/300/169/files/2021/11/14/974944/kaymakamin-ise-gelmeyen-esine-tutanak-tutuldu-hastane-muduru-suruldu_2zcb.jpg.webp
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1371 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 86fcac9fd8f5781c76cf8ae0a6fe3091e0c20e29eba712b6daf058e009d340c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4611
x-powered-by: Express
x-rocket-cachestatus: MISS
x-proudly-served-by: Bilgin Pro
app-name: node-picasso
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
last-modified: Sun, 14 Nov 2021 06:18:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTDvro9KAJLYhV9qmm3A96M3fFA8%2FaIyAT0ZajPlXIydtZSRYktNb7vBld7MvKFlHDfzBJ0i8BdJMqi0iXgt%2BoiY%2FurxvTO7W9G%2BjDL%2F6W0Z%2F%2FNRT19W%2FZK5EGtJrvd9Oy5QjEWlKdodmQ2kN74gVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: HIT
cf-ray: 6ade9066e944696f-FRA
expires: Tue, 14 Dec 2021 06:18:45 GMT

GET
H2 200 Config-sw.js Show response
cdn2.bildirt.com/ 7 KB
2 KB 46ms
29ms Fetch
application/json 2606:4700:3033::6815:3603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.bildirt.com/Config-sw.js?uygulamaid=3010-7861-1245-7605-9792-3
Requested by: Host: cdn2.bildirt.com
URL: https://cdn2.bildirt.com/BildirtSDKfiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33, PleskLin
Resource Hash: 83c1325448ecf38e01b01d03b21c4376b6fa5da52fd4bb6f293cd91656d59cbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33, PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64I8eTyRNllPkzbsTL5owOLWOuBoA1jee90OQ99w1A9NuN3aHaTzSBTs4PNBkr%2FAM3mc3sT3bpA12IihTAkb8ykPMP3DfYfxuz8IOqkhVCyeoHJe8eM3ussPPY3cM0Ew3p%2Bl6JbhJc2DkxJB5ect"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset: UTF-8
access-control-allow-origin: *
cf-ray: 6ade9066e8a12b7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ 285 KB
82 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=3118fc75c1102b24c701f4e9aca78440

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0d8cf1ac100ca0b86539c30271ab44fcf1cd419ffb0ec19892df7c524ebfef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.medyafaresi.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ivAZFwtQ/mBI+dSUQagLMA==
cross-origin-resource-policy: cross-origin
expires: Mon, 14 Nov 2022 07:26:42 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82898
x-fb-rlafr: 0
x-fb-debug: SI7qYy4iR+IjPiwFfs/Y0/Qwks6dExbYNI/FPJJhcFBAeaV9QOs5hxbnD2iMIDPXbcLo4ZSLObCafz2NyLRLkw==
x-fb-trip-id: 917726464
x-fb-content-md5: 61b7fd712120211c6ab3d5c36625f1dd
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 14 Nov 2021 07:35:36 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "e285139a681df698f4b7d30aca9ba07e"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 tarihi-eminonu-kahvecisi-hakkinda-taciz-skandali-sevgilileri-darp-ettiler_F2XG.jpg.webp
i.medyafaresi.com/2/190/107/files/2021/11/14/974961/ 7 KB
7 KB 16ms
15ms Image
image/webp 2606:4700:3030::6815:1371
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medyafaresi.com/2/190/107/files/2021/11/14/974961/tarihi-eminonu-kahvecisi-hakkinda-taciz-skandali-sevgilileri-darp-ettiler_F2XG.jpg.webp
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1371 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6514a4ecf9c8ba6f9d9001653807be109f5d7902e6859353b1d2e46bab18e753

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1672
x-powered-by: Express
x-rocket-cachestatus: HIT
x-proudly-served-by: Bilgin Pro
app-name: node-picasso
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-rocket-mastercachestatus: MISS
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
last-modified: Sun, 14 Nov 2021 07:07:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4GbnnQ%2F8H8p12gKCevSmLpJF0cL2sHWbvM8bMYv4JVnyf1GRSE6mJcTr8KRJiJyxkl7vwCj1dJRiLNyw4e7TMO3rtOtYuh6m3Di%2BFRe9g%2FhbFG2LfeOKFbLbR69R92lJKdMk4DolUmHoRUPWHx3lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: HIT
cf-ray: 6ade9066f960696f-FRA
expires: Tue, 14 Dec 2021 07:07:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 14ms
14ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1174173816&t=pageview&_s=1&dl=https%3A%2F%2Fwww.medyafaresi.com%2F&ul=en-us&de=UTF-8&dt=Medyafaresi%20Haber%20%7C%20Son%20Dakika%20Haberleri%20G%C3%BCndem%20Haberleri%20Reytingler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=397548658&gjid=779022584&cid=285585964.1636875336&tid=UA-386481-1&_gid=1761020891.1636875336&_r=1&_slc=1&z=1967137391

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medyafaresi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.medyafaresi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
550 B 43ms
9ms Image
image/gif 13.224.186.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Medyafaresi%20Haber%20%7C%20Son%20Dakika%20Haberleri%20G%C3%BCndem%20Haberleri%20Reytingler&time=1636875336399&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.medyafaresi.com%2F&random_number=1110168318&sess_cookie=c272abf917d1d5f7acf702a0360&sess_cookie_flag=1&user_cookie=c272abf917d1d5f7acf702a0360&user_cookie_flag=1&dynamic=true&domain=medyafaresi.com&account=cavLf1aYS5000T&jsv=20130128&user_lang=en-US
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-52.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 04:51:12 GMT
Via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 9864
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA2-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: 7xa5EdfsgN5fVFpPhXq-H981ggXzEUD38MdLRjQ1rlbNXrppw5lRGQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
49 B 333ms
104ms Image
text/plain 3.142.157.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.142.157.144 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-142-157-144.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
server: Server

GET
H2 200 d09caabdc5bba4f2724c174197296746e66bf4a9.js Show response
cdn.dimml.io/static/ 611 B
641 B 109ms
108ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dimml.io/static/d09caabdc5bba4f2724c174197296746e66bf4a9.js
Requested by: Host: cdn.dimml.io
URL: https://cdn.dimml.io/dimml.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 31b03e60af06f1e27b8b0c281e1dcb46f8aba15065a302978cb49b20dacdf414

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-77-nzt: AcO1rywOecvbggYAAA==
x-accel-expires: @1636875396
date: Sun, 14 Nov 2021 07:35:36 GMT
content-encoding: br
etag: W/"fb0db62d6cb5"
x-dimml-version: 2.2 vH8ffFv9
server: CDN77-Turbo
x-77-nzt-ray: MyjyAuOEaX4=
x-77-cache: MISS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=60
x-cache: EXPIRED
x-age: 1666
x-77-pop: frankfurtDE
expires: Sun, 14 Nov 2021 07:36:36 GMT

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame 6C8E 319 KB
103 KB 9ms
9ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.medyafaresi.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 349906
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 14 Nov 2021 07:35:36 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6725)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

POST
H2 200 load Show response
ad.bilgin.pro/ 3 KB
1 KB 1265ms
94ms XHR
text/html 195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.bilgin.pro/load
Requested by: Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.5.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: eaab639a4518c3600a6bd06b4eab51c41667870c120d1003cff1f07a24adef15

Request headers

Referer: https://www.medyafaresi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate
expires: -1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
321 B 48ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-386481-1&cid=285585964.1636875336&jid=397548658&gjid=779022584&_gid=1761020891.1636875336&_u=IEBAAEAAAAAAAC~&z=524173646

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medyafaresi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 14 Nov 2021 07:35:36 GMT
content-type: text/plain
access-control-allow-origin: https://www.medyafaresi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bell.png
cdn2.bildirt.com/images/ 1 KB
1 KB 19ms
18ms Image
image/png 2606:4700:3033::6815:3603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.bildirt.com/images/bell.png
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 23d968342a52b86e5f3bba69ab439e051c1447c1ea8655135c2e014bb8c6c887

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7107
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1155
last-modified: Mon, 03 Feb 2020 19:33:59 GMT
server: cloudflare
etag: "5e3875a7-483"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfSBZ6URVqzBnRgBYPAGlXupn7CNn6l41WZLWWR6GkWsFTbdL1X3kAjefRk2ShjYT978XrZXln5ItDCFNSjfnf5aYyZu7oA4v2DyHqUSM53%2BLVT%2FdImHL8TEWF%2B9H%2Fydc1JmfYWGq4q6Gl%2B7iKY4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ade90678fe74aaf-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
377 B 50ms
26ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-386481-1&cid=285585964.1636875336&jid=397548658&_u=IEBAAEAAAAAAAC~&z=303786822

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
377 B 42ms
19ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-386481-1&cid=285585964.1636875336&jid=397548658&_u=IEBAAEAAAAAAAC~&z=303786822

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 6C8E 232 B
450 B 140ms
118ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a8008f5f24278d71b7ac2bfa449e2adf47c8c1b1

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.medyafaresi.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time: 110
date: Sun, 14 Nov 2021 07:35:36 GMT
content-encoding: gzip
last-modified: Sun, 14 Nov 2021 07:35:37 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: dfe292b224398246b9fe99626ef60fdd7dfd04c00bdad8ed24d10f7a5d4b6625
content-length: 166

GET
H/1.1 200
OK moment~timeline.c7de492113f2eac2bb49ff9013aa2889.js Show response
platform.twitter.com/js/ 25 KB
8 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.c7de492113f2eac2bb49ff9013aa2889.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: de8383d06a56f08749ed99ad3d43911fe88072a79e9148e2d1dead390f64893f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 07:35:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:52 GMT
Server: ECS (frb/67BC)
Age: 374380
Etag: "643f975645cfdfec2ae02aad7fbc9eea+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8013

GET
H/1.1 200
OK timeline.55167c7072ca7f4363bf18820295ba93.js Show response
platform.twitter.com/js/ 20 KB
7 KB 15ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.55167c7072ca7f4363bf18820295ba93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: 888bc5618973079f4a157c8c94b0afe382e7e957306429c5880e032c83fb8e0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 07:35:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:52 GMT
Server: ECS (frb/67DF)
Age: 374378
Etag: "9539ec9d4bc5c1e5b1953004a6456c51+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6441

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 175 KB
12 KB 217ms
194ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_medyafaresi_old&dnt=false&domain=www.medyafaresi.com&lang=en&screen_name=medyafaresi&suppress_response_codes=true&t=1818750&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

83a70bd58550fd40beeeb5d0c458ee773cf80e7e23f62a404da3140f9f5eea49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 11982
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 172
last-modified: Sun, 14 Nov 2021 07:35:37 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 784dbc811fe4eb4e080b1efdb3e24a7c9a8babf41427dfbf2d15ce7eba5ffa26
timing-allow-origin: *
x-transaction: edbf9447b078f42c
expires: Sun, 14 Nov 2021 07:40:37 GMT

GET
H2 200 _L98yWxs
pbs.twimg.com/card_img/1459781251963908102/ Frame 3375 27 KB
27 KB 9ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459781251963908102/_L98yWxs?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

c28554b901acf8dbb01422fd927e722a481985057ae8a906282f7b20f11d42fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 1382
x-cache: HIT
content-length: 27558
x-response-time: 254
surrogate-key: card_img card_img/bucket/9 card_img/1459781251963908102
last-modified: Sun, 14 Nov 2021 07:10:26 GMT
server: ECS (frb/674D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5139b41bce0926f37629c29dd47b42ce36e23010f5d3624ebe76a9ee3f7bad23
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 ci48xrNj
pbs.twimg.com/card_img/1459780044201594882/ Frame 3375 40 KB
41 KB 15ms
13ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459780044201594882/ci48xrNj?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

61692bb7d725767bf9de060bd2a5b14b9bb0959ecca45bf92951c62ad91a8c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 1674
x-cache: HIT
content-length: 41342
x-response-time: 252
surrogate-key: card_img card_img/bucket/1 card_img/1459780044201594882
last-modified: Sun, 14 Nov 2021 07:05:38 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 23bf9035558d4029da01cb0cc5f215675ac1a0a2adc5a8a0c059a01d1b591d8c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 D2hm5A1a
pbs.twimg.com/card_img/1459779149342687235/ Frame 3375 46 KB
46 KB 12ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459779149342687235/D2hm5A1a?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

06eace3652f9afea272419640e801937898433df91ff18536eb434139b491eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 1887
x-cache: HIT
content-length: 47016
x-response-time: 255
surrogate-key: card_img card_img/bucket/8 card_img/1459779149342687235
last-modified: Sun, 14 Nov 2021 07:02:05 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b26349fa39afaa13998afb5742cbc2f5438a9a87bcb03fa87fd99b5f3373b9da
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f447.png
abs.twimg.com/emoji/v2/72x72/ Frame 3375 467 B
834 B 33ms
10ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f447.png

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8EA1) /

Resource Hash

99a50b833fec96a9f274d707bb567cd242ec35db35d6bc26ac391c0619304b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 11399551
x-ton-expected-size: 467
x-cache: HIT
content-length: 467
x-response-time: 15
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:34 GMT
server: ECAcc (frc/8EA1)
etag: "BjsCV7rNDg+DxmKk6QZ/eA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 099688f6151c771d8a7e16854b7ddd7a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 14 Nov 2022 07:35:37 GMT

GET
H2 200 Ng6NaXGP
pbs.twimg.com/card_img/1459766392706772993/ Frame 3375 32 KB
32 KB 17ms
15ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459766392706772993/Ng6NaXGP?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668A) /

Resource Hash

ea1e993cc53bbc39a44dc9acf970c7fb12953bef92b465ea57a63f3e24d8e354

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 4931
x-cache: HIT
content-length: 32492
x-response-time: 251
surrogate-key: card_img card_img/bucket/2 card_img/1459766392706772993
last-modified: Sun, 14 Nov 2021 06:11:23 GMT
server: ECS (frb/668A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4c34435eac4b4ad3cab6723379c271f7f97310a9167070b9f674b4c05554a094
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 AIZc-sFQ
pbs.twimg.com/card_img/1459764826889244673/ Frame 3375 54 KB
54 KB 17ms
16ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459764826889244673/AIZc-sFQ?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) /

Resource Hash

deff0d63e3a3f9b61aa5b3c3a694f78e6cbc1f4039b6bda59048fde0c91ec123

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 5289
x-cache: HIT
content-length: 55558
x-response-time: 270
surrogate-key: card_img card_img/bucket/3 card_img/1459764826889244673
last-modified: Sun, 14 Nov 2021 06:05:10 GMT
server: ECS (frb/6793)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ad58bc4ecbd2f62f080ea15f626d20f5b038e23eecae440d3565e5b53954958a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 cSj8xx7K
pbs.twimg.com/card_img/1459761633564282881/ Frame 3375 44 KB
44 KB 18ms
16ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459761633564282881/cSj8xx7K?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

ba9268b55c7f2e8858ed9549c65d870a163ad33cf18798c46586553889b28298

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 6060
x-cache: HIT
content-length: 44759
x-response-time: 258
surrogate-key: card_img card_img/bucket/5 card_img/1459761633564282881
last-modified: Sun, 14 Nov 2021 05:52:29 GMT
server: ECS (frb/673A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 686cfe3e02df17661cc71309aea9b681cabd15bb275ac903dd0ab9300b197c6e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 KEAf7Ohp
pbs.twimg.com/card_img/1459760584254238722/ Frame 3375 45 KB
45 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459760584254238722/KEAf7Ohp?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

a869f0676572793b556b235ff1e4980991a6e9565a2f2ee273e03a8eeca8feaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 6316
x-cache: HIT
content-length: 46365
x-response-time: 236
surrogate-key: card_img card_img/bucket/8 card_img/1459760584254238722
last-modified: Sun, 14 Nov 2021 05:48:18 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 396fb0b50de7a673d718ea9315c7ac4b46d897f912706ad83590f792ae0c4220
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 ILwq3G4W
pbs.twimg.com/card_img/1459759569006170112/ Frame 3375 25 KB
25 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459759569006170112/ILwq3G4W?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

58db5624404a032a11446da3a2b9e5479b33fc24a6b5166a405b1a3f2fed24a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 6552
x-cache: HIT
content-length: 25109
x-response-time: 238
surrogate-key: card_img card_img/bucket/6 card_img/1459759569006170112
last-modified: Sun, 14 Nov 2021 05:44:16 GMT
server: ECS (frb/6794)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: af6cf4ccb5050311561b0fa7397e88955deb87f8e55b8c3b9d4ff79d200f7e34
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 jousB727
pbs.twimg.com/card_img/1459757176898179073/ Frame 3375 41 KB
41 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459757176898179073/jousB727?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

001126f371d16478f769822874a232d8935246d1f927645a5fcfb65e55fdb0c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 7122
x-cache: HIT
content-length: 41481
x-response-time: 235
surrogate-key: card_img card_img/bucket/4 card_img/1459757176898179073
last-modified: Sun, 14 Nov 2021 05:34:46 GMT
server: ECS (frb/67DF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 67d5c579c940d452329b478c7b64878009d6ef98c358ba1bd0f002ebec3204e1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 bbpAOntS
pbs.twimg.com/card_img/1459756049477648384/ Frame 3375 22 KB
23 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459756049477648384/bbpAOntS?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D5) /

Resource Hash

ee5aa9ba6c00a7e79a76339fd290f052bc42a818930526d0cc520946ac0feb23

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 7393
x-cache: HIT
content-length: 22932
x-response-time: 250
surrogate-key: card_img card_img/bucket/9 card_img/1459756049477648384
last-modified: Sun, 14 Nov 2021 05:30:17 GMT
server: ECS (frb/67D5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8cd824679cf53dea63f4ec69cda136e18a4d08ef6eb94435d8eba6923eb3bb0c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 pYqjnhqw
pbs.twimg.com/card_img/1459755030781825033/ Frame 3375 37 KB
37 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459755030781825033/pYqjnhqw?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674C) /

Resource Hash

e90ad799aff183ab87a61a911c254fcc844b5e818bc64e703520c7ad7e0a7707

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 7635
x-cache: HIT
content-length: 37896
x-response-time: 251
surrogate-key: card_img card_img/bucket/4 card_img/1459755030781825033
last-modified: Sun, 14 Nov 2021 05:26:14 GMT
server: ECS (frb/674C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 37c9ab0d982d4e2ef2f2ac23809439ce08f818cc5d7d6ffa8c765eeb72741ba8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 0mRy1USS
pbs.twimg.com/card_img/1459750765786898438/ Frame 3375 28 KB
28 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459750765786898438/0mRy1USS?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

143e85c8e6d53d4331c64299b96212025b125cb6f7e636ec2511e3c204ab233d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 8651
x-cache: HIT
content-length: 28274
x-response-time: 244
surrogate-key: card_img card_img/bucket/4 card_img/1459750765786898438
last-modified: Sun, 14 Nov 2021 05:09:18 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 78f596c3fdee5399b3bbbd32e5302699e9c4efe4078c5d6bd3696748fe499e5f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 9DgINBkd
pbs.twimg.com/card_img/1459635046508285960/ Frame 3375 33 KB
33 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459635046508285960/9DgINBkd?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668D) /

Resource Hash

241408f8a0384b6340ff97aebc9e40d60cd8a7ed7c19d6cbdd84eb97f15d5d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 36238
x-cache: HIT
content-length: 33467
x-response-time: 244
surrogate-key: card_img card_img/bucket/8 card_img/1459635046508285960
last-modified: Sat, 13 Nov 2021 21:29:28 GMT
server: ECS (frb/668D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 27f28519fe2e2f333725b8992a96b0ccafd34fd237afb51a163f20c1ab266bde
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 aPqKEAtQ
pbs.twimg.com/card_img/1459634657775996930/ Frame 3375 35 KB
35 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459634657775996930/aPqKEAtQ?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

ef7699c762cfb3e90a3433171d27c2e10e5f593fb4c15fed57ebc4617cd99667

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 36340
x-cache: HIT
content-length: 35646
x-response-time: 252
surrogate-key: card_img card_img/bucket/5 card_img/1459634657775996930
last-modified: Sat, 13 Nov 2021 21:27:55 GMT
server: ECS (frb/6752)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 423dc1a44cd2f55b27a9c3a33071b485bb8e1211138000cfd2ec9294507ac4f4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 B2QE9hAY
pbs.twimg.com/card_img/1459628920341471239/ Frame 3375 38 KB
38 KB 9ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459628920341471239/B2QE9hAY?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

a7bb7603ffa6dbdf66d8f5467c0aa25e0b3a715a0ad0ea29a80eb0b526487a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 37703
x-cache: HIT
content-length: 38928
x-response-time: 239
surrogate-key: card_img card_img/bucket/8 card_img/1459628920341471239
last-modified: Sat, 13 Nov 2021 21:05:07 GMT
server: ECS (frb/67F2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 95f8f1060f34c898be5b8704acc6ea4b64d7a334d08606efc5307513f869f298
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 fwFEEdAd
pbs.twimg.com/card_img/1459628050623176707/ Frame 3375 42 KB
42 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459628050623176707/fwFEEdAd?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

c72cfb6f98bb78965a333443d926f90a7575d59ad50420f965df7566522f6d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 37899
x-cache: HIT
content-length: 43219
x-response-time: 257
surrogate-key: card_img card_img/bucket/7 card_img/1459628050623176707
last-modified: Sat, 13 Nov 2021 21:01:40 GMT
server: ECS (frb/6794)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a7fc3252ebaea33c8dd8c58b35a60d1c0dffb3c28b28ec958946a41e89f19504
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 2VGErrnD
pbs.twimg.com/card_img/1459534674414419979/ Frame 3375 30 KB
31 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459534674414419979/2VGErrnD?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) /

Resource Hash

53dc3ca16fb918ea606819192b5f5af2761b93966125b89cd664b433493633d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 60178
x-cache: HIT
content-length: 31116
x-response-time: 249
surrogate-key: card_img card_img/bucket/4 card_img/1459534674414419979
last-modified: Sat, 13 Nov 2021 14:50:37 GMT
server: ECS (frb/6762)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5c199d847dbb17ce46f75578d0a069d3b41cec49efb70dca547182ba731a9696
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 BwCWD4s6
pbs.twimg.com/card_img/1459529817137766406/ Frame 3375 31 KB
31 KB 9ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459529817137766406/BwCWD4s6?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6731) /

Resource Hash

232ca9ccc8738365bca832c1d3aff16d495ad36219be706a6c14f761f1b5ef14

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 61330
x-cache: HIT
content-length: 31833
x-response-time: 247
surrogate-key: card_img card_img/bucket/5 card_img/1459529817137766406
last-modified: Sat, 13 Nov 2021 14:31:19 GMT
server: ECS (frb/6731)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 855adcdf14895a1f41e936c54964b2b595ad6f948336ac06a21e4930e35ddc66
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 i23r2AGT
pbs.twimg.com/card_img/1459528299244363780/ Frame 3375 32 KB
32 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459528299244363780/i23r2AGT?format=jpg&name=600x314

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

91f3867a59a02ed902a278506af5e00bf5fcbdfe483237d0baa65dd894b3c345

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 61694
x-cache: HIT
content-length: 32615
x-response-time: 248
surrogate-key: card_img card_img/bucket/3 card_img/1459528299244363780
last-modified: Sat, 13 Nov 2021 14:25:17 GMT
server: ECS (frb/67BA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f63ba56f1517e0d6625e72b92aadfa7a4a4aa4b44857a2ce687136c02a0f9435
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 3375 53 KB
12 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 07:35:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:49 GMT
Server: ECS (frb/6796)
Age: 374380
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 8ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 07:35:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:49 GMT
Server: ECS (frb/6796)
Age: 374380
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 fIB5B0DY_normal.jpg
pbs.twimg.com/profile_images/1151393852097478656/ Frame 3375 2 KB
2 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1151393852097478656/fIB5B0DY_normal.jpg

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) /

Resource Hash

6a3f429dbdf93d1f0b3d03656fa99528b810ea805c842beec7a197526bbe231c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 318976
x-cache: HIT
content-length: 1807
x-response-time: 192
surrogate-key: profile_images profile_images/bucket/2 profile_images/1151393852097478656
last-modified: Wed, 17 Jul 2019 07:29:00 GMT
server: ECS (frb/6793)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: acf6e888fd0d789c7b1c41205ead602a6809ce0ea0db213e40891c1c9b3acbe4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FEIn-8nXoAE-k6H
pbs.twimg.com/media/ Frame 3375 128 KB
128 KB 10ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FEIn-8nXoAE-k6H?format=png&name=360x360

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668D) /

Resource Hash

d0e3463b450f8ca8385a4aff80ebced261ab08dd29d4601c7f8c56631c46653c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 3180
x-cache: HIT
content-length: 130995
x-response-time: 274
surrogate-key: media media/bucket/4 media/1459773191598088193
last-modified: Sun, 14 Nov 2021 06:38:24 GMT
server: ECS (frb/668D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0b90d4afd2b9447db70d04f56fad2a63544fadf5922911aaafff3b296cd9cdb4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2

200

/
www.facebook.com/login/ Frame 6A90
Redirect Chain

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=223774854478948&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11f...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D223774854478948%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

206ms
205ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D223774854478948%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df11f97cac600a4%2526domain%253Dwww.medyafaresi.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.medyafaresi.com%25252Fff890732500cac%2526relation%253Dparent.parent%26container_width%3D300%26height%3D250%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmedyafaresi%26locale%3Dtr_TR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js?hash=3118fc75c1102b24c701f4e9aca78440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: rpEsbLpHvg8eLS4AJo7J+2u9BHIHOwpvCmQ0TDI+RxP09ZjWXkp5wFXXb4seoggcOkxC+AjRlh2l9ZPl56Ot3g==
date: Sun, 14 Nov 2021 07:35:37 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D223774854478948%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df11f97cac600a4%2526domain%253Dwww.medyafaresi.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.medyafaresi.com%25252Fff890732500cac%2526relation%253Dparent.parent%26container_width%3D300%26height%3D250%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmedyafaresi%26locale%3Dtr_TR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net *.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net *.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v5.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: gemwHidgDxal8PlIiGWoZrtwNfaTBwWk3F5UYqRhSB1TN1R1/V28qzWSg2SkflUnTf7lJY5tIFrMMrvQrkWREg==
content-length: 0
date: Sun, 14 Nov 2021 07:35:37 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 3375 44 KB
7 KB 31ms
7ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242071
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 27de0f6281cdda522d073b28f423d0aa841f72af5a6b6f38956834f4fcd2987d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sun, 21 Nov 2021 07:35:37 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 31ms
8ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242071
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 27de0f6281cdda522d073b28f423d0aa841f72af5a6b6f38956834f4fcd2987d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sun, 21 Nov 2021 07:35:37 GMT

GET
DATA 200
OK truncated
/ Frame 3375 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3375 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3375 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3375 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3375 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 _L98yWxs
pbs.twimg.com/card_img/1459781251963908102/ Frame 3375 27 KB
27 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459781251963908102/_L98yWxs?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

c28554b901acf8dbb01422fd927e722a481985057ae8a906282f7b20f11d42fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 1382
x-cache: HIT
content-length: 27558
x-response-time: 254
surrogate-key: card_img card_img/bucket/9 card_img/1459781251963908102
last-modified: Sun, 14 Nov 2021 07:10:26 GMT
server: ECS (frb/674D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5139b41bce0926f37629c29dd47b42ce36e23010f5d3624ebe76a9ee3f7bad23
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 ci48xrNj
pbs.twimg.com/card_img/1459780044201594882/ Frame 3375 40 KB
41 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459780044201594882/ci48xrNj?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

61692bb7d725767bf9de060bd2a5b14b9bb0959ecca45bf92951c62ad91a8c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 1674
x-cache: HIT
content-length: 41342
x-response-time: 252
surrogate-key: card_img card_img/bucket/1 card_img/1459780044201594882
last-modified: Sun, 14 Nov 2021 07:05:38 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 23bf9035558d4029da01cb0cc5f215675ac1a0a2adc5a8a0c059a01d1b591d8c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 D2hm5A1a
pbs.twimg.com/card_img/1459779149342687235/ Frame 3375 46 KB
46 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459779149342687235/D2hm5A1a?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

06eace3652f9afea272419640e801937898433df91ff18536eb434139b491eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 1887
x-cache: HIT
content-length: 47016
x-response-time: 255
surrogate-key: card_img card_img/bucket/8 card_img/1459779149342687235
last-modified: Sun, 14 Nov 2021 07:02:05 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b26349fa39afaa13998afb5742cbc2f5438a9a87bcb03fa87fd99b5f3373b9da
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Ng6NaXGP
pbs.twimg.com/card_img/1459766392706772993/ Frame 3375 32 KB
32 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459766392706772993/Ng6NaXGP?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668A) /

Resource Hash

ea1e993cc53bbc39a44dc9acf970c7fb12953bef92b465ea57a63f3e24d8e354

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 4931
x-cache: HIT
content-length: 32492
x-response-time: 251
surrogate-key: card_img card_img/bucket/2 card_img/1459766392706772993
last-modified: Sun, 14 Nov 2021 06:11:23 GMT
server: ECS (frb/668A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4c34435eac4b4ad3cab6723379c271f7f97310a9167070b9f674b4c05554a094
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 AIZc-sFQ
pbs.twimg.com/card_img/1459764826889244673/ Frame 3375 54 KB
54 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459764826889244673/AIZc-sFQ?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) /

Resource Hash

deff0d63e3a3f9b61aa5b3c3a694f78e6cbc1f4039b6bda59048fde0c91ec123

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 5289
x-cache: HIT
content-length: 55558
x-response-time: 270
surrogate-key: card_img card_img/bucket/3 card_img/1459764826889244673
last-modified: Sun, 14 Nov 2021 06:05:10 GMT
server: ECS (frb/6793)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ad58bc4ecbd2f62f080ea15f626d20f5b038e23eecae440d3565e5b53954958a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 cSj8xx7K
pbs.twimg.com/card_img/1459761633564282881/ Frame 3375 44 KB
44 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459761633564282881/cSj8xx7K?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

ba9268b55c7f2e8858ed9549c65d870a163ad33cf18798c46586553889b28298

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 6060
x-cache: HIT
content-length: 44759
x-response-time: 258
surrogate-key: card_img card_img/bucket/5 card_img/1459761633564282881
last-modified: Sun, 14 Nov 2021 05:52:29 GMT
server: ECS (frb/673A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 686cfe3e02df17661cc71309aea9b681cabd15bb275ac903dd0ab9300b197c6e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 KEAf7Ohp
pbs.twimg.com/card_img/1459760584254238722/ Frame 3375 45 KB
46 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459760584254238722/KEAf7Ohp?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

a869f0676572793b556b235ff1e4980991a6e9565a2f2ee273e03a8eeca8feaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 6316
x-cache: HIT
content-length: 46365
x-response-time: 236
surrogate-key: card_img card_img/bucket/8 card_img/1459760584254238722
last-modified: Sun, 14 Nov 2021 05:48:18 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 396fb0b50de7a673d718ea9315c7ac4b46d897f912706ad83590f792ae0c4220
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 ILwq3G4W
pbs.twimg.com/card_img/1459759569006170112/ Frame 3375 25 KB
25 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459759569006170112/ILwq3G4W?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

58db5624404a032a11446da3a2b9e5479b33fc24a6b5166a405b1a3f2fed24a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 6552
x-cache: HIT
content-length: 25109
x-response-time: 238
surrogate-key: card_img card_img/bucket/6 card_img/1459759569006170112
last-modified: Sun, 14 Nov 2021 05:44:16 GMT
server: ECS (frb/6794)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: af6cf4ccb5050311561b0fa7397e88955deb87f8e55b8c3b9d4ff79d200f7e34
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 jousB727
pbs.twimg.com/card_img/1459757176898179073/ Frame 3375 41 KB
41 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459757176898179073/jousB727?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

001126f371d16478f769822874a232d8935246d1f927645a5fcfb65e55fdb0c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 7122
x-cache: HIT
content-length: 41481
x-response-time: 235
surrogate-key: card_img card_img/bucket/4 card_img/1459757176898179073
last-modified: Sun, 14 Nov 2021 05:34:46 GMT
server: ECS (frb/67DF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 67d5c579c940d452329b478c7b64878009d6ef98c358ba1bd0f002ebec3204e1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 bbpAOntS
pbs.twimg.com/card_img/1459756049477648384/ Frame 3375 22 KB
23 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459756049477648384/bbpAOntS?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D5) /

Resource Hash

ee5aa9ba6c00a7e79a76339fd290f052bc42a818930526d0cc520946ac0feb23

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 7393
x-cache: HIT
content-length: 22932
x-response-time: 250
surrogate-key: card_img card_img/bucket/9 card_img/1459756049477648384
last-modified: Sun, 14 Nov 2021 05:30:17 GMT
server: ECS (frb/67D5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8cd824679cf53dea63f4ec69cda136e18a4d08ef6eb94435d8eba6923eb3bb0c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 pYqjnhqw
pbs.twimg.com/card_img/1459755030781825033/ Frame 3375 37 KB
37 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459755030781825033/pYqjnhqw?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674C) /

Resource Hash

e90ad799aff183ab87a61a911c254fcc844b5e818bc64e703520c7ad7e0a7707

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 7635
x-cache: HIT
content-length: 37896
x-response-time: 251
surrogate-key: card_img card_img/bucket/4 card_img/1459755030781825033
last-modified: Sun, 14 Nov 2021 05:26:14 GMT
server: ECS (frb/674C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 37c9ab0d982d4e2ef2f2ac23809439ce08f818cc5d7d6ffa8c765eeb72741ba8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 0mRy1USS
pbs.twimg.com/card_img/1459750765786898438/ Frame 3375 28 KB
28 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459750765786898438/0mRy1USS?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

143e85c8e6d53d4331c64299b96212025b125cb6f7e636ec2511e3c204ab233d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 8651
x-cache: HIT
content-length: 28274
x-response-time: 244
surrogate-key: card_img card_img/bucket/4 card_img/1459750765786898438
last-modified: Sun, 14 Nov 2021 05:09:18 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 78f596c3fdee5399b3bbbd32e5302699e9c4efe4078c5d6bd3696748fe499e5f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 9DgINBkd
pbs.twimg.com/card_img/1459635046508285960/ Frame 3375 33 KB
33 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459635046508285960/9DgINBkd?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668D) /

Resource Hash

241408f8a0384b6340ff97aebc9e40d60cd8a7ed7c19d6cbdd84eb97f15d5d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 36238
x-cache: HIT
content-length: 33467
x-response-time: 244
surrogate-key: card_img card_img/bucket/8 card_img/1459635046508285960
last-modified: Sat, 13 Nov 2021 21:29:28 GMT
server: ECS (frb/668D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 27f28519fe2e2f333725b8992a96b0ccafd34fd237afb51a163f20c1ab266bde
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 aPqKEAtQ
pbs.twimg.com/card_img/1459634657775996930/ Frame 3375 35 KB
35 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459634657775996930/aPqKEAtQ?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

ef7699c762cfb3e90a3433171d27c2e10e5f593fb4c15fed57ebc4617cd99667

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 36340
x-cache: HIT
content-length: 35646
x-response-time: 252
surrogate-key: card_img card_img/bucket/5 card_img/1459634657775996930
last-modified: Sat, 13 Nov 2021 21:27:55 GMT
server: ECS (frb/6752)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 423dc1a44cd2f55b27a9c3a33071b485bb8e1211138000cfd2ec9294507ac4f4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 B2QE9hAY
pbs.twimg.com/card_img/1459628920341471239/ Frame 3375 38 KB
38 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459628920341471239/B2QE9hAY?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

a7bb7603ffa6dbdf66d8f5467c0aa25e0b3a715a0ad0ea29a80eb0b526487a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 37703
x-cache: HIT
content-length: 38928
x-response-time: 239
surrogate-key: card_img card_img/bucket/8 card_img/1459628920341471239
last-modified: Sat, 13 Nov 2021 21:05:07 GMT
server: ECS (frb/67F2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 95f8f1060f34c898be5b8704acc6ea4b64d7a334d08606efc5307513f869f298
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 fwFEEdAd
pbs.twimg.com/card_img/1459628050623176707/ Frame 3375 42 KB
42 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459628050623176707/fwFEEdAd?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

c72cfb6f98bb78965a333443d926f90a7575d59ad50420f965df7566522f6d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 37899
x-cache: HIT
content-length: 43219
x-response-time: 257
surrogate-key: card_img card_img/bucket/7 card_img/1459628050623176707
last-modified: Sat, 13 Nov 2021 21:01:40 GMT
server: ECS (frb/6794)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a7fc3252ebaea33c8dd8c58b35a60d1c0dffb3c28b28ec958946a41e89f19504
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 2VGErrnD
pbs.twimg.com/card_img/1459534674414419979/ Frame 3375 30 KB
31 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459534674414419979/2VGErrnD?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) /

Resource Hash

53dc3ca16fb918ea606819192b5f5af2761b93966125b89cd664b433493633d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 60178
x-cache: HIT
content-length: 31116
x-response-time: 249
surrogate-key: card_img card_img/bucket/4 card_img/1459534674414419979
last-modified: Sat, 13 Nov 2021 14:50:37 GMT
server: ECS (frb/6762)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5c199d847dbb17ce46f75578d0a069d3b41cec49efb70dca547182ba731a9696
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 BwCWD4s6
pbs.twimg.com/card_img/1459529817137766406/ Frame 3375 31 KB
31 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459529817137766406/BwCWD4s6?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6731) /

Resource Hash

232ca9ccc8738365bca832c1d3aff16d495ad36219be706a6c14f761f1b5ef14

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 61330
x-cache: HIT
content-length: 31833
x-response-time: 247
surrogate-key: card_img card_img/bucket/5 card_img/1459529817137766406
last-modified: Sat, 13 Nov 2021 14:31:19 GMT
server: ECS (frb/6731)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 855adcdf14895a1f41e936c54964b2b595ad6f948336ac06a21e4930e35ddc66
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 i23r2AGT
pbs.twimg.com/card_img/1459528299244363780/ Frame 3375 32 KB
32 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1459528299244363780/i23r2AGT?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

91f3867a59a02ed902a278506af5e00bf5fcbdfe483237d0baa65dd894b3c345

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:37 GMT
x-content-type-options: nosniff
age: 61694
x-cache: HIT
content-length: 32615
x-response-time: 248
surrogate-key: card_img card_img/bucket/3 card_img/1459528299244363780
last-modified: Sat, 13 Nov 2021 14:25:17 GMT
server: ECS (frb/67BA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f63ba56f1517e0d6625e72b92aadfa7a4a4aa4b44857a2ce687136c02a0f9435
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK medyafaresi_16960.js Show response
ads.vidoomy.com/ 5 KB
6 KB 412ms
124ms Script
application/javascript 3.129.250.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/medyafaresi_16960.js
Requested by: Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 48450713cfb9b78d5de72c4391a772d0ad31989812cf7267e39df3c8c9c12293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:38 GMT
Server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 5471

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 05C1 118 KB
35 KB 40ms
10ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1636875338.cds160.fr8.hn,1636875338.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 66A1 118 KB
35 KB 38ms
15ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1636875338.cds160.fr8.hn,1636875338.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2

200

cookie Show response
a.vidoomy.com/api/rtbserver/ Frame 7A51
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

43 B
291 B

37ms
8ms

Document
image/gif

18.158.22.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by: Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.22.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-22-228.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-type: image/gif
content-length: 43
content-encoding: none
vary: Origin

Redirect headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length: 0
date: Sun, 14 Nov 2021 07:35:38 GMT
server: AC1.1

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=413098&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va...
https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=413098&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=v...

64 B
331 B

13ms
13ms

Image
image/gif

13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=413098&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1636875338
Protocol: H2
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 7ZYf83FvlAPQHyj33XkBanRn68-Gk7CQKihY8gpk643UJnJHIiM7Vw==

Redirect headers

date: Sun, 14 Nov 2021 07:35:38 GMT
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=413098&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1636875338
content-length: 281
x-amz-cf-id: NDP-Xb73vRp7CU8TV1DwtogCpCtju3LGsUtVA5m96lgb6Ye-gLFU-Q==

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=730449371.50290391922045498.7174305
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=730449371.50290391922045498.7174305
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=0906a715-5937-47b9-97b7-5eb1d66e60e3
https://x.bidswitch.net/sync?dsp_id=74&&user_id=181398446&expires=5&ssp=vidoomy
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0906a715-5937-47b9-97b7-5eb1d66e60e3

43 B
368 B

7ms
7ms

Image
image/gif

18.158.22.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0906a715-5937-47b9-97b7-5eb1d66e60e3
Protocol: H2
Server: 18.158.22.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-22-228.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0906a715-5937-47b9-97b7-5eb1d66e60e3
Date: Sun, 14 Nov 2021 07:35:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
600 B 83ms
18ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:38 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1636875338587022-394
Expires: Sun, 14 Nov 2021 07:35:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 48ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8492265139527283

Requested by

Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2575ab58d1b5b2db5eb5ea62f385ba14546206fb9e4fe3dd93cf51aacbd4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medyafaresi.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 51355
x-xss-protection: 0
server: cafe
etag: 9984758960647962062
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 07:35:38 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 409D 5 KB
2 KB 11ms
10ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1636875338.cds160.fr8.hn,1636875338.cds288.fr8.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 05C1 2 KB
2 KB 400ms
201ms XHR
application/xml 146.20.132.165
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1144292&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.medyafaresi.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61245%2C1%2C&c5=&c6=61245&rnd=58010301&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.165 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: c784b3386c1e6626d578059c72f386af34338336d941cacadc1e0496ea50cf8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.medyafaresi.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1352

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 0EB2 5 KB
2 KB 10ms
10ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1636875338.cds160.fr8.hn,1636875338.cds288.fr8.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 66A1 180 B
359 B 274ms
91ms XHR
application/xml 146.20.132.165
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1144293&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.medyafaresi.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61245%2C1%2C&c5=&c6=61245&rnd=83374814&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.165 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.medyafaresi.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 267 KB
97 KB 54ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8492265139527283&plah=www.medyafaresi.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8492265139527283

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2d3e62be49a950029e24adea571c09bb20f4e208df3ba0e6f18ee613446f466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 98309
x-xss-protection: 0
server: cafe
etag: 13474340241825499027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 07:35:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/ Frame 1F0A 11 KB
5 KB 31ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8492265139527283

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 13 Nov 2021 08:20:20 GMT
expires: Sat, 27 Nov 2021 08:20:20 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 83718
cache-control: public, max-age=1209600
alt-svc: clear

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8492265139527283

Requested by

Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2575ab58d1b5b2db5eb5ea62f385ba14546206fb9e4fe3dd93cf51aacbd4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medyafaresi.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 51355
x-xss-protection: 0
server: cafe
etag: 9984758960647962062
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 07:35:38 GMT

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame B4D1
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

7ms
7ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BD) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.medyafaresi.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 374378
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 14 Nov 2021 07:35:38 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 18 Oct 2021 18:33:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BD)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Sun, 14 Nov 2021 07:35:38 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Sun, 14 Nov 2021 07:35:38 GMT
x-transaction: 53becb6f608a71ea
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-response-time: 140
x-connection-hash: dfe292b224398246b9fe99626ef60fdd7dfd04c00bdad8ed24d10f7a5d4b6625

GET
H2

451

464986.gif
idsync.rlcdn.com/ Frame 409D
Redirect Chain

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
https://idsync.rlcdn.com/464986.gif?partner_uid=aoS2uJISfIo

0
43 B

34ms
16ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/464986.gif?partner_uid=aoS2uJISfIo
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Sun, 14 Nov 2021 07:35:38 GMT
server: nginx
location: https://idsync.rlcdn.com/464986.gif?partner_uid=aoS2uJISfIo
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

lkqd
event.clientgear.com/cookie/ Frame 409D
Redirect Chain

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=o9Qvxl-WyxM

0
133 B

305ms
96ms

Image
text/plain

47.252.78.131
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=o9Qvxl-WyxM
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
content-length: 0

Redirect headers

date: Sun, 14 Nov 2021 07:35:38 GMT
server: nginx
location: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=o9Qvxl-WyxM
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 409D
Redirect Chain

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=huJjphIK-cM&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=7651628c-2ad3-4c2c-91af-361db6c0ba4a

43 B
403 B

90ms
89ms

Image
image/gif

146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=7651628c-2ad3-4c2c-91af-361db6c0ba4a
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=7651628c-2ad3-4c2c-91af-361db6c0ba4a
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

NXST
c.deployads.com/cs/ Frame 409D
Redirect Chain

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
https://c.deployads.com/cs/NXST?b=GJWg8XL6y9A

43 B
287 B

113ms
32ms

Image
image/gif

52.51.154.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.deployads.com/cs/NXST?b=GJWg8XL6y9A
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 52.51.154.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-154-99.eu-west-1.compute.amazonaws.com
Software: SortableCactus/1.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
cache-control: no-cache
server: SortableCactus/1.0
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:38 GMT
server: nginx
location: https://c.deployads.com/cs/NXST?b=GJWg8XL6y9A
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 409D
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2399048842812203411

43 B
527 B

198ms
99ms

Image
image/gif

146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2399048842812203411
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2399048842812203411
pragma: no-cache
date: Sun, 14 Nov 2021 07:35:38 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

451

464986.gif
idsync.rlcdn.com/ Frame 0EB2
Redirect Chain

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
https://idsync.rlcdn.com/464986.gif?partner_uid=M0r42hGOJa0

0
67 B

25ms
15ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/464986.gif?partner_uid=M0r42hGOJa0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Sun, 14 Nov 2021 07:35:38 GMT
server: nginx
location: https://idsync.rlcdn.com/464986.gif?partner_uid=M0r42hGOJa0
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

lkqd
event.clientgear.com/cookie/ Frame 0EB2
Redirect Chain

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=yb6rx65gR3A

0
134 B

307ms
96ms

Image
text/plain

47.252.78.131
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=yb6rx65gR3A
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
content-length: 0

Redirect headers

date: Sun, 14 Nov 2021 07:35:38 GMT
server: nginx
location: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=yb6rx65gR3A
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 0EB2
Redirect Chain

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=1nDvq1LfxCk&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=df9c97e4-4d47-4a3e-9989-67020b4be795

43 B
404 B

90ms
90ms

Image
image/gif

146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=df9c97e4-4d47-4a3e-9989-67020b4be795
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=df9c97e4-4d47-4a3e-9989-67020b4be795
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

NXST
c.deployads.com/cs/ Frame 0EB2
Redirect Chain

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
https://c.deployads.com/cs/NXST?b=wWzfowTGL-w

43 B
286 B

111ms
32ms

Image
image/gif

52.51.154.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.deployads.com/cs/NXST?b=wWzfowTGL-w
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 52.51.154.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-154-99.eu-west-1.compute.amazonaws.com
Software: SortableCactus/1.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
cache-control: no-cache
server: SortableCactus/1.0
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:38 GMT
server: nginx
location: https://c.deployads.com/cs/NXST?b=wWzfowTGL-w
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 0EB2
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8595720455097295251

43 B
527 B

198ms
99ms

Image
image/gif

146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8595720455097295251
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8595720455097295251
pragma: no-cache
date: Sun, 14 Nov 2021 07:35:38 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8492265139527283

Requested by

Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2575ab58d1b5b2db5eb5ea62f385ba14546206fb9e4fe3dd93cf51aacbd4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medyafaresi.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 51355
x-xss-protection: 0
server: cafe
etag: 9984758960647962062
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 07:35:38 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
411 B 17ms
17ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.medyafaresi.com&callback=_gfp_s_&client=ca-pub-8492265139527283

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8492265139527283&plah=www.medyafaresi.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

eaca97e848af650beae8772603fb3fe0ee241d433bd75588b2f6ca8364846dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: clear
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
425 B 53ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.medyafaresi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
425 B 39ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.medyafaresi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
122 B 40ms
39ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.medyafaresi.com%2F&tn=DIV&id=BildirtModal&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
57 B 40ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.medyafaresi.com%2F&tn=DIV&id=BildirtModal&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EBDF 0
190 B 47ms
47ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&adk=1812271804&adf=3025194257&lmt=1636875338&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.medyafaresi.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338235&bpp=3&bdt=2864&idt=103&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8398726754776&frm=20&pv=2&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 14 Nov 2021 07:35:38 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 07:35:38 GMT
cache-control: private

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 22ms
21ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b08261757171f2563764079a0d852faad00b5adf6c19ee7951fd4d472a3913e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 9182
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE28 74 KB
32 KB 192ms
192ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=90&slotname=5971014395&adk=1685382685&adf=938103623&pi=t.ma~as.5971014395&w=728&lmt=1636875338&psa=0&format=728x90&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338253&bpp=2&bdt=2881&idt=111&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=552&ady=59&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFWrOik7MP&p=https%3A//www.medyafaresi.com&dtd=117

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d11112838d624e97a51b3ff7c1df543a31392bf8db67959c2c7c9fc2096ccfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 14 Nov 2021 07:35:38 GMT
server: cafe
content-length: 32365
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 07:35:38 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98C0 100 KB
33 KB 521ms
520ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=280&slotname=9121065640&adk=3883732668&adf=3485054903&pi=t.ma~as.9121065640&w=1000&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338319&bpp=3&bdt=2947&idt=56&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=300&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=eXKjUYuSPs&p=https%3A//www.medyafaresi.com&dtd=59

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8233e0d283695afa1067e672c037d9e0a05680e96e4f399025876034e182f4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 14 Nov 2021 07:35:39 GMT
server: cafe
content-length: 33294
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 07:35:39 GMT
cache-control: private

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8492265139527283

Requested by

Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2575ab58d1b5b2db5eb5ea62f385ba14546206fb9e4fe3dd93cf51aacbd4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medyafaresi.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 51355
x-xss-protection: 0
server: cafe
etag: 9984758960647962062
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 07:35:38 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC4A 73 KB
28 KB 390ms
390ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=250&slotname=5991205942&adk=603426187&adf=3336293135&pi=t.ma~as.5991205942&w=300&lmt=1636875338&psa=0&format=300x250&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338386&bpp=1&bdt=3014&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C1000x280&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=DE1kwA5fBp&p=https%3A//www.medyafaresi.com&dtd=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75d39eef66d178c7b8929eb5631f5211891f771c0bd27a4df61c0f3f3a5311cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 14 Nov 2021 07:35:39 GMT
server: cafe
content-length: 28924
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 07:35:39 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: clear
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 14 Nov 2021 07:35:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8492265139527283

Requested by

Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2575ab58d1b5b2db5eb5ea62f385ba14546206fb9e4fe3dd93cf51aacbd4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medyafaresi.com/
Origin: https://www.medyafaresi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 51355
x-xss-protection: 0
server: cafe
etag: 9984758960647962062
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 07:35:38 GMT

GET
H2 200 143_HUot.jpg
ad-cdn.bilgin.pro/files/2016/1/23/143/ 60 KB
61 KB 45ms
44ms Image
image/jpeg 195.142.105.24
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-cdn.bilgin.pro/files/2016/1/23/143/143_HUot.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.24 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: ca91853bf2984ca4929f38616380181795cb7827ba2964df42c3b26687ae9b79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:38 GMT
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-cachestatus: HIT
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Tue, 14 Dec 2021 07:35:38 GMT
cache-control: max-age=2592000
last-modified: Fri, 23 Mar 2018 15:16:41 GMT
accept-ranges: bytes
content-length: 61634
x-rocket-mastercachestatus: HIT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
166 B 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.medyafaresi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 16ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.medyafaresi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 22E5 59 KB
29 KB 434ms
433ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

295990e231e33657507f3a317fc108d38fd5568c8c3b27b9a12c4d73434da08f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 14 Nov 2021 07:35:39 GMT
server: cafe
content-length: 29770
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 07:35:39 GMT
cache-control: private

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame AED9 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 13 Nov 2021 22:07:26 GMT
expires: Sun, 13 Nov 2022 22:07:26 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 34092
alt-svc: clear

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0CC1 783 B
974 B 17ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b55c49121b721670b072687b97fab27d222162431b93c8eec6ce76ca4a8b45e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+HE8ZKP4nfwhJJPYh8MWaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 14 Nov 2021 07:35:38 GMT
date: Sun, 14 Nov 2021 07:35:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+HE8ZKP4nfwhJJPYh8MWaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: clear

GET
H/1.1 412
Precondition Failed img.fetch
udmserve.net/udm/ 0
0 636ms
158ms Script
application/x-javascript 68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=14449;tid=1;dt=6;
Requested by: Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 07:35:39 GMT
Connection: Keep-Alive
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length: 1
Content-Type: application/x-javascript

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
166 B 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.medyafaresi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 16ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.medyafaresi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A0C5 15 KB
9 KB 195ms
194ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7957212740&adk=2292013630&adf=2909724171&pi=t.ma~as.7957212740&w=160&lmt=1636875338&psa=0&format=160x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338483&bpp=1&bdt=3112&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250%2C300x600&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=142&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=IBtRF9Tkmo&p=https%3A//www.medyafaresi.com&dtd=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c436513af1dafe924c5b7ab1a90a1b0448f2be9b5a71ff65e82b6f76c96b704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 14 Nov 2021 07:35:39 GMT
server: cafe
content-length: 9157
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 07:35:39 GMT
cache-control: private

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 283ms
90ms Preflight
text/plain 146.20.128.160
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.medyafaresi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 14 Nov 2021 07:35:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.medyafaresi.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 166E 0
168 B 92ms
91ms XHR
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.medyafaresi.com
date: Sun, 14 Nov 2021 07:35:39 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0CC1 0
0 60ms
59ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211109&jk=4068225407922905&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame AED9 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 06:25:17 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE28 42 B
111 B 42ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BNA4hcvLJtvnfV4r2vTPFx14LzzT5i1EGrErH8JDiaacmyI3PU6jN3-R1jdEaDlbAITP4gJxoytHkSJtJI7a0Ra18vQztG96oLmtgQFnWtUpoFdSQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=90&slotname=5971014395&adk=1685382685&adf=938103623&pi=t.ma~as.5971014395&w=728&lmt=1636875338&psa=0&format=728x90&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338253&bpp=2&bdt=2881&idt=111&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=552&ady=59&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFWrOik7MP&p=https%3A//www.medyafaresi.com&dtd=117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C645 624 B
587 B 19ms
18ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL3EGxCGqhwY1Lq4ZjAB&v=APEucNU3ijE1WOS5MfhLKewaN_TcPiMSjwsI-EuA7zfwZFkazVsA1Kv55JbU3Th2_qdkKZkY6otvO05Av1jBUpPWVMaL3LBMnMoYUbQ9-2z-72bGNw85qVjKAOVYTK7Nzj_X3cuMxvUyth0L3uAIa7isEwAdt1osVhNI6KBzj40Yo3javpNR_sE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=90&slotname=5971014395&adk=1685382685&adf=938103623&pi=t.ma~as.5971014395&w=728&lmt=1636875338&psa=0&format=728x90&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338253&bpp=2&bdt=2881&idt=111&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=552&ady=59&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFWrOik7MP&p=https%3A//www.medyafaresi.com&dtd=117

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 14 Nov 2021 07:35:39 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame CE28 2 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:13:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE28 119 KB
37 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame CE28 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:23:25 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame CE28 106 KB
37 KB 55ms
12ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 12:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67266
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 12:54:33 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame CE28 6 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:17:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame CE28 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:14:12 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 154ms
90ms Preflight
text/plain 146.20.128.160
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.medyafaresi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 14 Nov 2021 07:35:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.medyafaresi.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 84D2 0
168 B 91ms
91ms XHR
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.medyafaresi.com
date: Sun, 14 Nov 2021 07:35:39 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 6C7A 230 KB
61 KB 16ms
16ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1636875339.cds160.fr8.hn,1636875339.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C645
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFW7TrT4cEygVuhlE-aqZOc&google_cver=1

43 B
1014 B

27ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFW7TrT4cEygVuhlE-aqZOc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL3EGxCGqhwY1Lq4ZjAB&v=APEucNU3ijE1WOS5MfhLKewaN_TcPiMSjwsI-EuA7zfwZFkazVsA1Kv55JbU3Th2_qdkKZkY6otvO05Av1jBUpPWVMaL3LBMnMoYUbQ9-2z-72bGNw85qVjKAOVYTK7Nzj_X3cuMxvUyth0L3uAIa7isEwAdt1osVhNI6KBzj40Yo3javpNR_sE
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Nov 2021 07:35:39 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFW7TrT4cEygVuhlE-aqZOc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C645
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZC8S5896Fuc3XioZ5OgaAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtINDhm73OxRvtJh_Uea1o&google_cver=1

43 B
894 B

15ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtINDhm73OxRvtJh_Uea1o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL3EGxCGqhwY1Lq4ZjAB&v=APEucNU3ijE1WOS5MfhLKewaN_TcPiMSjwsI-EuA7zfwZFkazVsA1Kv55JbU3Th2_qdkKZkY6otvO05Av1jBUpPWVMaL3LBMnMoYUbQ9-2z-72bGNw85qVjKAOVYTK7Nzj_X3cuMxvUyth0L3uAIa7isEwAdt1osVhNI6KBzj40Yo3javpNR_sE
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Nov 2021 07:35:39 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtINDhm73OxRvtJh_Uea1o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C645
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELqH9P8bieeS8l9jGNZ7cnU&google_cver=1

43 B
1006 B

180ms
166ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELqH9P8bieeS8l9jGNZ7cnU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL3EGxCGqhwY1Lq4ZjAB&v=APEucNU3ijE1WOS5MfhLKewaN_TcPiMSjwsI-EuA7zfwZFkazVsA1Kv55JbU3Th2_qdkKZkY6otvO05Av1jBUpPWVMaL3LBMnMoYUbQ9-2z-72bGNw85qVjKAOVYTK7Nzj_X3cuMxvUyth0L3uAIa7isEwAdt1osVhNI6KBzj40Yo3javpNR_sE

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7a560535-e60d-4579-8e7b-5045fdf71c88
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELqH9P8bieeS8l9jGNZ7cnU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C645
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4MzQ2OTU4NDEzNjMzODk4NQ%3D%3D

170 B
244 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4MzQ2OTU4NDEzNjMzODk4NQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7a5a93e2-a0bf-4bd5-840b-abba5e3586d1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4MzQ2OTU4NDEzNjMzODk4NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CE28 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184668
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 12 Nov 2022 04:17:51 GMT

GET
DATA 200
OK truncated
/ Frame CE28 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 450f29f0a3a557f1236cee1d644401af1ee0138d247c4d521813f203651de050

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C420 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 321485
alt-svc: clear

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/4173881934964850688/ Frame D789 65 KB
18 KB 30ms
8ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4173881934964850688/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc4a6f94ef60d217d41f440b35753db8a1af821246bf762c2aac722ded27903

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Tue, 09 Nov 2021 11:34:40 GMT
expires: Wed, 09 Nov 2022 11:34:40 GMT
last-modified: Tue, 17 Dec 2019 13:41:40 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 17610
age: 417659
cache-control: public, max-age=31536000
alt-svc: clear

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CE28 0
447 B 89ms
50ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWfPpMujWMp4HIz0TJrzsbCp21qJuhBFRzVP6y9_B-o0zJof40qedLdulw-X1OHpE_Rnx-CCtz0YlAGSPUVJeLsyJzmuABdpA0D8BgTHCLlbPtktS_zuY2bgRTJAUAYdPnKRiFQy1UfQOhNnE1ltt0qci3ZnSdxiQuGKuZODTK6lOkNrPDYCpLLh4pEPodsebeyytNZqojCWVomwGMTOv_Ax0L3MSVkBO7i3nlXjflv3u19S1d8wgzuAlQYZKYRgs3-nwtqnbCo_F_KdvTXRYXHJKga1fU2-BXilUKKnJZrwSkzcSkL6PiH1oGfYY1TuqfvlyRfjNnG-5vdC2GHIQBNkw4cqbrBVGwsVBeOg6BkQWOBy5fIxUuuqsCphfgMJH2pRgnsy-_Un-l9-cVGbsk1BC7vweOnVBPfsKl38ZQcAw4vznkZ5gMasH6Z54DQuCzIvfCz2ZC_89Qz4066zOhVRRdGAHGMSs3dnHfjrCwvb848MoPLZ0QSykeYBdfTYCplxDfNGXb3Z2ZZt7DIBqQDDVmGr1W2S9Gr6Zk5tOiVz6QDirpTvWwt67juYpj0Hr0ot0G43xQt78x0KGUVGGdTGfql_A8L9-WyP6h1CQymU9FM9pl-Dwx2tHJVNSvvxhOhlVro1Ayh4Urqp6-6WxdiXf4ZinqMjp8ouX3OKKfPGGOaG9KJD-6mgxGKxzS3WJGO6RA1qwii1FqIVSQsdP0D4uwvQUyI06QEiAMDTbiw47JRGboePlTAdRUQm5qaASaBwlXZSebE-aPJuT0GHN7ZpfCISsSfu1NnOBeSesFshvAT2dfpM206Vpdk0KsrLjZRAx8JWBViO-upRWbufq34bRvkdQ0GqxU3VEJk9y17LYT6whqWp2UAx5Bzs3zygc1Qkgf7eu4N2m0zPP8auc2hTW3BPfnn_oXFVc28n6Ba61D7WHF01FI0PJZiX35weszTXaaKaV-MbwONhfwK3MpO61r1for4CdzG1gCpY_YE2fR0eLjF7nlmDINdQou2tv0fkhUcltUR7B2zT6UH99Y7iigIq2J9TdugAAZS1vfBF9H6OO5OlDnFEoI3ZDsHgfH_Nel7iVPm-Pj1hQ6q2beyAKMMkSxH0RlDR2x16pWUQ&sai=AMfl-YS0E8Dje5CnCGCy2EkLNGPzkYWnSwEJ8yxQSiOXYrZWeMHiQzv2rvKMU8dYwaDAi5GuvanVKeAHH1v-Bgo9kQtlbjXT0km_cZthY8sk9-rkktbSKByI_ErzrzdRMxGUHGcCFepRDDi2djvDsRbdPGoO3hFe5dUHwrEH54YYxgCSc4nQbkwyKv0&sig=Cg0ArKJSzFwcc5udAM-WEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=149&cbvp=1&cstd=146&cisv=r20211109.43352&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 14 Nov 2021 07:35:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame D1F9 5 KB
2 KB 11ms
10ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1636875339.cds160.fr8.hn,1636875339.cds288.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 6C7A 141 KB
8 KB 250ms
249ms XHR
application/json 146.20.132.165
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1144292&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.medyafaresi.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61245%2C1%2C&c5=&c6=61245&rnd=58010301&m=&rtv=1&thost=www.medyafaresi.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.165 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a8bb1da09d58df1429287f31a38e567482dbe69b0699e93ed3c205f6d553ca75

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.medyafaresi.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 7814

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 275ms
90ms Preflight 146.20.132.165
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1144292&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.medyafaresi.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C61245%2C1%2C&c5=&c6=61245&rnd=58010301&m=&rtv=1&thost=www.medyafaresi.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.165 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.medyafaresi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 14 Nov 2021 07:35:39 GMT
content-length: 0
access-control-allow-origin: https://www.medyafaresi.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A0C5 42 B
108 B 40ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C8LjA6TJ3NWuKG_lXlLnh0s8BFx1QXqbFPQ4z0Tro7TL-AIrJxmgAjMikVh78OJX-ccHPz2ZCuNi1pOeLvvPQ5zQKURIEnkUsC-n5Xs_AGeCSgvYE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7957212740&adk=2292013630&adf=2909724171&pi=t.ma~as.7957212740&w=160&lmt=1636875338&psa=0&format=160x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338483&bpp=1&bdt=3112&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250%2C300x600&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=142&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=IBtRF9Tkmo&p=https%3A//www.medyafaresi.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame A0C5 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:13:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A0C5 119 KB
36 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame A0C5 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:23:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A0C5 0
0 15ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT99nJQi4ZHbnBP8XUdYNjYfHk9iGkExgMuSWa8Uo_nJVEoeVERdI_LTbB56Ng1IsE0ARF1Bxyzr5zYy14yArlonoL1CA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7957212740&adk=2292013630&adf=2909724171&pi=t.ma~as.7957212740&w=160&lmt=1636875338&psa=0&format=160x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338483&bpp=1&bdt=3112&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250%2C300x600&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=142&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=IBtRF9Tkmo&p=https%3A//www.medyafaresi.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EAC4 624 B
423 B 18ms
18ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiR58qhATAB&v=APEucNUAZ0onc0sCqxI9v-YhMpLaH9MXcENOJRaPXoE0MHwV46yIn8haTig9euxiAGNhjViiiZc1DZ90ZT-VS1gMKjDKWKwozstBLAs8vOmB7pqcFZetYycEMbaX7Ip0dDGEzPT5Xyse1roa3Mhu14ig8r8APxqapkQq7OXX1G0vB_P8RmdmOpQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7957212740&adk=2292013630&adf=2909724171&pi=t.ma~as.7957212740&w=160&lmt=1636875338&psa=0&format=160x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338483&bpp=1&bdt=3112&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250%2C300x600&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=142&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=IBtRF9Tkmo&p=https%3A//www.medyafaresi.com&dtd=6

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 14 Nov 2021 07:35:39 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A0C5 71 KB
30 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_zzpBdSqBiS7lvwPXYmrRAaAh0DtUBLCdqEhzlzxzJyQkfTXmzgFNYkfKgSyvh7DcIDtg9COjOnLCg2AenXj3E9gXzVrfUY1b5yh_sh-Dcil-0WG8LmqjC5bMh5oaYiR36JJEJLfphGEbleFSbHUwH0LIng&dbm_d=AKAmf-DItYPnTpO4z5Lyb8xBuEnNJx1NFh-NCfmp1hW7uij7JJ20hUMISD80lbvjEDUd2J4CRnkwbYcLWKPJCcSnhfVDXp8voUN_FRCsqE-oSpjsPCx0JHIj3jz1M_GzQqdE8lEFvDaUpun74v97LvfipaB5yd8OwP9B146ger7wedzmrUIQ5PeiirZvnDOo3xfslTfjcsMCN8qdOeDediEgr-ZYLUViOhBL-76-BmZObcklfQi5ylJk0fgAks6F-hZVGCkWg94h9b8DnWr893csQMz3ZHD-HltTH6wxd2jmxnaRcpQcoIQWvpsVJwJ0BEKcY5aJMy3aTyzunmxDYnkxMhGZLxzLBLy_VCInrJHcLBMy2mz84wt6rCmhpTn7PXoaogLTcegbDBxonzuRXwmvdhtAQUb5qGx1rdMJWsvuIM7MK3zw11UjK66KsvW9xveDWhWW5Toqaz3cTZQvSs4tT8qRXdJota-zBUVDW_qO7RgYAVXlpkfb84RX1ytYVPc09hTG-sAgtFR3snWYYIxFZV_y-VSeqZMoJ91W_jcRfqszT5UGYXqFK8VSo4xlw_hLYVUOyHk-Wdq6giulrYv6KqdRMIGV2UwTTpuHDyeHLGsmbGKmkrbEylMeHJFuipRa3WiwWaAfKOxltTiW0nwfFLJ8i2i-5bWSw1x1q9INjc8xdRe7eyI9ZR_h2fVIeLdamIN9Vmt56cYYOwoBFZntonAhH4nu4dMJE9LKbTaBVJ526ar0AVaRrvNdVB6maV9uUbKkDOgF-aP7R0RgUEWNEW_0DFcfwEaAzHTqr4gbRxhAsxkHD5MlelHdJtsEZwqNfiJyD4ckFpJENYCDV3f81lzJXHjKv1h9zYlryXlzflhh1Ktg_SkKyW0pv1iMnMoVCN7BiVJJF0fjaWD2nzbJf6VLWeoFxoBFIKP4utCqdTeEK5jW9v1bvb3hBz9lf5jWaxhxNLA84fwASd6QmY_IbXUa3XmRJ7fnwQ-u0LhZWvyn1LxZaT1z5tt560hI7zPkrLYFesJPOPwVXx3POFbzNPaL-jrcPfz4Gad4jnGOvELTo4RSKtSQsJ0Xw0T5gPawjuQgeNFdTLQrss8nPUyQHbx0o6qHmv6iFPODqBGW2LlBgofZPUt8qbGUjEvxkcldbzXvaPKCuHsdYMYFREmVyeDUwykCqMVKhnsO8NVVN4IfmqrHW1qu7-0cwJRM7eFV43hppuaqKUHSeruVD6gWAlvcKjFPcCbxQjpGxZqIqHx9jq097WR4IdBQ9OlCC7aBH05Rr7_dnXw7pABb2tgPH9gYeBepvtfWdgsM7ZiWKO32slN7-R_iJsnNyoh46ecvNC0wZyoL2V8mNMHxrrHqKj7ErIevzBQH6C2AM90-Ylm8lue3Y7cD1LG_1qpAg7WNZ-vMLkydfkCSN_geyM2OXAIx_my4FMAg6bGN0cP-QOcck1vdshUPzcLvsV9qWsmAHIRWTBgAt-hIZ433E6fR20fXHSA9ZEZXMcl_9p8u_inbQvxdPoeefvFzOWkDnp3Im4hPE3RUsrxtjJYMKb39yGvZPZZLZsdYSMmo--giVKdq60uLm5N1iFlT71PRgtTI-E2CEp-5_Eg6R4YjMstaTXgkjP0jNwMRJ-ykyMb2rNuv4ZeFi16LNnoOI-Uww_WtCuXBY-ubziJdQ4LRT_MLgesLfi-i2pqy8v8ZNgXfUWVM_zTMCoioFG_y7EWSzQDNUgxqwWStnkdkB029lhJ_I040N97uuzWs8FZL-wYNBltRtf4HCM6n8gDO1KHdVA2iDiI3vktxcPnGaZkgiBGiolanHk6Dd0Y2xonscugVFPK4c4sla75tL2LrzdQBiUME_1CTUeP72TK3neR16aBMq_txwW1LedlOb0Fn7uM64QZxz6FwkCzNwBiDgDQ2gYJxEOpkTJDXtoBBg-3BwuHPBCtm64Ea375vcb3reCIdLvMQYz33-TZpBC63bsvxMNqiawQJSebBPnVa3s5i0Sk-roFF5ocsslvdeOyQQQLst0-L3x8K4sK9lSunBvhg-1w3nRnY4drXI59IYXKg8jntJu7H9KToDxHlYVtP0ltDyxX05IJSPDgkO4hXMrnkaByIejDTyYSyPkJ3kEeKJFdwjjV0qVoNUEnFXQjAJcqAyrNgu7fVvnYAF8mp8iZXHlleRgSAdn3IQCLSL1iup0fahzm5MnC2M0cQmWdo5ftayf-MIiGI84_frTHtzFjJVrBWZYDhbaLLH6_OmG0_pIFfwVIZ5rtEv3IaD1srtXwkxn7jBWH0s9jBBQ1YU00BkSqpcl8H_DCvFbKYwEZj_4KPRDrZEh9TIsY_am1WbHnnR937o9P61zlbFZEm9KmE1avZm_KobH5HO2SSG-GQ-RnvuHjAEEmoFTi9PfkHgMaJkwTe8kUVbhaIxcYvDIu1sgfO-NsBLnRHlE0GK122DivLnY4kdGW74vjDHqLuvWABnCX2PZa2UmSyyXvPz0hHVWvRSlDEOafur6_ikdK3yXapabxegBogi00TbyPG0nS60l_dBp1xkS1KSSh7uG-VFpkKos736G1P8DDzUq2pPRF7hRnSjeu13fqNRbzYQAgYB-evuYQ5pWyDTTI0RHRrb5jiOQKRBknKfWlZWH9xcONoNBNGYVaW-YCbe90U5itHe0SI7N5OZVjhxmCeqqZH_4ZGOoP_hbuXfGZ9t16vjNIbLAnmXyPLCWjosJ7_jp4PxkjPtPQISod7YLjZnPBppXOZeQqpWL8DhyIbj-Bp7VFQgnyt_yA6VHf7XRisSKegtHkUkQQX8HMYqbsQVr-yUSHFgEne4S59EYk1raDNgA81WN-qymC-w36FRT5PQXPPHixZRr2vmcXbq0U3nb6rxuu3pzL716fpxd-4K4o9aA0ZcXNvRMZKr-0KdTMczZWFy13xYINjEECS6MJ8ouivV5rmn3tUcdljXrMgPknpLX5aNrDgiyxpGQ&cid=CAASEuRoGfVKwcTTdSeyerdQVGUCsQ&rfl=1%2Chttps%253A%252F%252Fwww.medyafaresi.com%252F%240

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82c72cf358f528e5df13354505c9c0f5625d3a265cf300093f6826bcb602a49f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7957212740&adk=2292013630&adf=2909724171&pi=t.ma~as.7957212740&w=160&lmt=1636875338&psa=0&format=160x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338483&bpp=1&bdt=3112&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250%2C300x600&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=142&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=IBtRF9Tkmo&p=https%3A//www.medyafaresi.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 30809
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D789 3 KB
719 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4173881934964850688/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b684dd040789421a46a73d15a17624fca22594a692d2200d4b8362f497a59948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 06:03:17 GMT
server: ESF
date: Sun, 14 Nov 2021 07:35:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H2 200 DcmEnabler_01_240.js Show response
s0.2mdn.net/879366/ Frame D789 28 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_240.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4173881934964850688/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80b6cb45660038ca8664df098c41002469441da18a13ad4c53d9c85898c22a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4173881934964850688/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 23:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27698
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 10141
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:31:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 23:54:01 GMT

GET
H2 200 15851189357895156818
tpc.googlesyndication.com/daca_images/simgad/ Frame FC4A 53 KB
53 KB 8ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15851189357895156818

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=250&slotname=5991205942&adk=603426187&adf=3336293135&pi=t.ma~as.5991205942&w=300&lmt=1636875338&psa=0&format=300x250&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338386&bpp=1&bdt=3014&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C1000x280&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=DE1kwA5fBp&p=https%3A//www.medyafaresi.com&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7e154cf279891198590c3ee8b1b8892309b251c5c2ca7b460bf08f99367c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:42:15 GMT
x-content-type-options: nosniff
age: 183204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 54321
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 09:08:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Nov 2022 04:42:15 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame FC4A 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:18:07 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame FC4A 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:13:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC4A 119 KB
36 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame FC4A 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:23:25 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame FC4A 27 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39b209b9b9dda47f5ab83993311092d861d5c3347876521cc6b9847c93411e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 20:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 11380
x-xss-protection: 0
server: cafe
etag: 3114995264824872082
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 20:48:04 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EAC4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtINDhm73OxRvtJh_Uea1o&google_cver=1

43 B
894 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtINDhm73OxRvtJh_Uea1o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiR58qhATAB&v=APEucNUAZ0onc0sCqxI9v-YhMpLaH9MXcENOJRaPXoE0MHwV46yIn8haTig9euxiAGNhjViiiZc1DZ90ZT-VS1gMKjDKWKwozstBLAs8vOmB7pqcFZetYycEMbaX7Ip0dDGEzPT5Xyse1roa3Mhu14ig8r8APxqapkQq7OXX1G0vB_P8RmdmOpQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Nov 2021 07:35:39 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtINDhm73OxRvtJh_Uea1o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EAC4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZC8S5896Fuc3XioZ5OgaAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDJuTGUl5qYI8pikNNcBC0&google_cver=1

43 B
894 B

13ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDJuTGUl5qYI8pikNNcBC0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiR58qhATAB&v=APEucNUAZ0onc0sCqxI9v-YhMpLaH9MXcENOJRaPXoE0MHwV46yIn8haTig9euxiAGNhjViiiZc1DZ90ZT-VS1gMKjDKWKwozstBLAs8vOmB7pqcFZetYycEMbaX7Ip0dDGEzPT5Xyse1roa3Mhu14ig8r8APxqapkQq7OXX1G0vB_P8RmdmOpQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Nov 2021 07:35:39 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDJuTGUl5qYI8pikNNcBC0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame EAC4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDRolSWYJo0vyg6XS0ga7kY&google_cver=1

43 B
1006 B

7ms
7ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDRolSWYJo0vyg6XS0ga7kY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiR58qhATAB&v=APEucNUAZ0onc0sCqxI9v-YhMpLaH9MXcENOJRaPXoE0MHwV46yIn8haTig9euxiAGNhjViiiZc1DZ90ZT-VS1gMKjDKWKwozstBLAs8vOmB7pqcFZetYycEMbaX7Ip0dDGEzPT5Xyse1roa3Mhu14ig8r8APxqapkQq7OXX1G0vB_P8RmdmOpQ

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 4cb517db-8b03-4486-82c8-f21678524202
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDRolSWYJo0vyg6XS0ga7kY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EAC4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4MzQ2OTU4NDEzNjMzODk4NQ%3D%3D

170 B
233 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4MzQ2OTU4NDEzNjMzODk4NQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 26cc5cbb-1866-4d94-b284-c1c493c79ec1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4MzQ2OTU4NDEzNjMzODk4NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame FC4A 0
0 49ms
48ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cj-fGSryQYduuMoWJlQfd0aPQCL_x1rdm6pu386QOovLg1u8VEAEg07KsCGCV2oiCmAegAYeDv_cDyAECqAMByAPJBKoE2QFP0EjYZ5LgLzc15cP3IYbfZ__zCX1ENULnNYbExWKVmOlJkimrrGUhFcbapv5IB1reWk1TdFNv6zcEnDIAI0KVBGlt6DlIPcBM6WM7XgTLQMhkLWx4RtuZDHy3IMoiHvnfwyMMmZhe9UhE1puKKfSZhGdcFHxCEpN_-2WGswW_bxEm8RIKxIVHuz0XeFHTrjoBzny2SZzdBKymDEKosGEOOw1heXvnX3Ib0SWXM3hVG_kKdNks9oFaWG7J7_YzwYVrVXSqd3RerINyysKTemRHYVnsCXbnBREjwAStl73xwwOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHq6KhI6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEP_UDdIICQiA4YAQEAEYX4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi04NDkyMjY1MTM5NTI3MjgzGAA&sigh=jCB5DhVNiZo&uach_m=[UACH]

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=250&slotname=5991205942&adk=603426187&adf=3336293135&pi=t.ma~as.5991205942&w=300&lmt=1636875338&psa=0&format=300x250&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338386&bpp=1&bdt=3014&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C1000x280&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=DE1kwA5fBp&p=https%3A//www.medyafaresi.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 14 Nov 2021 07:35:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame A0C5 106 KB
37 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 12:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67266
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 12:54:33 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame A0C5 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_zzpBdSqBiS7lvwPXYmrRAaAh0DtUBLCdqEhzlzxzJyQkfTXmzgFNYkfKgSyvh7DcIDtg9COjOnLCg2AenXj3E9gXzVrfUY1b5yh_sh-Dcil-0WG8LmqjC5bMh5oaYiR36JJEJLfphGEbleFSbHUwH0LIng&dbm_d=AKAmf-DItYPnTpO4z5Lyb8xBuEnNJx1NFh-NCfmp1hW7uij7JJ20hUMISD80lbvjEDUd2J4CRnkwbYcLWKPJCcSnhfVDXp8voUN_FRCsqE-oSpjsPCx0JHIj3jz1M_GzQqdE8lEFvDaUpun74v97LvfipaB5yd8OwP9B146ger7wedzmrUIQ5PeiirZvnDOo3xfslTfjcsMCN8qdOeDediEgr-ZYLUViOhBL-76-BmZObcklfQi5ylJk0fgAks6F-hZVGCkWg94h9b8DnWr893csQMz3ZHD-HltTH6wxd2jmxnaRcpQcoIQWvpsVJwJ0BEKcY5aJMy3aTyzunmxDYnkxMhGZLxzLBLy_VCInrJHcLBMy2mz84wt6rCmhpTn7PXoaogLTcegbDBxonzuRXwmvdhtAQUb5qGx1rdMJWsvuIM7MK3zw11UjK66KsvW9xveDWhWW5Toqaz3cTZQvSs4tT8qRXdJota-zBUVDW_qO7RgYAVXlpkfb84RX1ytYVPc09hTG-sAgtFR3snWYYIxFZV_y-VSeqZMoJ91W_jcRfqszT5UGYXqFK8VSo4xlw_hLYVUOyHk-Wdq6giulrYv6KqdRMIGV2UwTTpuHDyeHLGsmbGKmkrbEylMeHJFuipRa3WiwWaAfKOxltTiW0nwfFLJ8i2i-5bWSw1x1q9INjc8xdRe7eyI9ZR_h2fVIeLdamIN9Vmt56cYYOwoBFZntonAhH4nu4dMJE9LKbTaBVJ526ar0AVaRrvNdVB6maV9uUbKkDOgF-aP7R0RgUEWNEW_0DFcfwEaAzHTqr4gbRxhAsxkHD5MlelHdJtsEZwqNfiJyD4ckFpJENYCDV3f81lzJXHjKv1h9zYlryXlzflhh1Ktg_SkKyW0pv1iMnMoVCN7BiVJJF0fjaWD2nzbJf6VLWeoFxoBFIKP4utCqdTeEK5jW9v1bvb3hBz9lf5jWaxhxNLA84fwASd6QmY_IbXUa3XmRJ7fnwQ-u0LhZWvyn1LxZaT1z5tt560hI7zPkrLYFesJPOPwVXx3POFbzNPaL-jrcPfz4Gad4jnGOvELTo4RSKtSQsJ0Xw0T5gPawjuQgeNFdTLQrss8nPUyQHbx0o6qHmv6iFPODqBGW2LlBgofZPUt8qbGUjEvxkcldbzXvaPKCuHsdYMYFREmVyeDUwykCqMVKhnsO8NVVN4IfmqrHW1qu7-0cwJRM7eFV43hppuaqKUHSeruVD6gWAlvcKjFPcCbxQjpGxZqIqHx9jq097WR4IdBQ9OlCC7aBH05Rr7_dnXw7pABb2tgPH9gYeBepvtfWdgsM7ZiWKO32slN7-R_iJsnNyoh46ecvNC0wZyoL2V8mNMHxrrHqKj7ErIevzBQH6C2AM90-Ylm8lue3Y7cD1LG_1qpAg7WNZ-vMLkydfkCSN_geyM2OXAIx_my4FMAg6bGN0cP-QOcck1vdshUPzcLvsV9qWsmAHIRWTBgAt-hIZ433E6fR20fXHSA9ZEZXMcl_9p8u_inbQvxdPoeefvFzOWkDnp3Im4hPE3RUsrxtjJYMKb39yGvZPZZLZsdYSMmo--giVKdq60uLm5N1iFlT71PRgtTI-E2CEp-5_Eg6R4YjMstaTXgkjP0jNwMRJ-ykyMb2rNuv4ZeFi16LNnoOI-Uww_WtCuXBY-ubziJdQ4LRT_MLgesLfi-i2pqy8v8ZNgXfUWVM_zTMCoioFG_y7EWSzQDNUgxqwWStnkdkB029lhJ_I040N97uuzWs8FZL-wYNBltRtf4HCM6n8gDO1KHdVA2iDiI3vktxcPnGaZkgiBGiolanHk6Dd0Y2xonscugVFPK4c4sla75tL2LrzdQBiUME_1CTUeP72TK3neR16aBMq_txwW1LedlOb0Fn7uM64QZxz6FwkCzNwBiDgDQ2gYJxEOpkTJDXtoBBg-3BwuHPBCtm64Ea375vcb3reCIdLvMQYz33-TZpBC63bsvxMNqiawQJSebBPnVa3s5i0Sk-roFF5ocsslvdeOyQQQLst0-L3x8K4sK9lSunBvhg-1w3nRnY4drXI59IYXKg8jntJu7H9KToDxHlYVtP0ltDyxX05IJSPDgkO4hXMrnkaByIejDTyYSyPkJ3kEeKJFdwjjV0qVoNUEnFXQjAJcqAyrNgu7fVvnYAF8mp8iZXHlleRgSAdn3IQCLSL1iup0fahzm5MnC2M0cQmWdo5ftayf-MIiGI84_frTHtzFjJVrBWZYDhbaLLH6_OmG0_pIFfwVIZ5rtEv3IaD1srtXwkxn7jBWH0s9jBBQ1YU00BkSqpcl8H_DCvFbKYwEZj_4KPRDrZEh9TIsY_am1WbHnnR937o9P61zlbFZEm9KmE1avZm_KobH5HO2SSG-GQ-RnvuHjAEEmoFTi9PfkHgMaJkwTe8kUVbhaIxcYvDIu1sgfO-NsBLnRHlE0GK122DivLnY4kdGW74vjDHqLuvWABnCX2PZa2UmSyyXvPz0hHVWvRSlDEOafur6_ikdK3yXapabxegBogi00TbyPG0nS60l_dBp1xkS1KSSh7uG-VFpkKos736G1P8DDzUq2pPRF7hRnSjeu13fqNRbzYQAgYB-evuYQ5pWyDTTI0RHRrb5jiOQKRBknKfWlZWH9xcONoNBNGYVaW-YCbe90U5itHe0SI7N5OZVjhxmCeqqZH_4ZGOoP_hbuXfGZ9t16vjNIbLAnmXyPLCWjosJ7_jp4PxkjPtPQISod7YLjZnPBppXOZeQqpWL8DhyIbj-Bp7VFQgnyt_yA6VHf7XRisSKegtHkUkQQX8HMYqbsQVr-yUSHFgEne4S59EYk1raDNgA81WN-qymC-w36FRT5PQXPPHixZRr2vmcXbq0U3nb6rxuu3pzL716fpxd-4K4o9aA0ZcXNvRMZKr-0KdTMczZWFy13xYINjEECS6MJ8ouivV5rmn3tUcdljXrMgPknpLX5aNrDgiyxpGQ&cid=CAASEuRoGfVKwcTTdSeyerdQVGUCsQ&rfl=1%2Chttps%253A%252F%252Fwww.medyafaresi.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:31:47 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame A0C5 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:32:46 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame D1F9
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=JOFBYosuRylS7l9mSSw82ah3GcQ

43 B
399 B

90ms
90ms

Image
image/gif

146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=JOFBYosuRylS7l9mSSw82ah3GcQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=JOFBYosuRylS7l9mSSw82ah3GcQ
Date: Sun, 14 Nov 2021 07:35:39 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET v1
nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/ Frame D1F9 0
0

GET
H/1.1 200
OK cm
p.rfihub.com/ Frame D1F9 42 B
613 B 146ms
19ms Image
image/gif 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=35678&in=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 07:35:39 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

400

cs
cs.lkqd.net/ Frame D1F9
Redirect Chain

https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%2...
https://a.tribalfusion.com/i.match?p=b30&u=1nDvq1LfxCk&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b30&u=1nDvq1LfxCk&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662303698504749

0
238 B

90ms
89ms

Image
text/plain

146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662303698504749
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 56
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ade907929994a55-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662303698504749
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame D1F9
Redirect Chain

https://match.prod.bidr.io/cookie-sync/lkq
https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAEm4E7DIXkAACjipB65dg

43 B
395 B

90ms
89ms

Image
image/gif

146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAEm4E7DIXkAACjipB65dg
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAEm4E7DIXkAACjipB65dg
Date: Sun, 14 Nov 2021 07:35:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8DF0 143 B
222 B 7ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=250&slotname=5991205942&adk=603426187&adf=3336293135&pi=t.ma~as.5991205942&w=300&lmt=1636875338&psa=0&format=300x250&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338386&bpp=1&bdt=3014&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C1000x280&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=DE1kwA5fBp&p=https%3A//www.medyafaresi.com&dtd=5

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 14 Nov 2021 06:37:41 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3478
alt-svc: clear

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ Frame D789 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 16:24:35 GMT
x-content-type-options: nosniff
age: 227464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 16408
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 16:24:35 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
57 B 42ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211109&jk=4068225407922905&bg=!vb6lvvrNAAZQLpa_UC47ACkAdvg8WiL4VzPuywNXyv5d-Iir_JdG-N2wKxC6_l-uaqJuMDqtNjwUJQIAAAEGUgAAAB1oAQeZArtfcPNoJjpW6n7bdpn8JwtHqBsd2NOp4EenYwY2ENkfa0jLCUHIojwyIZvq_cigjBRsYYafdFjNXh480TPN60ZkFg5mkaTuo-Lbl0jIXFzVwmRSrm4ALnHM41q6XT59GkW-7kasY1twlzkIgTbGlVqx8w-XDzIMTjUVC40NvuOunTxCW3vzjluQAib0kqjdBn5-14NHgiALGyVHEwuZMomssoAcu88boHgLeDEF5m644llwLlyfAVHi6ZZ0s6n4pCdkvBDNZgQxyMdwgQyyju8JsyNaDmTe2_6DDz54HoxZkBi3HnJU4T9nfLH0x34sOASXD51JchPNdUNEvPA-DmkN6aevegV7LGCQFbf8gjqqPx8PM9sfC8e1vEHHtosaIJV6soUuZN6K1mWJCYpTAIHSV6v-LEoGSagc8h1Bo_KZqZEIk4NQpNCasKovp-2Z5yyIv1JQICgLfQ1txLMXpHXM7YFrrVMxaR3m1k5BXnrXTImRGy43EXffSliIc1X_v-OesRvtUvBQJlv_UJZyZz66fW5rdHEEZJED-uYvlQZiRJjz8MD4dsY74v2C0cj6b0AvE4TIvxx4RhwErgwffiwiUIQgm5YyVJWym8aPwQn9qwueXAuCDvUD6uyF9IEiOdlFX9GuRxFUsfLLBQQ-lsYknuHyKJ1W2hZ6QAaYpbz32YVD4uO6w2ZcGwI0bJQ6GnhHW_ADgNRqFITB9lGd97O1__Q9tKCqzBuvOM1aVFknBZcn_qLQZQwcRQQL9J8QizEGEf5IYVgBr0jYYp-AVXU1Dge7r0igQIADPMZl3NptbEkv50ZP9-vE9Dno_xKTOz9r6IdXnRgNmsLg4cLeLiEgbtw1r94r29b8gK65eGYgWOm67Xj0lvGEKI2c2_vYc7tBUzJEJ0TRq3D-KwF5hmfVD1NJJjL_wZ0131Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame C420 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 06:25:17 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CE28 0
61 B 44ms
44ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWfPpMujWMp4HIz0TJrzsbCp21qJuhBFRzVP6y9_B-o0zJof40qedLdulw-X1OHpE_Rnx-CCtz0YlAGSPUVJeLsyJzmuABdpA0D8BgTHCLlbPtktS_zuY2bgRTJAUAYdPnKRiFQy1UfQOhNnE1ltt0qci3ZnSdxiQuGKuZODTK6lOkNrPDYCpLLh4pEPodsebeyytNZqojCWVomwGMTOv_Ax0L3MSVkBO7i3nlXjflv3u19S1d8wgzuAlQYZKYRgs3-nwtqnbCo_F_KdvTXRYXHJKga1fU2-BXilUKKnJZrwSkzcSkL6PiH1oGfYY1TuqfvlyRfjNnG-5vdC2GHIQBNkw4cqbrBVGwsVBeOg6BkQWOBy5fIxUuuqsCphfgMJH2pRgnsy-_Un-l9-cVGbsk1BC7vweOnVBPfsKl38ZQcAw4vznkZ5gMasH6Z54DQuCzIvfCz2ZC_89Qz4066zOhVRRdGAHGMSs3dnHfjrCwvb848MoPLZ0QSykeYBdfTYCplxDfNGXb3Z2ZZt7DIBqQDDVmGr1W2S9Gr6Zk5tOiVz6QDirpTvWwt67juYpj0Hr0ot0G43xQt78x0KGUVGGdTGfql_A8L9-WyP6h1CQymU9FM9pl-Dwx2tHJVNSvvxhOhlVro1Ayh4Urqp6-6WxdiXf4ZinqMjp8ouX3OKKfPGGOaG9KJD-6mgxGKxzS3WJGO6RA1qwii1FqIVSQsdP0D4uwvQUyI06QEiAMDTbiw47JRGboePlTAdRUQm5qaASaBwlXZSebE-aPJuT0GHN7ZpfCISsSfu1NnOBeSesFshvAT2dfpM206Vpdk0KsrLjZRAx8JWBViO-upRWbufq34bRvkdQ0GqxU3VEJk9y17LYT6whqWp2UAx5Bzs3zygc1Qkgf7eu4N2m0zPP8auc2hTW3BPfnn_oXFVc28n6Ba61D7WHF01FI0PJZiX35weszTXaaKaV-MbwONhfwK3MpO61r1for4CdzG1gCpY_YE2fR0eLjF7nlmDINdQou2tv0fkhUcltUR7B2zT6UH99Y7iigIq2J9TdugAAZS1vfBF9H6OO5OlDnFEoI3ZDsHgfH_Nel7iVPm-Pj1hQ6q2beyAKMMkSxH0RlDR2x16pWUQ&sai=AMfl-YS0E8Dje5CnCGCy2EkLNGPzkYWnSwEJ8yxQSiOXYrZWeMHiQzv2rvKMU8dYwaDAi5GuvanVKeAHH1v-Bgo9kQtlbjXT0km_cZthY8sk9-rkktbSKByI_ErzrzdRMxGUHGcCFepRDDi2djvDsRbdPGoO3hFe5dUHwrEH54YYxgCSc4nQbkwyKv0&sig=Cg0ArKJSzFwcc5udAM-WEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=330&vt=11&dtpt=181&dett=3&cstd=146&cisv=r20211109.43352&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 07:35:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 22E5 42 B
108 B 40ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CtEM_SOzsKVsQDHciO90_X0CjUb44MLG-peqIsiXpqU-4Hg3G4UyodT9kSBv3qf0_F4Vju2v7VUe14S54_tD7zmMnnT3cg4AKqUkiEYKDKzNODvgI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 22E5 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:13:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22E5 119 KB
36 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 22E5 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:23:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 22E5 0
0 15ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjiDRuf7QIT24qDzpVhKlOLecNVLm74rILs2_ZbJzGXWWCLuBS6pfJnI_SH175t6_9StVvbsPHDyCZ8f30AbdeMxPwwQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 index.html Show response
s0.2mdn.net/9951322/1616590441068/ Frame 126C 88 KB
23 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9951322/1616590441068/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8d849fdc20ffb775b06f3f3888bd40b4fb9b34e7faa6058ff8b9a8aa0f9a3cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 22932
date: Sun, 14 Nov 2021 05:52:21 GMT
expires: Mon, 15 Nov 2021 05:52:21 GMT
last-modified: Wed, 24 Mar 2021 12:54:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 6198
cache-control: public, max-age=86400
alt-svc: clear

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A0C5 0
62 B 52ms
52ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTXJz7rmvWO02bRboLVxPiAhz6fUU3FqP_xo2isLMvZN1XvhnOWtAts9XYC0kp2PhsEEXRY5jb1YC0ltRnO2ctz4A9QhmZd2vl-ZJk5lJwTrTVZXw7RzZEiqqGH7JZi8bfr-4Mmgc5Qgs_79xVS0FT-rqay-10ZlNdaXYL3phOW1uo15Etfqi296inOr7QYAwzTEo7lB6cuBbWVShLvGFWSF-VNi3AJVrQqJgyvSnrWIOiLUzMG7LWPN29ENJOZ_BfLrvQ0EjAx0evk4PJMOHckN6GoG8I8STatuyqcOAeULM39GA_791AJmJKETshHpqmAtgOWls1x1hX73DsaR1F6jU2E5KubVa9p8tQezVFSOFJYR9hMw8LaAgUfmebkYuW9MVzL11og06EEnOLIx6hAFn6S7Y6y10-ywtyVEi7cnIssLS2mNhy8qkGBk1Epfq17CMo7Gu71-Xggjy8vhMcfMSiXVaV9qeMoDGl8mC_G2pHWF5j_x5D3rZRgNC0GdPcFGnMQzbkBmkQgdSQGfuUdQ67vcu9Uyjbp_xfPvjnd6rAQit62K-B-PAVwfSCLl3BCmrB1PB-gDTSx_hSnfWojRdPM55kopcn3pfpPr8fNcRJxKcX-P2cWzUT-Qyyj6qRIngSjamAa0xOZtDqnBCMFSxwcRbA7dvC_FP7vzJ0uIdvxY0hFiCENEzkYBZ8cbPWBshVzU53T3QGrK6ggFnhj146qmR8yBXyDutrjiG45OJEV6cJOyvWJVE0i-QWPll0NgfImOIh8i1gGGhQgDGjoWhup_dfZwUrFX4cAw6dVhGxS88eRtErqr5fslJ0Lpn9kYZXEcVhmHCBUeGTniMmFJlaj3MuH22DUVZmpie3tgvr-4n4sQ0p8O_ZBBb9x6w0wDXqciNou4ukdwQPb4ncLrVUK8jTVQlG0swJ1gM8_SR_wSvfENR2V1AhwjaPKuriLig7Xwswd0g7qGc89QD5nqmCQ3kU-FqiuJwYiSwtCGUwuLKCc-5iwDtqJUeHWyu1iXc4WJbxh45SlxEjDPSazRJ0r0veLgLqz7k9TjRt9PHhtyV0Dr__qRjOulzCIGyDxOpTPgF3frUzn6waDPppRGELu_jZgTSrxVvMESdZamHwgYapAb4D580gp9ZkOivSvWYj4FASXrYkYHcPySGfmF_wgeG9KEyyUOMkl315xgZpGB1RjUTocazwqTv8mE-n_2U&sai=AMfl-YQatZinQ3QkOEjAtJTNKuRFzQbMGusKNblJ4-mPyi2XXRKM2RUpeu9yhI1X2cyxYL-hAPs7Rp3Ukf2hiStoNkWWkvqvn4jfCvMv6yQi7v4EWxvLOVN5KrAig2gx5CcETEik_UfhSwcanc_9v7-jkM35zYUi7g&sig=Cg0ArKJSzNDZV4C4DrnKEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=97&cbvp=1&cstd=95&cisv=r20211109.91976&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 14 Nov 2021 07:35:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame FC4A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02a271d9d0dac8509e05a0099996dc1d19709dbd3948686f7e6d52bc69a66d2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 whiteLogo.png
s0.2mdn.net/sadbundle/4173881934964850688/ Frame D789 16 KB
16 KB 8ms
8ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4173881934964850688/whiteLogo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e138f3efc551dc31b46688f12a95c4e668929588b8c0d7e6e2a986090b965e8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4173881934964850688/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 10:44:50 GMT
x-content-type-options: nosniff
age: 334249
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 16520
x-xss-protection: 0
last-modified: Tue, 17 Dec 2019 13:41:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 10:44:50 GMT

GET
H2 200 stripes.png
s0.2mdn.net/sadbundle/4173881934964850688/ Frame D789 32 KB
32 KB 9ms
9ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4173881934964850688/stripes.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499b5e85f090790d4816e771edb671c960e9a76be40ca04a613c36a79387b0c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4173881934964850688/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 10:44:50 GMT
x-content-type-options: nosniff
age: 334249
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 32967
x-xss-protection: 0
last-modified: Tue, 17 Dec 2019 13:41:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 10:44:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 98C0 2 KB
605 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=280&slotname=9121065640&adk=3883732668&adf=3485054903&pi=t.ma~as.9121065640&w=1000&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338319&bpp=3&bdt=2947&idt=56&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=300&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=eXKjUYuSPs&p=https%3A//www.medyafaresi.com&dtd=59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 06:00:46 GMT
server: ESF
date: Sun, 14 Nov 2021 07:35:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EF0D 624 B
423 B 18ms
18ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhjY-O-6ATAB&v=APEucNXM0eztOQCX-7E851TqfBj5CcqGnyjHmtSPHbr2nAV48oEY_YcPtyyiGJtEvaxn6r1LUyKmsop1fUhO95DjoeRoBlWgBsJOGzQ7AqvvVwbmhRtoDk0gcFLsLKolXMKGUgchWwDBaakepVR7747265KrdNpvzCKlXGZdS80UeEMFMOHRUS4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 14 Nov 2021 07:35:39 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 22E5 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:14:12 GMT

GET
H2 200 18178738045148495642
s0.2mdn.net/simgad/ Frame 22E5 55 KB
55 KB 8ms
8ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/18178738045148495642

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad546cf7228eccaac68ae716b61bf2e0e1bf3ac5d98801a6212141bf72ce6e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 11:02:34 GMT
x-content-type-options: nosniff
age: 160385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 56213
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:08:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 11:02:34 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 22E5 6 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:17:00 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 22E5 0
62 B 52ms
52ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8hu_Pg3Yk4sMDHMGbocpusYSxoEp2tP-osgydy6Rq8wlit9JnMbcKCHaKkbhspAkN0-XoCgZOHU5wVgKf70W7W-g0x3PAG9_7sFEio5RIoOQ-LltCGYY4gwY4YAlJuxV8sWZ4YYfsZ_CoKtfkwhiioN4jMb68kqTKovwOhQNXfEnAT4NrY6dMISrx1crafPVzsuEzlv4B7ETY2L7Z9uRO3a8ksipn-I4Bi3-INAkcc7jzK1WUHHlTEF83Le1h8wwjJlxQSIzNKCgoZZCiAt2RiWykD44c0iUfLP5gl05rparPpBtcb2NYR0lpswSFsifKiLfna0y3aKK8moEOMueLhePxHJg2aDojdzlctSTWoSFiOfXRSEcWGBMFp1Nyz76PWflwTWdhTgPC5PfBiYAIObPiDGzcyMLU9LIuAhgqKS6bQyHU1kbCBpiZRsMp2_IpSRcbJDfHlG8nZF5sbdlfXDpWdd8as-O48msSpHH_8JK2d3_KPBNp8HwK2pvFss85nPmjU1PQeQWIFLhZt1ZZqNcx93qOUt4PXVQCl1aAdslbgl3Sfsh3ztKqyCagtMrONlsJL9QUOLD350LKeygWOyXAq7FfcpLZ-OWcvlTSVWxfo5JMPIGelhJikRLTy8Z9mXeziOmKNokeegE_lZcn7O8nIvZVq3A2sw0r4_hkUn28AMB744g6urIFaudh66P0XTqJIbNfLRDZCi-genHZv5G5kS0Gc5ekyH47hrZFR7AlqdRYmWv6q4Yrej0FodrlW6eY2pX7viR_wd8PjULctJBy1hxjtM0gj3uZcloKRqOVpL2J_frPVSCNFtXAxgbfJJ52LBGBIrNmlDXCWHvUVuXRDCzs3eBu7DnYKJCKFmnUeVuIky8sgPWs0eg-qGyvf52fLD6k4NKWet1zJx-i2RiFW8TyBKUqHDQ1xrjxsbtyY4qJJYkN0EvaAOZJbkEMUQy-4RZ_8KNdGngPD79iSkxC0ZqgzXYg7-when1kjZL3urWEzyBWi6It651c98r5MDA_NRgTz0f1cHgIdyDt4shJP_72VsyxCYUmkqFUIUAKcE8u3DWEXvq3y1UADz-xz0h5nZ5rCpRHjGazcb5OFSLecBdxEYXkQ86hBttVnNAJJvWv5J27kOz5LUQLxg-PuecaZY_OnDudWmcmOWwDu_I1Wzv9n_-66qBSrZu4nAevjg&sai=AMfl-YSYegkAyrQNmEYLavzdz3RekW6nKOdv40BpKwa-IhB9aK3djLLdmbyAgreEEE4sY3M1hXbGdMSKnZHsht1b6RFvd9SnzzRgCyOvDuPrgIbO93XG5HZuLGvSDLeAkIgfbbAwwxPziYpfJ_5AHyb5PLPghtsxEQID3GhWG8Hjx-KZaqjp-wDYiGncb1UwYBTzYN_NRRkStMAXy9Oh2cUBusQARLRuVfnHADSULSNlqXIhuZ4wf-o8gp9hO5GCIonJWvYNwGie_oEuxMNQczbyzScAih00Kiei3O1SsdU&sig=Cg0ArKJSzO-ZxLr_D5qNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20211109.13572&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 14 Nov 2021 07:35:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 22E5 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184668
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 12 Nov 2022 04:17:51 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 5B13 0
168 B 91ms
90ms XHR
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.medyafaresi.com
date: Sun, 14 Nov 2021 07:35:39 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
90ms Preflight
text/plain 146.20.128.160
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.medyafaresi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 14 Nov 2021 07:35:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.medyafaresi.com

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 98C0 1 KB
960 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:12:51 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 98C0 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:18:07 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 98C0 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:13:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98C0 119 KB
36 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 98C0 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:23:25 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame 98C0 27 KB
12 KB 46ms
8ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 09:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 09:00:33 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 22E5 0
61 B 44ms
43ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 07:35:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A0C5 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184668
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 12 Nov 2022 04:17:51 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 44FF 1 KB
845 B 7ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 13 Nov 2021 13:26:12 GMT
expires: Sun, 14 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 65367
cache-control: public, max-age=86400
alt-svc: clear

GET
DATA 200
OK truncated
/ Frame A0C5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 146413e2b12fabbc318e3be9026dee82a548b0715def4f7a65cca9f9e243ca3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 DcmEnabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 126C 28 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9951322/1616590441068/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1616590441068/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 12:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69498
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 12:17:21 GMT

GET
H/1.1 200
OK ai.aspx Show response
tagm.tchibo.de/ Frame 98C0 43 B
1 KB 90ms
23ms Fetch
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://tagm.tchibo.de/ai.aspx?extProvId=5&extPu=tchibo-pm-display&extLi=14397917274&cb=206988695

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://tagm.tchibo.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: So, 14 Nov 2021 07:35:39 GMT
Server: Microsoft-IIS/8.5
Date: Sun, 14 Nov 2021 07:35:39 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 821
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 98C0 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5-XiSryQYZ-_MfKg7_UP6eGUwAvLi4vMZfnNz4q0Dvu_3KCcKRABINOyrAhgldqIgpgHoAGCkOWHA8gBCakCC5T3Zv4ysz6oAwHIA8sEqgTPAU_QG3mX0F4ndTrU5WLl4q31ngXf4qCA9BsUo3Av28B-rByhkmUDzOM1rUI15U5p8wNnAqfjrefvJtHmiN_gQtN6cdTW5a6caGgPGCg4emJYBPHw17C7UtpTVYTd-pWEqzV_ZhNBPGTvG7G78LgoX5v3mD_BYV0IR71cHq_bm7o-T5kWAA8KkwhcRpl4ELYVzgLCdlZsqOB_4th8_72WkFmqceuX6s0h2ww2hOZIo1qw7PgfCDsk-mQoLE-GtbLoOJvEwm7cDGrIE006h4eF88AE4sPs6dwDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8yBrSioB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQlpwi0ggJCIDhgBAQARhfgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTg0OTIyNjUxMzk1MjcyODMYAA&sigh=OH8_osrFYnM&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=280&slotname=9121065640&adk=3883732668&adf=3485054903&pi=t.ma~as.9121065640&w=1000&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338319&bpp=3&bdt=2947&idt=56&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=300&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=eXKjUYuSPs&p=https%3A//www.medyafaresi.com&dtd=59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 14 Nov 2021 07:35:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 98C0 7 KB
7 KB 36ms
12ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ48QQ2xPWHFLc2qi7jqkb463NsSMWtp-OY3DfLQjxMtnqF6F9y&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96785c2e9ea38cea4758b383cbb6f12edadcac2daec852412994ae2bd8932a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 09:20:43 GMT
x-content-type-options: nosniff
age: 252896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 7266
x-xss-protection: 0
last-modified: Fri, 18 Dec 2020 01:19:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 11 Nov 2022 09:20:43 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 98C0 13 KB
14 KB 32ms
8ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcROFxfVLoWBz8Q3nBtTLN2PgZXNh3saHGViah9O3_p4MrGwDmY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af730b0a93c12f8e2b852aece6922b74fa7d6b28edf9a472790440a23d7e2e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 04:55:48 GMT
x-content-type-options: nosniff
age: 268791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13623
x-xss-protection: 0
last-modified: Sun, 10 Oct 2021 01:31:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 11 Nov 2022 04:55:48 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 98C0 21 KB
22 KB 47ms
8ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSQt-U-F_CTkFz6rFbLcxQu7AQnumHdnuAKdNrCt59UPzFTU04&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0618cb16ba25e35eb5697941562ad0925fd5fc6c40de5fa2d10b0de3dee77b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 17:59:51 GMT
x-content-type-options: nosniff
age: 394548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 21652
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 05:52:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 09 Nov 2022 17:59:51 GMT

GET
H2

200

6940406974179512899
tpc.googlesyndication.com/simgad/ Frame 98C0
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP-7vrpAEQ6AcY6AcyCEPlfr8JziOv
https://tpc.googlesyndication.com/simgad/6940406974179512899

120 KB
120 KB

8ms
8ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6940406974179512899

Requested by

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8d0b476d33f17f88af0ca5d38a0fa7bade2e40dcd5734a32b926c808c60bec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 01:05:40 GMT
x-content-type-options: nosniff
age: 282599
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 122692
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 11:41:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Nov 2022 01:05:40 GMT

Redirect headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 13:51:19 GMT
x-content-type-options: nosniff
server: cafe
age: 63860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6940406974179512899
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Mon, 13 Dec 2021 13:51:19 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7076 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 321485
alt-svc: clear

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EF0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDJuTGUl5qYI8pikNNcBC0&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDJuTGUl5qYI8pikNNcBC0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhjY-O-6ATAB&v=APEucNXM0eztOQCX-7E851TqfBj5CcqGnyjHmtSPHbr2nAV48oEY_YcPtyyiGJtEvaxn6r1LUyKmsop1fUhO95DjoeRoBlWgBsJOGzQ7AqvvVwbmhRtoDk0gcFLsLKolXMKGUgchWwDBaakepVR7747265KrdNpvzCKlXGZdS80UeEMFMOHRUS4
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Nov 2021 07:35:39 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDJuTGUl5qYI8pikNNcBC0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EF0D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZC8S5896Fuc3XioZ5OgaAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDJuTGUl5qYI8pikNNcBC0&google_cver=1

43 B
894 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDJuTGUl5qYI8pikNNcBC0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhjY-O-6ATAB&v=APEucNXM0eztOQCX-7E851TqfBj5CcqGnyjHmtSPHbr2nAV48oEY_YcPtyyiGJtEvaxn6r1LUyKmsop1fUhO95DjoeRoBlWgBsJOGzQ7AqvvVwbmhRtoDk0gcFLsLKolXMKGUgchWwDBaakepVR7747265KrdNpvzCKlXGZdS80UeEMFMOHRUS4
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Nov 2021 07:35:39 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDJuTGUl5qYI8pikNNcBC0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame EF0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMIpStULqsGFMgY2ivfXJxE&google_cver=1

43 B
1006 B

9ms
9ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMIpStULqsGFMgY2ivfXJxE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhjY-O-6ATAB&v=APEucNXM0eztOQCX-7E851TqfBj5CcqGnyjHmtSPHbr2nAV48oEY_YcPtyyiGJtEvaxn6r1LUyKmsop1fUhO95DjoeRoBlWgBsJOGzQ7AqvvVwbmhRtoDk0gcFLsLKolXMKGUgchWwDBaakepVR7747265KrdNpvzCKlXGZdS80UeEMFMOHRUS4

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 573341e7-9967-40e5-86cf-b189258eb1c6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMIpStULqsGFMgY2ivfXJxE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EF0D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4MzQ2OTU4NDEzNjMzODk4NQ%3D%3D

170 B
233 B

18ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4MzQ2OTU4NDEzNjMzODk4NQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1fb025d6-1445-40db-ad20-12ce10d8cbf4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4MzQ2OTU4NDEzNjMzODk4NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8DF0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
146 B

66ms
66ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 14 Nov 2021 07:35:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 07:35:39 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 14 Nov 2021 07:35:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear

GET
H2 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0989 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 06:25:17 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 39F4 1 KB
783 B 7ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 13 Nov 2021 13:26:12 GMT
expires: Sun, 14 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 65367
cache-control: public, max-age=86400
alt-svc: clear

GET
DATA 200
OK truncated
/ Frame 22E5 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b37d11fc8ce5b75038f8e150ffe2c8c8ff817855cfb8a3763cf777b2237dd0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 98C0 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a55c2c71d0c0040783dc357b70b64054c062da1104b5dd67ea65cf9543c8972

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 685E 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 321485
alt-svc: clear

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 98C0 20 KB
21 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 05:28:40 GMT
x-content-type-options: nosniff
age: 266819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 05:28:40 GMT

GET
H2 404 null
s0.2mdn.net/9951322/1616590441068/ Frame 126C 43 B
142 B 13ms
13ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1616590441068/null

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9951322/1616590441068/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1616590441068/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:21:41 GMT
x-content-type-options: nosniff
server: sffe
age: 838
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
alt-svc: clear
content-length: 43
x-xss-protection: 0
expires: Sun, 14 Nov 2021 07:36:41 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A0C5 0
61 B 43ms
43ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTXJz7rmvWO02bRboLVxPiAhz6fUU3FqP_xo2isLMvZN1XvhnOWtAts9XYC0kp2PhsEEXRY5jb1YC0ltRnO2ctz4A9QhmZd2vl-ZJk5lJwTrTVZXw7RzZEiqqGH7JZi8bfr-4Mmgc5Qgs_79xVS0FT-rqay-10ZlNdaXYL3phOW1uo15Etfqi296inOr7QYAwzTEo7lB6cuBbWVShLvGFWSF-VNi3AJVrQqJgyvSnrWIOiLUzMG7LWPN29ENJOZ_BfLrvQ0EjAx0evk4PJMOHckN6GoG8I8STatuyqcOAeULM39GA_791AJmJKETshHpqmAtgOWls1x1hX73DsaR1F6jU2E5KubVa9p8tQezVFSOFJYR9hMw8LaAgUfmebkYuW9MVzL11og06EEnOLIx6hAFn6S7Y6y10-ywtyVEi7cnIssLS2mNhy8qkGBk1Epfq17CMo7Gu71-Xggjy8vhMcfMSiXVaV9qeMoDGl8mC_G2pHWF5j_x5D3rZRgNC0GdPcFGnMQzbkBmkQgdSQGfuUdQ67vcu9Uyjbp_xfPvjnd6rAQit62K-B-PAVwfSCLl3BCmrB1PB-gDTSx_hSnfWojRdPM55kopcn3pfpPr8fNcRJxKcX-P2cWzUT-Qyyj6qRIngSjamAa0xOZtDqnBCMFSxwcRbA7dvC_FP7vzJ0uIdvxY0hFiCENEzkYBZ8cbPWBshVzU53T3QGrK6ggFnhj146qmR8yBXyDutrjiG45OJEV6cJOyvWJVE0i-QWPll0NgfImOIh8i1gGGhQgDGjoWhup_dfZwUrFX4cAw6dVhGxS88eRtErqr5fslJ0Lpn9kYZXEcVhmHCBUeGTniMmFJlaj3MuH22DUVZmpie3tgvr-4n4sQ0p8O_ZBBb9x6w0wDXqciNou4ukdwQPb4ncLrVUK8jTVQlG0swJ1gM8_SR_wSvfENR2V1AhwjaPKuriLig7Xwswd0g7qGc89QD5nqmCQ3kU-FqiuJwYiSwtCGUwuLKCc-5iwDtqJUeHWyu1iXc4WJbxh45SlxEjDPSazRJ0r0veLgLqz7k9TjRt9PHhtyV0Dr__qRjOulzCIGyDxOpTPgF3frUzn6waDPppRGELu_jZgTSrxVvMESdZamHwgYapAb4D580gp9ZkOivSvWYj4FASXrYkYHcPySGfmF_wgeG9KEyyUOMkl315xgZpGB1RjUTocazwqTv8mE-n_2U&sai=AMfl-YQatZinQ3QkOEjAtJTNKuRFzQbMGusKNblJ4-mPyi2XXRKM2RUpeu9yhI1X2cyxYL-hAPs7Rp3Ukf2hiStoNkWWkvqvn4jfCvMv6yQi7v4EWxvLOVN5KrAig2gx5CcETEik_UfhSwcanc_9v7-jkM35zYUi7g&sig=Cg0ArKJSzNDZV4C4DrnKEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=551&vt=11&dtpt=454&dett=3&cstd=95&cisv=r20211109.91976&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.medyafaresi.com
URL: https://www.medyafaresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 07:35:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 25F0 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 06:25:17 GMT

GET dpixel
cms.quantserve.com/ Frame 44FF 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 44FF
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEJ6X8laWxo-yzJTyUWoYMhY&google_cver=1&google_push=AYg5qPLSzpLrbms2fShVByh2XRQJ0ctaTCCgbsvJJN9tcZVwhZLFDzaMVHV9XS13qEdKi2iOvzQz4GSzW6j9Sewj1LYy1ho8gWM
https://rtb.openx.net/sync/dds?google_gid=CAESEJ6X8laWxo-yzJTyUWoYMhY&google_cver=1&google_push=AYg5qPLSzpLrbms2fShVByh2XRQJ0ctaTCCgbsvJJN9tcZVwhZLFDzaMVHV9XS13qEdKi2iOvzQz4GSzW6j9Sewj1LYy1ho8gWM&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLSzpLrbms2fShVByh2XRQJ0ctaTCCgbsvJJN9tcZVwhZLFDzaMVHV9XS13qEdKi2iOvzQz4GSzW6j9Sewj1LYy1ho8gWM&google_hm=PpM_0T1ez7QCL78qiVeq_g==

170 B
232 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLSzpLrbms2fShVByh2XRQJ0ctaTCCgbsvJJN9tcZVwhZLFDzaMVHV9XS13qEdKi2iOvzQz4GSzW6j9Sewj1LYy1ho8gWM&google_hm=PpM_0T1ez7QCL78qiVeq_g==

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLSzpLrbms2fShVByh2XRQJ0ctaTCCgbsvJJN9tcZVwhZLFDzaMVHV9XS13qEdKi2iOvzQz4GSzW6j9Sewj1LYy1ho8gWM&google_hm=PpM_0T1ez7QCL78qiVeq_g==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 312hl9v9muh5r2ha7r1bo6l7qcq49f2l

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 44FF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7NaCcE0ISAqZggE_Ps1Xbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7NaCcE0ISAqZggE_Ps1Xbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKtbA0hbxsWFWcqYWC8uFj7mzlvE-9TRALZFJ20CrursrIOJtiTB9cWv0OkUAmmdA9w5rGyLetjdNwbNsTWf7XdPARCZA

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7NaCcE0ISAqZggE_Ps1Xbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKtbA0hbxsWFWcqYWC8uFj7mzlvE-9TRALZFJ20CrursrIOJtiTB9cWv0OkUAmmdA9w5rGyLetjdNwbNsTWf7XdPARCZA
date: Sun, 14 Nov 2021 07:35:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 44FF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGBU4___xro5jnhNVGGnt8s&google_cver=1&google_push=AYg5qPJm0v5mbOdTmyikf33ookqHP2hrL-4-7e9m6EpqY7PMr0pvWD1aWhpZie7ZRp3Va8z5EcF...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZZWEJCTEYtMy0zMzFQ&google_push=AYg5qPJm0v5mbOdTmyikf33ookqHP2hrL-4-7e9m6EpqY7PMr0pvWD1aWhpZie7ZRp3Va8z5EcFfvdIQUEq6AGaFZPgJBVBqC_o

170 B
233 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZZWEJCTEYtMy0zMzFQ&google_push=AYg5qPJm0v5mbOdTmyikf33ookqHP2hrL-4-7e9m6EpqY7PMr0pvWD1aWhpZie7ZRp3Va8z5EcFfvdIQUEq6AGaFZPgJBVBqC_o

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZZWEJCTEYtMy0zMzFQ&google_push=AYg5qPJm0v5mbOdTmyikf33ookqHP2hrL-4-7e9m6EpqY7PMr0pvWD1aWhpZie7ZRp3Va8z5EcFfvdIQUEq6AGaFZPgJBVBqC_o
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 44FF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 44FF 43 B
297 B 131ms
21ms Image
image/gif 2a05:d01c:1d8:8100:f976:bfd0:751d:6023
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMhhnaVLP6gjbv2LnBBymOA&google_cver=1&google_push=AYg5qPIPr3t2P4T_qqT8JpskOI2_QLtVYGdYHW6tTTuRM5Sm7rvgMHfPWIsSdEm0rTiEd2thpf_Ta1qtwENGbXsi_8zUxt_PKWQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7957212740&adk=2292013630&adf=2909724171&pi=t.ma~as.7957212740&w=160&lmt=1636875338&psa=0&format=160x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338483&bpp=1&bdt=3112&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250%2C300x600&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=142&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=IBtRF9Tkmo&p=https%3A//www.medyafaresi.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:f976:bfd0:751d:6023 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 44FF
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEK3JZoIxf55uliOGev1qt-g&google_cver=1&google_push=AYg5qPJu6F_QI18PUfGNIBV3...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJu6F_QI18PUfGNIBV3OLl0E6ZwEaRsdsKsaW_uDqgVjYS8uDCFLZAiHL63XomyLGgP1Gpm_uE128NWnGopPPPub6SLo94l&google_hm=

170 B
232 B

16ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJu6F_QI18PUfGNIBV3OLl0E6ZwEaRsdsKsaW_uDqgVjYS8uDCFLZAiHL63XomyLGgP1Gpm_uE128NWnGopPPPub6SLo94l&google_hm=

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJu6F_QI18PUfGNIBV3OLl0E6ZwEaRsdsKsaW_uDqgVjYS8uDCFLZAiHL63XomyLGgP1Gpm_uE128NWnGopPPPub6SLo94l&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 13 Nov 2021 07:35:39 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 44FF 0
60 B 15ms
15ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JzYt775q5L7Y4LMIZyvKNZuEWwc1qNltZNOI_3KvWZybG-9ZoTeWXOIoqk4ejxcbA0tj_Veg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
alt-svc: clear
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 cta.png
s0.2mdn.net/9951322/1616590441068/ Frame 126C 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1616590441068/cta.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3de2b0342bb00e1a6ff50fa3356e11b1a48495d3def412ecf16e9a07a48bbd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1616590441068/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 02:45:08 GMT
x-content-type-options: nosniff
age: 17431
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1977
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 12:54:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Nov 2021 02:45:08 GMT

GET
H2 200 overlay.png
s0.2mdn.net/9951322/1616590441068/ Frame 126C 6 KB
6 KB 9ms
8ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1616590441068/overlay.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ed6b9d684cd4243011e689d50dbc247676bfd5716c8130cc6b5d6eaf5bb0c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1616590441068/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 01:18:04 GMT
x-content-type-options: nosniff
age: 22655
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 6563
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 12:54:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Nov 2021 01:18:04 GMT

GET
H2 200 texture1.jpg
s0.2mdn.net/9951322/1616590441068/ Frame 126C 309 KB
309 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1616590441068/texture1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b23d58bd486ffeab370fc0a7d3e0b776a66e951676209e15b84a612ca5423f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1616590441068/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 11:17:58 GMT
x-content-type-options: nosniff
age: 73061
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 316424
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 12:54:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 11:17:58 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
651 B 186ms
122ms XHR
text/xml 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.medyafaresi.com%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:40 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.medyafaresi.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ 0
145 B 30ms
23ms XHR
text/plain 18.158.22.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=986279886&w=400&h=225&skip=1&req_type=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F95.0.4638.54%20Safari%2F537.36&l=EN&dt=2&c=DE&pid=61245&sid=&sname=&d=medyafaresi.com&sp=https%3A%2F%2Fwww.medyafaresi.com%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.22.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-22-228.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.medyafaresi.com
date: Sun, 14 Nov 2021 07:35:39 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.medyafaresi.com%2F&cb=1787478557&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C1704424290620367696489901529,,
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.medyafaresi.com%2F&cb=1787478557&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C17044242906203676964899015...
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmY4MDRjMGEtYWQxYi02NTA5LTYwNzUtYjUzYjdiZjhiZDlk

0
0

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 123ms
35ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.medyafaresi.com%2F&cb=1905684595&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C17044242906203676961865250562%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 07:35:40 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000334
X-SpotX-Timing-SpotMarket: 0.008094
X-SpotX-Timing-Page-Mux: 0.000944
X-SpotX-Timing-Page-Require: 0.000328
X-fe: 005
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000027
Content-Length: 77
X-SpotX-Timing-Page: 0.012870
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000300
Last-Modified: Sun, 14 Nov 2021 07:35:40 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.008094
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.medyafaresi.com
X-SpotX-Timing-Page-Misc: 0.002832
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
652 B 131ms
72ms XHR
text/xml 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fwww.medyafaresi.com%2F&t=2

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:40 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.medyafaresi.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 22ms
17ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C1697984741704424290620367696,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 89d4cb60de4ac1ce7037ed4780f74e4e27fa52b1f584ffea4a7ee7cba831ca61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.medyafaresi.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1156
x-sticky-vk: 1636875339852096-414
Expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
549 B 69ms
20ms XHR
text/xml 35.156.156.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1724321644&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.medyafaresi.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=61245&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-156-223.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.medyafaresi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
724 B 150ms
135ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C17044242906203676961101024337,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:40 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.medyafaresi.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1636875339836034-590
Expires: Sun, 14 Nov 2021 07:35:40 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc= Show response
ads.adaptv.advertising.com/a/h/ 249 B
549 B 71ms
22ms XHR
text/xml 35.156.156.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1808071882&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.medyafaresi.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-156-223.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.medyafaresi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 33ms
17ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C7420819881704424290620367696,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9651d8ee8f16b630e384e1cec8b2f13deba78bf2176aa971a1aa684c23cc7c42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.medyafaresi.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1156
x-sticky-vk: 1636875339859060-404
Expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 36ms
19ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C1704424290620367696865799001%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ca7686761e8d25ebb8e9763efc8026059e113624afeafee377ac9bf4dcebc55d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.medyafaresi.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1188
x-sticky-vk: 1636875339853042-382
Expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 36ms
19ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C1704424290620367696574646838%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 727c278bd3059f63a33320178d7535e10ac8aacf3b147451085a102a1ac39f70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 07:35:39 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.medyafaresi.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1188
x-sticky-vk: 1636875339608069-354
Expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 991 B
871 B 47ms
10ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.medyafaresi.com%2F&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C3910491491704424290620367696%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8b01a4705ae529815dc32d67a7ba4a9ff15f79cdbd150d0f1912a2d44a872fa1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.medyafaresi.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 608
expires: Sun, 14 Nov 2021 07:35:39 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
549 B 66ms
22ms XHR
text/xml 35.156.156.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=669405027&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.medyafaresi.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=61245&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-156-223.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.medyafaresi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET dpixel
cms.quantserve.com/ Frame 39F4 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 39F4
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEEtGTB1InZXBss-jJAUGGaY&google_cver=1&google_push=AYg5qPLmWlxC51NQfbOokO88s3qip8oA01cJBO04J2Cq3lSAtFJ-O0rZU-qjg7mlbHvWm6ID_UIIZ1Lkqda6PccUhR3yH4T4Vtpx
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLmWlxC51NQfbOokO88s3qip8oA01cJBO04J2Cq3lSAtFJ-O0rZU-qjg7mlbHvWm6ID_UIIZ1Lkqda6PccUhR3yH4T4Vtpx&google_hm=PpM_0T1ez7QCL78qiVeq_g==

170 B
232 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLmWlxC51NQfbOokO88s3qip8oA01cJBO04J2Cq3lSAtFJ-O0rZU-qjg7mlbHvWm6ID_UIIZ1Lkqda6PccUhR3yH4T4Vtpx&google_hm=PpM_0T1ez7QCL78qiVeq_g==

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLmWlxC51NQfbOokO88s3qip8oA01cJBO04J2Cq3lSAtFJ-O0rZU-qjg7mlbHvWm6ID_UIIZ1Lkqda6PccUhR3yH4T4Vtpx&google_hm=PpM_0T1ez7QCL78qiVeq_g==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: j0ig9h2jntghf48l2557tjrd446umc5j

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 39F4
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7NaCcE0ISAqZggE_Ps1Xbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7NaCcE0ISAqZggE_Ps1Xbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPINo8P9rAlPEFrQYHMsYq9aTS-JzxvuxAqN2gb83NLHnvCuEH3-iDeNg7-F9zcqK0_Xf5VE6ROLSvL5EjrLn_DMfSrmZLEA

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7NaCcE0ISAqZggE_Ps1Xbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPINo8P9rAlPEFrQYHMsYq9aTS-JzxvuxAqN2gb83NLHnvCuEH3-iDeNg7-F9zcqK0_Xf5VE6ROLSvL5EjrLn_DMfSrmZLEA
date: Sun, 14 Nov 2021 07:35:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 39F4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECYJlguUtRjYT2hWoR210L8&google_cver=1&google_push=AYg5qPJbXserb8x68rKJtfnE88ST1iyX5HcBZt_5pYkRxIkTLi8qg2ZIPTGDhWBO_YOxC4yBaKJ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZZWEJCTUctOS01NkIz&google_push=AYg5qPJbXserb8x68rKJtfnE88ST1iyX5HcBZt_5pYkRxIkTLi8qg2ZIPTGDhWBO_YOxC4yBaKJKbyiPGpGG3co8zLZSUeiHRoY_

170 B
232 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZZWEJCTUctOS01NkIz&google_push=AYg5qPJbXserb8x68rKJtfnE88ST1iyX5HcBZt_5pYkRxIkTLi8qg2ZIPTGDhWBO_YOxC4yBaKJKbyiPGpGG3co8zLZSUeiHRoY_

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZZWEJCTUctOS01NkIz&google_push=AYg5qPJbXserb8x68rKJtfnE88ST1iyX5HcBZt_5pYkRxIkTLi8qg2ZIPTGDhWBO_YOxC4yBaKJKbyiPGpGG3co8zLZSUeiHRoY_
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 39F4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 39F4 43 B
298 B 80ms
20ms Image
image/gif 2a05:d01c:1d8:8100:f976:bfd0:751d:6023
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDb_Pj6fHUtnQHiZNuqlyTg&google_cver=1&google_push=AYg5qPLhB5EijHzh-iLt7lzEXLDzyaWXzwRHbu9qs0f3IpsqAxleGDb2tIomFefIraGEVqHBeWVlNriiHpfi-ncEHAeAPBiS4T81
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:f976:bfd0:751d:6023 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 39F4
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEL9uwiFsOlZMLJ_hqTbuKVY&google_cver=1&google_push=AYg5qPICmiyayPs6n_QpOKTN...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPICmiyayPs6n_QpOKTNzFYLBW-ngUCBMBLkdWX2cpUzxySqBUcJe3qFKip6T3QLJ3Dcovxg97qccn0cIbh14oDBqNaUYT6F&google_hm=

170 B
232 B

20ms
19ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPICmiyayPs6n_QpOKTNzFYLBW-ngUCBMBLkdWX2cpUzxySqBUcJe3qFKip6T3QLJ3Dcovxg97qccn0cIbh14oDBqNaUYT6F&google_hm=

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:39 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPICmiyayPs6n_QpOKTNzFYLBW-ngUCBMBLkdWX2cpUzxySqBUcJe3qFKip6T3QLJ3Dcovxg97qccn0cIbh14oDBqNaUYT6F&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 13 Nov 2021 07:35:39 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 39F4 0
50 B 15ms
14ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JzUFGAixqnRsn9gIYYF3UT0NAyxq27mCQA0dx9KIlGlLJobKfG1XKaR5aP6T3e6C1hYNOE2g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492265139527283&output=html&h=600&slotname=7786344747&adk=1960684661&adf=167623212&pi=t.ma~as.7786344747&w=300&fwrn=4&fwrnh=100&lmt=1636875338&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.medyafaresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636875338426&bpp=1&bdt=3054&idt=2&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D24f5bbec1b94b0e4-221f740e51cb00ed%3AT%3D1636875338%3ART%3D1636875338%3AS%3DALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ&prev_fmts=0x0%2C728x90%2C1000x280%2C300x250&nras=1&correlator=8398726754776&frm=20&pv=1&ga_vid=285585964.1636875336&ga_sid=1636875338&ga_hid=1174173816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=980&ady=1699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060033%2C31063246&oid=2&pvsid=4068225407922905&pem=724&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VrGEeIowXG&p=https%3A//www.medyafaresi.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:39 GMT
server: HTTP server (unknown)
alt-svc: clear
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7076 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 06:25:17 GMT

GET
DATA 200
OK truncated
/ Frame 126C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 cta.png
s0.2mdn.net/9951322/1616590441068/ Frame 126C 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1616590441068/cta.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3de2b0342bb00e1a6ff50fa3356e11b1a48495d3def412ecf16e9a07a48bbd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1616590441068/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 02:45:08 GMT
x-content-type-options: nosniff
age: 17432
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1977
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 12:54:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Nov 2021 02:45:08 GMT

GET
H2 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 685E 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 06:25:17 GMT

GET
H3

200

av Show response
vidoomy-d.openx.net/v/1.0/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.medyafaresi.com%2F&cb=1787478557&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C1704424290620367696489901529,,
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.medyafaresi.com%2F&cb=1787478557&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C17044242906203676964899015...

48 B
78 B

22ms
22ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.medyafaresi.com%2F&cb=1787478557&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C1704424290620367696489901529,,
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.medyafaresi.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 14 Nov 2021 07:35:40 GMT
via: 1.1 google
server: OXGW/16.218.0
location: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.medyafaresi.com%2F&cb=1787478557&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C1704424290620367696489901529,,
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.medyafaresi.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C420 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bc-USSryQYcT4MNug7_UP6duLmAsAAAAAOAHgBAI&bg=!qaqlqu7NAAZQLpa_UC47ACkAdvg8WrwvWUTG5iGQJV34MqVbR_A4dmmDrH7W_7HfXvf1Q1iZkwak9AIAAAJVUgAAADNoAQeZAvdSEiM_UgDs0sTE_Uy69APKj8mMp4Cu4dQd5x5RzyHkxzybGJSTd3P108UzhL0fpkNIYurioZWDq8jKYtgsHQV5Cx5TqFEg-5kt3Zx6F_DMxVOFm61LHR7lbvYhfwzWq8YQMjjBOwtrWdUVBJPnS6ya4C-K9VNeH2YhzZNxd8yzHxO6b6jL9kpgsUjdTRCJhiJild_mDVB7XISS4CmQIalrA0V4joUiZUnpbO_szpg5v4M66FOL8El3Fs0mACZFhtVEsvbwgVl6CG5DyJR-M81TPOdl5V_2iQ04P-5zcFk7OyzJrB44zSejkumBkjqoZljw-6fJ4vze-h09aPvIM7TeC78Zr8EWxh_80zNdJcqsosWwy4p418zwihyQOb7FIz_y5pz2QZnN9paex5zX6R9zRARCEzCQHJj7wYf0smUNhFQ4JeeW0d-6SR53kS6KcuQeroYoW4Mql5lM6CSNkK6h6iaNSFAV3wpJNFdAvbgEa5CTWMmtlCaaqgDDPhDGXELLZ5dzqsT7qQcLbWAHb-P_HZq7QgIZwpwEdLsg7SUx-JJJkf0IQG6JzCMvzxl71d05im31qVai-n9OR8mxKDI4t5A33aFXoR4tlyZRf0oDLTSdd0UmlDS0VfgFoTQlnUkc2SSKDcPohS2W3UyKSHJMKCFhmHIOSPiJY1Ky3fYQ2iOkK5UMn4ZPuSTyQlqaCuFLedbiz7Oif3HX2zF63q59rPeTKzCFf1S2Surgx2q7hupMDTvMCCp8hPkMahjd8tbqw7W_EXVRZoEzIVlq0If1OADMbGNNd6msTD9JZ7fOf96-oJGzRZzptWBaKQrTCjeYHqQXv0ChGlODNs-Vi_VaeBDW64MSdhR92EQMEDIZNC-N9g8dxhEbnltZOFAaXmpl8ZKrQBPnmiUayULSCwWrEsDoYfesOvScLlI0yQH88m5j00z82R0sOWXzWWWkCTiPXVCNdW3mbqhkRMoVx1OqizVwdCfgxrMjT7oadq11gN0MJru179A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
90ms Preflight
text/plain 146.20.128.160
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.medyafaresi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 14 Nov 2021 07:35:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.medyafaresi.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 5B13 0
167 B 137ms
137ms XHR
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.medyafaresi.com
date: Sun, 14 Nov 2021 07:35:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
89ms Preflight
text/plain 146.20.128.160
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.medyafaresi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 14 Nov 2021 07:35:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.medyafaresi.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 5B13 0
167 B 109ms
109ms XHR
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.medyafaresi.com
date: Sun, 14 Nov 2021 07:35:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad.js Show response
ad.lkqd.net/vpaid/ Frame 334B 8 KB
2 KB 11ms
10ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/ad.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 4a85bbd945d370b499409eeca2ac0a1ca75110c514373441b77a8ec397c4d7db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:40 GMT
content-encoding: gzip
last-modified: Fri, 20 Dec 2019 22:17:27 GMT
etag: "b701f7cb2e7466f01798a9e3c2203ca5"
x-hw: 1636875340.cds160.fr8.hn,1636875340.cds229.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 2049

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 206 136C90C067B5E3BDCD3620EAF82E5839_0x0_19.mp4
creative.lkqd.net/430/video/ 2 MB
2 MB 51ms
11ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.lkqd.net/430/video/136C90C067B5E3BDCD3620EAF82E5839_0x0_19.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 67603c946150833247a74eb079b95d0a2e90bb5727a54af9598d1ac85f141893

Request headers

Referer: https://www.medyafaresi.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 14 Nov 2021 07:35:40 GMT
last-modified: Wed, 03 Nov 2021 16:48:48 GMT
access-control-allow-origin: *
etag: "ce3d61c298d18e297573c4f78f41eb9b"
x-hw: 1636875340.cds129.fr8.hn,1636875340.cds149.fr8.c
content-type: video/mp4
Content-Range: bytes 0-1903029/1903030
cache-control: public, max-age=1209600
accept-ranges: bytes
Content-Length: 1903030

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7076 0
56 B 48ms
47ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BK-G5SryQYZLiNPWL7_UPzImEgA4AAAAAOAHgBAI&bg=!ra6lrurNAAZQLpa_UC47ACkAdvg8Wkm4SclCLrW7KFbiMZOEJDQQBio3bCEm-eRgPBSCp0jEvA6CNAIAAAEEUgAAAA9oAQcKADT3jjMbokcNCWCpdiiX1ib8wCVzrVI0T-UDIeMW4IG2cljk_lYvBLYKeoIuCWcxFII_2VoamQLk4Z8eX1KFv3URK0mYBUCfpkcCxYg-WVdLYKaPiI8P1I9Gk7X-udiIZuT187AGntLcewfmalI1WYgDjlnG8LVfI2EztGL11gj6Nsei4-gfhq3ELLuq_87X6U2ndElBnV-D1xgrS9q--dtq0u_ZazRh6Uc3pNyIAYM01TxsagqqiLrhSiDpVSVCAgG0Dd_ZHjrQbFJIaoHEX8la7Ij44_JwYERmC-DNHELwcgJoYeNR-OvAZRGj96BstJx-xlOmIHCyG_I_ljWj75pgH-2YTzYcCA_ReWwPMvq-DkIuS_kyIK9nFsdA_mS4sICYHd8AxK4VL0Jc4DJAHMgkTr7771hNWxqZirn4rrEKbMTlEPBu9hH2PNWrRWdT-za3cuDtiqJl0Phc2IDIlLnBLvADFN-KAru3dEvVrOzLS2qULm1N3ChSWafIi0YZ9XZKo742z7zjXy4OoWbh_KzOJu_1NFKoH346xmFuXEtX7LpTcNRKlXjXvdagzxlqGpIaAG8RhRSV0chiOTG9cUeDgHq5rkikoCO4MdsRqWrY5DpbmAi18gV-OSJCkNGxIryh_fkxlBMGHSl3LtsJCHvRgl0LZzGpEod1YjJCYYeb3NJeJw_TH3vzQUuE-XtPN0SskbHFEftKS0M6J3Joypc7zYVKBtngLXPs6XzkikFYYZK5PcyqY2lrFapvSxPkkOW3_WwJqywG_qcnllfReqjcexaWjhhE8Cbw5WXZ8uMhNo4M41tGGtuOsY1T4m8TtavKFvOaEnTMwt9Fzvn0zzaqgFg9PsCPF7UT9L3EfWKSyFkdE99Ygngk_x83rOZMQtoSU9uUleZuH8MB_4_iVGTAJ5JiLwJDnYxdf211M02VmJo5mcInrwhLb9SuUYr6eEzGjYD0FjdCnSSGf-o5z1azKxFoNt7Vq3C_B0ksFNa2uQiRhs2fGOgG_0qurP3vW112ovtqH2qvEVsgR17rxaQ9uFIMPiZ28IeFRAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 685E 0
56 B 49ms
48ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWgmnS7yQYffODdOOgQe2uqfgAQAAAAA4AeAEAg&bg=!h4SlhMDNAAZQLpa_UC47ACkAdvg8Wh08r0JmjoytV91zN_bhT_FYmBm0SGJ2c2EGzYJnZNwnxKIfwwIAAADfUgAAAA5oAQeZAs24e2YFoD51jyIRTxtCMv6c-bzpJH0sko7zb7Z6zP-LF_JHoB5T5koxHJtSmOCa5UQEVs-v92gw_ZhU42D0x2KqLo0_VoFQcVFSUam7Kd9ujcoW1ZbaUBu2Yht7w7vw3R0VjlMm2zq_zx56P9a0cGwMCTxy2nGUbf17d9iySdBgJmOfD6qTd0LfqFN7f9sfjVxPKSUTfQAvo_MAGs2pU1mR3CIUSmRd2S9lvaP9YQEYEeConFntdyCKwC5CGodEq6-M06rAOhzxtIvuC96gl_5c72WoReGei9R1mSBjK1GnNulLTpB5ApeZwtN6C8HKqZPduYzBiRB3gj0MYbwd40vQ9DmICoYLQIVrAbxp8_mwhRs1H0ApnIk3BtddUoycCJahSFiKkra5oBEOuKOQNeh8SV-g2e4e0ESS1Fuf39D2L1rnzirqcwT7hoZCOwF9nwKjr8JO794mSvB-kVSDdKB_7ZEnv-G9EeoNDTkmuQ-qk9BL30cnRt4VKPZuxcL5FoqNhoczf7HWtFd-uSF8Xw98yj3Kvl-K0iC6cYQkfeLxVHOvyxCSs8gQjujic1PL8alLW8QTyQtrnfCEZp7Udk9BCMxhBa6hUG6o-jJ0a8LZv7nQtQP7pwR4rr1tlO2JSFvxuCvs6lOf0vL6vw5Iewh9UN5jYKD8BCuej4krzhwljebKvpUhkIkY8qVw46jdyqk46QcCw3ML3szjlr1N6r3Vhtkgrelx4tzzryN7j6goRet_0N9fIlvtr48dv5KkarWQPX4NlpPV4fzr0F3JE7e3ohk9RJOb1VHvoI5X41HspKvWOFMdp7iOyZJEG_mnPVl_PKlJEaCjezmowRoZYXcpeOE3Cukhx6AHsy8cGDUut0AdXxl4d598H5ufvzVpdDWgH5egV1XU3_YyKvaeGZbfrLNO_aCTOyOPmyiObAiTevW4LkAvfms6I91NDjY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CE28 42 B
174 B 31ms
31ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxd0aIOzITl2fmHihqnike9nfMf_L1_V_Dc6qU8eF9p9yVv5A6pIVsChUIQHWdtT3TtCJ2XYnzxiFlgxGEm0yMa1M_0ivUoYz4jFKzH2f6AlEp4C9rMQ&sai=AMfl-YR7a5W7K49i8PPvvPFF-GPUov6jlbkgvJJQyM98a0z2KSTqvSctuv1cJfKwpLQpgTF3vPOokMO5Nvk4&sig=Cg0ArKJSzOvKOaJzu8y_EAE&cid=CAASBORo7JI&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1685382685&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636875338371&rpt=575&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 5B13 0
167 B 90ms
90ms XHR
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.medyafaresi.com
date: Sun, 14 Nov 2021 07:35:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
90ms Preflight
text/plain 146.20.128.160
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.medyafaresi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 14 Nov 2021 07:35:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.medyafaresi.com

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
89ms Preflight
text/plain 146.20.128.160
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.medyafaresi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 14 Nov 2021 07:35:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.medyafaresi.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 5B13 0
167 B 91ms
91ms XHR
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.medyafaresi.com
date: Sun, 14 Nov 2021 07:35:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 204 pixel.jpg
server-204.lkqd.net/ Frame 6C7A 0
101 B 279ms
89ms Image
text/plain 74.205.28.1
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server-204.lkqd.net/pixel.jpg?adSource=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.205.28.1 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx/1.21.0 / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:40 GMT
server: nginx/1.21.0
x-powered-by: Express
strict-transport-security: max-age=2592000; preload

GET
H2 200 p
sb.scorecardresearch.com/ Frame 6C7A 64 B
442 B 11ms
11ms Image
image/gif 13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?C1=1&C2=23229166&C3=platform&C5=01&C7=https://www.medyafaresi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:40 GMT
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: tWkV64c7oUaTL2fzX59bYaDtyqsk1bxTUEIhD0dQpiuqicSCw8ub7w==

GET
H2 200 p
sb.scorecardresearch.com/ Frame 6C7A 64 B
443 B 10ms
10ms Image
image/gif 13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1636875339&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=20000&ns_st_pt=0&ns_ts=1636875339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:35:40 GMT
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: JMEf2uZcK9iePfpSsEURO7DpwaDvGTfGXa15nMg2lVGdAzdIxLR2CQ==

GET
DATA 200
OK truncated
/ 477 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A0C5 42 B
108 B 34ms
34ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPSfv5jD4yFL1pbWqCkMQ0nA5e-Drn4WhpzXgAjUMAWf_d5Lj-nveDau4b0VMrnZbqrwE9OfNIRS6lghlbC6zcMy7wT6mQfGfzaiJv_dXnz8H_RGXGWQ&sai=AMfl-YQ2XrfgJ8__Txn9jTB4FxTMnY57MFjoAl3pavT6K3Kl3mJuhjPWFrSJ9a9aFlQUTo1NDoYppuI_8zSsbrQMp6ipJ9-d08TIDqoXGSmbd79WcG1jrQnwAJ9VZhc&sig=Cg0ArKJSzEaD1ubLNFasEAE&cid=CAASEuRoGfVKwcTTdSeyerdQVGUCsQ&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2292013630&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636875338490&rpt=640&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 5B13 0
167 B 90ms
90ms XHR
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.medyafaresi.com
date: Sun, 14 Nov 2021 07:35:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
89ms Preflight
text/plain 146.20.128.160
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.medyafaresi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 14 Nov 2021 07:35:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.medyafaresi.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 5B13 0
167 B 90ms
90ms XHR
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.medyafaresi.com
date: Sun, 14 Nov 2021 07:35:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
90ms Preflight
text/plain 146.20.128.160
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.medyafaresi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 14 Nov 2021 07:35:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.medyafaresi.com

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98C0 42 B
108 B 31ms
31ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2J-pdAN6bGloaEhvCSzofGXVY3kZ7s9u4CSew9la9EcUB_MvRi0YPF-_bKLlr9eKO9BXiF795Sa7HF-56B0yOMFpYWHdgLVGc05QlVafF3kJGIq-dHg&sai=AMfl-YT5D7CminGEwT7Xbvh389KDtZNs0uNecGhkSgJC3bTedrmDnesQ1g0V7sRoBE3wO1kkiowR7yANOS43&sig=Cg0ArKJSzJYi6ITKaUuAEAE&id=lidar2&mcvt=1029&p=0,0,280,1000&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3883732668&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636875338379&rpt=1034&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 07:35:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 62430490af011524a1d7c106e8cfe817566e9110.js Show response
cdn.dimml.io/static/ 2 KB
909 B 118ms
117ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dimml.io/static/62430490af011524a1d7c106e8cfe817566e9110.js
Requested by: Host: cdn.dimml.io
URL: https://cdn.dimml.io/dimml.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a3eb9e4028dd190b776e69b180c022d4c20ba5514220d715b67d752396cc1ef6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-77-nzt: AcO1rywl+xrbOQcAAA==
x-accel-expires: @1636877142
date: Sun, 14 Nov 2021 07:35:42 GMT
content-encoding: br
etag: W/"30005f32af60"
x-dimml-version: 2.2 vH8ffFv9
server: CDN77-Turbo
x-77-nzt-ray: CMlxDjbRgRs=
x-77-cache: MISS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1800
x-cache: EXPIRED
x-age: 1849
x-77-pop: frankfurtDE
expires: Sun, 14 Nov 2021 08:05:42 GMT

GET
H/1.1 200
OK 62430490af011524a1d7c106e8cfe817566e9110.js Show response
baltar.dimml.io/flow/3usz/ 0
283 B 155ms
30ms Script
application/javascript 34.255.212.32

General

Check archive.org

Show headers Download Go to

Full URL: https://baltar.dimml.io/flow/3usz/62430490af011524a1d7c106e8cfe817566e9110.js?clientId=2&dom=www.medyafaresi.com&url=https%3A%2F%2Fwww.medyafaresi.com%2F&gemius_sent_once=0
Requested by: Host: cdn.dimml.io
URL: https://cdn.dimml.io/dimml.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.212.32 -, , ASN (),
Reverse DNS
Software: dimml-2.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medyafaresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 07:35:41 GMT
X-DimML-Version: 2.2 vH8ffFv9
Server: dimml-2.2
Vary: *
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nxd.adhaven.com
URL: https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKyUYq4friVCqrdMp644t60&google_cver=1&google_push=AYg5qPKPP_20JrMi3FBxL1oZmg16I2BXcAMlYp3HanpsKEnPJQvto7JJCYHvsBZiJ3QcYfb5FtMuDMSEl9HIkMiGZeG0OQmQXLM

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmY4MDRjMGEtYWQxYi02NTA5LTYwNzUtYjUzYjdiZjhiZDlk

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ0D4oBzx5q-RmzOJSCSNyE&google_cver=1&google_push=AYg5qPJ8elGDdPAm81CrKPUphIjbej8POd4FFQ6tE2QMz25AWfLPtF_eR_bI61cFYn1cpK4rcm4eD2aRa2PrtKHsiB_-R0eK10Gm

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.medyafaresi.com/	1970-01-19 22:41:22	Name: laravel_session Value: eyJpdiI6Ikt3MUhsY2VEQ1h0RlNlWE9mWENENGc9PSIsInZhbHVlIjoiVDVzWWZaa1V0QVRTWVpSSmF4Q2llSEVrS1dtV1ByRUtmVHN6WmUwd2J0elZWVjV3cGxUMEwxeFIzM0Q2Rk5vbU82eXl6THFHaStKODFtZ2tYY3R2SFE9PSIsIm1hYyI6IjczNTkxMDcyZTEzYzdiOTk5Yjc4NTQyMGE5YTIzMmU5YTQwZjY2ODA5OThlYTczZWU0YWQ0NmUyYjI5OGMzNzYifQ%3D%3D
.bildirt.com/	1970-01-19 22:41:17	Name: __cf_bm Value: 1bHbZPfJ7UWUgEB_GsGIakmUyJtLWJdB.axRwEQXx6Q-1636875336-0-AR2z1wI1GP4YVGxz7uuHiiRvfulB8Kl/B2SJ9OOTuYBwpRXKmmrsk9F2xSxU93RXoUEDLFFZpG1/k+qzczDuy5Q=
.medyafaresi.com/	1970-01-20 16:12:27	Name: _ga Value: GA1.2.285585964.1636875336
.medyafaresi.com/	1970-01-19 22:42:41	Name: _gid Value: GA1.2.1761020891.1636875336
.medyafaresi.com/	1970-01-19 22:41:15	Name: _gat Value: 1
.medyafaresi.com/	1970-01-19 22:41:17	Name: __asc Value: c272abf917d1d5f7acf702a0360
.medyafaresi.com/	1970-01-20 07:28:17	Name: __auc Value: c272abf917d1d5f7acf702a0360
.bidswitch.net/	1970-01-20 07:26:51	Name: tuuid Value: 0906a715-5937-47b9-97b7-5eb1d66e60e3
.bidswitch.net/	1970-01-20 07:26:51	Name: c Value: 1636875338
.bidswitch.net/	1970-01-20 07:26:51	Name: tuuid_lu Value: 1636875338
.scorecardresearch.com/	1970-01-20 15:58:03	Name: UID Value: 1NDPXB73VRP7CU8TV1DWTOg1636875339
ads.stickyadstv.com/	1970-01-19 23:24:27	Name: UID Value: d6baf46b602182bc119dcafd2daf5c8
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: e93cae965bc0cd3056ba869017dd2281
.yahoo.com/	1970-01-20 07:27:12	Name: A3 Value: d=AQABBEq8kGECEOmUXE8dc8qgw8ewKMtK3Qc&S=AQAAAn2ccV7PKRfRPjaFWsfdw_E
.vidoomy.com/	1970-01-20 07:26:51	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjA5MDZhNzE1LTU5MzctNDdiOS05N2I3LTVlYjFkNjZlNjBlMyIsImV4cGlyZXMiOjE2Mzk0NjczMzh9LCJDRU4iOnsidWlkIjoibm8tY29uc2VudCIsImV4cGlyZXMiOjE2Mzk0NjczMzh9fX0=
.turn.com/	1970-01-20 03:00:27	Name: uid Value: 2399048842812203411
.medyafaresi.com/	1970-01-20 08:02:51	Name: __gads Value: ID=24f5bbec1b94b0e4-221f740e51cb00ed:T=1636875338:RT=1636875338:S=ALNI_MazfMn5ujAlnKVol_zf3xYAPFkLMQ
.lkqd.net/	1970-01-20 07:26:51	Name: sr55 Value: 1\|\|1636875338
.lkqd.net/	1970-01-20 07:26:51	Name: lkqdidts Value: 1636875338
.lkqd.net/	1970-01-20 07:26:51	Name: sr99 Value: 1\|\|1636875338
.lkqd.net/	1970-01-20 07:26:51	Name: sr103 Value: 1\|\|1636875338
.lkqd.net/	1970-01-20 07:26:51	Name: sr94 Value: 1\|8595720455097295251\|1636875338
.lkqd.net/	1970-01-20 07:26:51	Name: lkqdid Value: 1nDvq1LfxCk
.adnxs.com/	1970-01-20 00:50:51	Name: uuid2 Value: 2683469584136338985
.casalemedia.com/	1970-01-20 07:26:51	Name: CMID Value: YZC8S5896Fuc3XioZ5OgaAAA
.casalemedia.com/	1970-01-20 00:50:51	Name: CMPS Value: 5208
c.deployads.com/	1970-01-20 07:27:12	Name: d7s_dc Value: 44NXSTCwWzfowTGL-wl
.casalemedia.com/	1970-01-20 00:50:51	Name: CMPRO Value: 1155
.casalemedia.com/	1970-01-19 22:42:41	Name: CMST Value: YZC8S2GQvEsA
.doubleclick.net/	1970-01-20 08:02:51	Name: IDE Value: AHWqTUnFakT28wzlLFgyJRTxwFMvoDEIcD9hGjdElauK3BmIPThHRyd0G61qjfHptPA
.krushmedia.com/	1970-01-19 23:24:27	Name: krm_r Value: 57
event.clientgear.com/	1970-01-20 03:00:27	Name: mkuuid Value: mk26470a58-95a4-42ea-b4e5-4c08d3600c50
.krushmedia.com/	1970-01-19 23:24:27	Name: krm_usr Value: df9c97e4-4d47-4a3e-9989-67020b4be795
.casalemedia.com/	1970-01-20 07:26:51	Name: CMRUM3 Value: 2d6190bc4b2760CAESEKDJuTGUl5qYI8pikNNcBC0
.lkqd.net/	1970-01-20 07:26:51	Name: sr85 Value: 1\|\|1636875339
.rfihub.com/	1970-01-20 08:02:51	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MTQyNLAwtLAwsTQ2MjA3shDiM9Q1CYqoCsvJ83P3cDeU4jU0MzazMDc1NrY0MTIFAOoIkH80AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MTQyNLAwtLAwsTQ2MjA3shDiM9Q1CYqoCsvJ83P3cDcEAK6iTIElAAAA
.lkqd.net/	1970-01-20 07:26:51	Name: sr102 Value: 1\|df9c97e4-4d47-4a3e-9989-67020b4be795\|1636875339
.bidr.io/	1970-01-20 08:09:45	Name: bito Value: AAEm4E7DIXkAACjipB65dg
.bidr.io/	1970-01-20 08:09:45	Name: bitoIsSecure Value: ok
.udmserve.net/	1970-01-20 07:26:51	Name: udmts Value: 1636875339.0
.udmserve.net/	1970-01-20 07:26:51	Name: dt Value: 96C2EADD-B616-318C-81C5-2FF9A46AA58B
tagm.tchibo.de/	1970-01-20 00:50:51	Name: tchibo_et_gk Value: 2200e8be0d754569a9e2ecfde3e56562%7c13.01.2022+07%3a35%3a39
tagm.tchibo.de/	1970-01-20 03:00:27	Name: tchibo_et_uk Value: bd26feef69a2493281b67e7541710dfa%7c
tagm.tchibo.de/	1969-12-31 23:59:59	Name: session_session Value: 2c619b1a51d0452baabea961
.lkqd.net/	1970-01-20 07:26:51	Name: sr80 Value: 1\|AAEm4E7DIXkAACjipB65dg\|1636875339
.adnxs.com/	1970-01-20 00:50:51	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C''E-_k3!@wnfH8K6pQK`!5=E<L5?%M5_UUg)jBOT)m=DqEiS?JU2b.V-@X-Q49Xt8z%nugO%v4VB%nmfP0?Ow
.doubleclick.net/	1970-01-19 22:41:18	Name: DSID Value: NO_DATA
sync.srv.stackadapt.com/	1970-01-20 07:26:51	Name: sa-user-id Value: s%3A0-24e14162-8b2e-4729-52ee-5f66492c3cd9.14Q5yGkHkodDfeuzjSSl%2BKwQ0dub9YwA1gK7Zo5TUns
.srv.stackadapt.com/	1970-01-20 07:26:51	Name: sa-user-id-v2 Value: s%3A0-24e14162-8b2e-4729-52ee-5f66492c3cd9%24ip%24168.119.25.196.xmTsljdNWM6plVoBDuOdcmxnSKEBr846%2FXBnQ%2FliJdw
.tribalfusion.com/	1970-01-20 00:50:51	Name: ANON_ID Value: annr6ioZdUQcR2Hp9vcweAMub6jALqJXbVLMbC1CCSqFhnoyfEffXq4Q53qVPnS2yUss5GYd1
.pubmatic.com/	1970-01-19 22:42:41	Name: KTPCACOOKIE Value: YES
.lkqd.net/	1970-01-20 07:26:51	Name: sr93 Value: 1\|JOFBYosuRylS7l9mSSw82ah3GcQ\|1636875339
.openx.net/	1970-01-20 07:26:51	Name: i Value: d043a099-cdeb-045a-2f43-276ad53d4000\|1636875339
.innovid.com/	1970-01-20 00:50:51	Name: uuid Value: 3f4f4b06-ce13-4243-99d9-7bb226d072a1-20211114 02:35:39
.pubmatic.com/	1970-01-20 00:50:51	Name: KADUSERCOOKIE Value: ECD68270-4D08-480A-9982-013F3ECD576F
.spotxchange.com/	1970-01-20 07:26:51	Name: audience Value: 7753f3c4-451d-11ec-a2c1-156973b60006
.openx.net/	1970-01-19 22:41:15	Name: v Value: 1
.openx.net/	1970-01-19 23:02:51	Name: pd Value: v2\|1636875340\|vN
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 7169

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://idsync.rlcdn.com/464986.gif?partner_uid=M0r42hGOJa0 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/464986.gif?partner_uid=aoS2uJISfIo Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://udmserve.net/udm/img.fetch?sid=14449;tid=1;dt=6; Message: Failed to load resource: the server responded with a status of 412 (Precondition Failed)
network	error	URL: https://s0.2mdn.net/9951322/1616590441068/null Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662303698504749 Message: Failed to load resource: the server responded with a status of 400 ()
javascript	error	URL: https://www.medyafaresi.com/ Message: Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmY4MDRjMGEtYWQxYi02NTA5LTYwNzUtYjUzYjdiZjhiZDlk' (redirected from 'https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.medyafaresi.com%2F&cb=1787478557&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C61245%2C1%2C1704424290620367696489901529,,') from origin 'https://www.medyafaresi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmY4MDRjMGEtYWQxYi02NTA5LTYwNzUtYjUzYjdiZjhiZDlk Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_gid=CAESEOuObMtaXLSWmdvZ5E2XSPQ&google_cver=1&google_push=AYg5qPK3LgtLGWzgl4UhAdEpT4Q1-uRSwDBCn8jO6pG3ate4aE_BhiLD2fk3qGTf9Z6IBJ4r3uvrnY650RLolUl1uBQzQXvmQYY Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZC8S5896Fuc3XioZ5OgaAAABIMAAAAB&google_cver=1&google_push=AYg5qPLhI4GV3H1d1YeknFfvKaLTE82zMEs2-Qbq0s1OD0ygO2EepdJ5B5rx5tXpnqRdo5E5gpg_u8L-oMUC6Fk8bfAS2opLbV_E&google_gid=CAESEG2iTEBGG_Tqa65EvQgF9zU Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a.vidoomy.com
abs.twimg.com
ad-cdn.bilgin.pro
ad.bilgin.pro
ad.lkqd.net
ad.turn.com
ads.adaptv.advertising.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
adx.adform.net
ag.innovid.com
baltar.dimml.io
c.deployads.com
cdn.dimml.io
cdn.syndication.twimg.com
cdn2.bildirt.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
creative.lkqd.net
cs.krushmedia.com
cs.lkqd.net
d31qbv1cthcecs.cloudfront.net
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
i.medyafaresi.com
ib.adnxs.com
idsync.rlcdn.com
image6.pubmatic.com
match.prod.bidr.io
medyafaresi.com
nxd.adhaven.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
platform.twitter.com
pr-bh.ybp.yahoo.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.openx.net
s.medyafaresi.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
securepubads.g.doubleclick.net
server-204.lkqd.net
stats.g.doubleclick.net
sync.srv.stackadapt.com
syndication.twitter.com
t.lkqd.net
tagm.tchibo.de
ton.twimg.com
tpc.googlesyndication.com
udmserve.net
v.lkqd.net
vidoomy-d.openx.net
vpaid.pubmatic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.medyafaresi.com
x.bidswitch.net
cm.g.doubleclick.net
cms.quantserve.com
nxd.adhaven.com
104.244.42.72
13.224.186.23
13.224.186.52
13.225.78.39
142.250.185.162
142.250.185.194
142.250.186.98
146.20.128.152
146.20.128.160
146.20.132.165
151.139.128.11
18.158.22.228
18.196.241.128
185.94.180.123
193.0.160.129
195.142.105.24
195.142.109.125
198.47.127.19
2.18.233.180
2.18.234.21
2.18.234.233
2001:4de0:ac18::1:a:3b
2001:678:cb4:bbbb::11
213.202.235.9
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700:3030::6815:1371
2606:4700:3033::6815:3603
2606:4700::6812:d05
2a00:1288:110:c305::8000
2a00:1450:4001:801::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
2a02:6ea0:c700::1
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a05:d01c:1d8:8100:f976:bfd0:751d:6023
3.129.250.65
3.142.157.144
34.255.212.32
35.156.156.223
35.186.253.211
35.244.159.8
35.244.174.68
37.157.3.29
37.252.173.27
47.252.78.131
52.49.134.174
52.51.154.99
54.175.198.118
66.155.71.25
68.71.249.118
69.173.144.165
74.205.28.1
79.137.69.120
8.2.110.134
001126f371d16478f769822874a232d8935246d1f927645a5fcfb65e55fdb0c9
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
02a271d9d0dac8509e05a0099996dc1d19709dbd3948686f7e6d52bc69a66d2d
0618cb16ba25e35eb5697941562ad0925fd5fc6c40de5fa2d10b0de3dee77b35
06eace3652f9afea272419640e801937898433df91ff18536eb434139b491eda
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9acb05e03df0fb0a9fcebeac2103025badd7b3552c0e8ab473fa40e7a3d2a2
0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
119bc3cd74e57ee681ef28b285b2fac8b802f36d2f40c06934d716381464fede
11aee507ab8b3c466a74a9448c5ba338d01f6e975b1416877ea538cc8a4a024c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143e85c8e6d53d4331c64299b96212025b125cb6f7e636ec2511e3c204ab233d
146413e2b12fabbc318e3be9026dee82a548b0715def4f7a65cca9f9e243ca3d
153302ccd34df160b9a5c101e8abdfb45f802882ae11ba76b51f7a59f4071e8c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1bf5b1b16e02956377f2b4a2dda9eea5c5a4d1488137b2be48b3abc6b354090d
1f03edc0fddabfcb872fbeeaffb3ea6528557ac10a6bcce97170a3cccc109def
232ca9ccc8738365bca832c1d3aff16d495ad36219be706a6c14f761f1b5ef14
23d968342a52b86e5f3bba69ab439e051c1447c1ea8655135c2e014bb8c6c887
241408f8a0384b6340ff97aebc9e40d60cd8a7ed7c19d6cbdd84eb97f15d5d44
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
295990e231e33657507f3a317fc108d38fd5568c8c3b27b9a12c4d73434da08f
2a1fd46254fb32dcd41b2abb01049b84c47f76cbf32d73f8a199c98b00509b40
2a55c2c71d0c0040783dc357b70b64054c062da1104b5dd67ea65cf9543c8972
2b2575ab58d1b5b2db5eb5ea62f385ba14546206fb9e4fe3dd93cf51aacbd4fd
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d11112838d624e97a51b3ff7c1df543a31392bf8db67959c2c7c9fc2096ccfa
2dc4a6f94ef60d217d41f440b35753db8a1af821246bf762c2aac722ded27903
31239ed42d0fc9bee2adbe220b5c1bb51fbde1428252885997b9e6c7c5644d85
31b03e60af06f1e27b8b0c281e1dcb46f8aba15065a302978cb49b20dacdf414
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e
3b37d11fc8ce5b75038f8e150ffe2c8c8ff817855cfb8a3763cf777b2237dd0a
3cb7f6da16c490942ffb57e20c0359f1f865ba9bb7450ff6e3ea2a4099491451
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
450f29f0a3a557f1236cee1d644401af1ee0138d247c4d521813f203651de050
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4743bde81c1c82725553cd6f972874b01c61cec6c54c85d320c05e0e5aed5177
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48450713cfb9b78d5de72c4391a772d0ad31989812cf7267e39df3c8c9c12293
499b5e85f090790d4816e771edb671c960e9a76be40ca04a613c36a79387b0c9
4a85bbd945d370b499409eeca2ac0a1ca75110c514373441b77a8ec397c4d7db
4b55c49121b721670b072687b97fab27d222162431b93c8eec6ce76ca4a8b45e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c436513af1dafe924c5b7ab1a90a1b0448f2be9b5a71ff65e82b6f76c96b704
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53dc3ca16fb918ea606819192b5f5af2761b93966125b89cd664b433493633d6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58db5624404a032a11446da3a2b9e5479b33fc24a6b5166a405b1a3f2fed24a1
5b7e154cf279891198590c3ee8b1b8892309b251c5c2ca7b460bf08f99367c8f
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
61692bb7d725767bf9de060bd2a5b14b9bb0959ecca45bf92951c62ad91a8c4c
6514a4ecf9c8ba6f9d9001653807be109f5d7902e6859353b1d2e46bab18e753
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
67603c946150833247a74eb079b95d0a2e90bb5727a54af9598d1ac85f141893
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
6a3f429dbdf93d1f0b3d03656fa99528b810ea805c842beec7a197526bbe231c
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6ed6b9d684cd4243011e689d50dbc247676bfd5716c8130cc6b5d6eaf5bb0c7b
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
727c278bd3059f63a33320178d7535e10ac8aacf3b147451085a102a1ac39f70
75d39eef66d178c7b8929eb5631f5211891f771c0bd27a4df61c0f3f3a5311cd
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7b23d58bd486ffeab370fc0a7d3e0b776a66e951676209e15b84a612ca5423f9
7cb07429f86892247acef969076c9d5c2e275d5cfc0f2e0aae535b043c3f078f
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
80b6cb45660038ca8664df098c41002469441da18a13ad4c53d9c85898c22a5a
80ba741f6d24fc0c269092bfac6787b1cf3113bed88cfff2e84eb64b369b4797
8233e0d283695afa1067e672c037d9e0a05680e96e4f399025876034e182f4bc
82c72cf358f528e5df13354505c9c0f5625d3a265cf300093f6826bcb602a49f
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83a70bd58550fd40beeeb5d0c458ee773cf80e7e23f62a404da3140f9f5eea49
83c1325448ecf38e01b01d03b21c4376b6fa5da52fd4bb6f293cd91656d59cbf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86cb70843986570663230b7a4a54c6eac4014445ab5930635538a4fc92e56f56
86fcac9fd8f5781c76cf8ae0a6fe3091e0c20e29eba712b6daf058e009d340c8
888bc5618973079f4a157c8c94b0afe382e7e957306429c5880e032c83fb8e0c
89d4cb60de4ac1ce7037ed4780f74e4e27fa52b1f584ffea4a7ee7cba831ca61
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b01a4705ae529815dc32d67a7ba4a9ff15f79cdbd150d0f1912a2d44a872fa1
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
91f3867a59a02ed902a278506af5e00bf5fcbdfe483237d0baa65dd894b3c345
9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
9651d8ee8f16b630e384e1cec8b2f13deba78bf2176aa971a1aa684c23cc7c42
96785c2e9ea38cea4758b383cbb6f12edadcac2daec852412994ae2bd8932a89
99a50b833fec96a9f274d707bb567cd242ec35db35d6bc26ac391c0619304b2e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ecd429e89d6a5a4f1418c3ddc50cfc24dac377acba17bc707ca4d6eb7b169fc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a39b209b9b9dda47f5ab83993311092d861d5c3347876521cc6b9847c93411e2
a3de2b0342bb00e1a6ff50fa3356e11b1a48495d3def412ecf16e9a07a48bbd9
a3eb9e4028dd190b776e69b180c022d4c20ba5514220d715b67d752396cc1ef6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a5b11cbc4a16ce02e18d18a9ee1009b115c9bb49cad4783200e49dd7c6bc07cb
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
a7bb7603ffa6dbdf66d8f5467c0aa25e0b3a715a0ad0ea29a80eb0b526487a08
a869f0676572793b556b235ff1e4980991a6e9565a2f2ee273e03a8eeca8feaa
a8bb1da09d58df1429287f31a38e567482dbe69b0699e93ed3c205f6d553ca75
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad546cf7228eccaac68ae716b61bf2e0e1bf3ac5d98801a6212141bf72ce6e87
ade61d6cb05c3a21d242626ad133f21e5966f74a2f930f40a9a176a4d9005ea7
ae0eab5b6808163a8f52311840b81f942e95edce1990ac60a3fe66177b51484f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af730b0a93c12f8e2b852aece6922b74fa7d6b28edf9a472790440a23d7e2e52
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b08261757171f2563764079a0d852faad00b5adf6c19ee7951fd4d472a3913e1
b0d8cf1ac100ca0b86539c30271ab44fcf1cd419ffb0ec19892df7c524ebfef7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23150e9601b33aac3b26c73c3138949f455a7892018b8f02f1db65c0d151b2f
b448446e0e9bcadc01d54b55d28469282d21d55e98fab894c289192ba62b0478
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b684dd040789421a46a73d15a17624fca22594a692d2200d4b8362f497a59948
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf
b8d0b476d33f17f88af0ca5d38a0fa7bade2e40dcd5734a32b926c808c60bec1
ba9268b55c7f2e8858ed9549c65d870a163ad33cf18798c46586553889b28298
baa958ba0ada2db95b0047a3822df13589ef19dec86ecf7c0a9f46600b28d2f2
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c20fb3853e78f1fd105254860320de5dba68c02eccade762896c91c205954a98
c28554b901acf8dbb01422fd927e722a481985057ae8a906282f7b20f11d42fe
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c72cfb6f98bb78965a333443d926f90a7575d59ad50420f965df7566522f6d23
c784b3386c1e6626d578059c72f386af34338336d941cacadc1e0496ea50cf8e
c8231c8359d3fb7d02308b0aa87e803ca4c63a629a30bcdf11c7e6e4e60e232b
ca7686761e8d25ebb8e9763efc8026059e113624afeafee377ac9bf4dcebc55d
ca91853bf2984ca4929f38616380181795cb7827ba2964df42c3b26687ae9b79
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e3463b450f8ca8385a4aff80ebced261ab08dd29d4601c7f8c56631c46653c
d2d3e62be49a950029e24adea571c09bb20f4e208df3ba0e6f18ee613446f466
d6ebb7138ca0b8f88676a394e7cf985631ab69fb9f7e60b17bc562d0cbec833a
dbe2f7f2d48165e7f3be5b77acce743d26a0671c4286bbf8230ea4a90bb4488a
de8383d06a56f08749ed99ad3d43911fe88072a79e9148e2d1dead390f64893f
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
deff0d63e3a3f9b61aa5b3c3a694f78e6cbc1f4039b6bda59048fde0c91ec123
df64cb1101d248333fe1ecd1e259a9d85f6c47c9f106691a0cba7705bb3c9a0d
e0cefa9583b44b0a5e6623ee51b7fb83ee0433a29751311f40b1f43422c4686d
e138f3efc551dc31b46688f12a95c4e668929588b8c0d7e6e2a986090b965e8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56d028b3475445ff601399b7743758a3f1eeedaa1dc4ae2ebfb68dbcbe4c2b9
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e8d849fdc20ffb775b06f3f3888bd40b4fb9b34e7faa6058ff8b9a8aa0f9a3cb
e90ad799aff183ab87a61a911c254fcc844b5e818bc64e703520c7ad7e0a7707
e9a316390c2702cb68576bf0fe5f109807d1bf604b1a6844c610447857186819
ea1e993cc53bbc39a44dc9acf970c7fb12953bef92b465ea57a63f3e24d8e354
eaab639a4518c3600a6bd06b4eab51c41667870c120d1003cff1f07a24adef15
eaca97e848af650beae8772603fb3fe0ee241d433bd75588b2f6ca8364846dd5
ebd127a26e7491069ceff93b78fac5be84a03ede16394e063aab174b6568170f
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ee5aa9ba6c00a7e79a76339fd290f052bc42a818930526d0cc520946ac0feb23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7699c762cfb3e90a3433171d27c2e10e5f593fb4c15fed57ebc4617cd99667
f2ce8b09ebd9244a50af55a930614aef2ae1c39e96a5275a80af8523c5404ea5
f65f3aeed46b79940849fa2022f2cbdf368288de9046f2b3da075c42f9dde8f6
f80a4400f2156c30fd477da8dc093094eedc2ef344a69555f1858139362aae12
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51
fb739545f3414931d0729a155824d6ca1fcea16cd1f08e445f4f9a9b9a11eea6
fd13a6788be83d91c42504b9cf7fa02996648ae13b8bce65f3f1c56592af312d
fd5a0a665c72fa8e8a7a2eadb0d64a23463ecd585f179a203a47d87e5ab7db80

www.medyafaresi.com Open in urlscan Pro 195.142.109.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

332 Requests

83 %HTTPS

42 %IPv6

52 Domains

80 Subdomains

60 IPs

9 Countries

6664 kBTransfer

11149 kBSize

60 Cookies

5 Outgoing links

Page URL History

Redirected requests

332 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.medyafaresi.com Open in urlscan Pro
195.142.109.125 Public Scan

Screenshot
Live screenshot

Full Image

332
Requests

83 %
HTTPS

42 %
IPv6

52
Domains

80
Subdomains

60
IPs

9
Countries

6664 kB
Transfer

11149 kB
Size

60
Cookies

332 HTTP transactions
14 data transactions