secureg3sahibindenparamguvende.com Open in urlscan Pro
52.233.252.195 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secureg3sahibindenparamguvende.com/
Effective URL:
https://secureg3sahibindenparamguvende.com/
Submission: On November 04 via api (November 4th 2022, 6:50:48 am UTC) from NL — Scanned from NL

Summary HTTP 289 Redirects Links 124 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 23 domains to perform 289 HTTP transactions. The main IP is 52.233.252.195, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is secureg3sahibindenparamguvende.com.
TLS certificate: Issued by R3 on November 3rd 2022. Valid for: 3 months.

This is the only time secureg3sahibindenparamguvende.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sahibinden (Classifieds)

Domain & IP information

	IP Address	AS Autonomous System
1 3	52.233.252.195 52.233.252.195	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2606:4700:440... 2606:4700:4400::6812:2962	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 24	85.153.138.73 85.153.138.73	34984 (TELLCOM-AS) (TELLCOM-AS)
62	85.153.138.181 85.153.138.181	34984 (TELLCOM-AS) (TELLCOM-AS)
2	104.18.10.173 104.18.10.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
30	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	184.24.6.87 184.24.6.87	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
15	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
17	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
31	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
289	33

3 52.233.252.195 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secureg3sahibindenparamguvende.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 85.153.138.73 (Turkey) 2 redirects

ASN34984 (TELLCOM-AS, TR)

s0.shbdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.sahibinden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 85.153.138.181 (Turkey)

ASN34984 (TELLCOM-AS, TR)

i0.shbdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image5.sahibinden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.173 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

www.sahibinden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.6.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-6-87.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.sift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	shbdn.com 2 redirects s0.shbdn.com — Cisco Umbrella Rank: 75554 i0.shbdn.com — Cisco Umbrella Rank: 62929	862 KB
42	adform.net track.adform.net — Cisco Umbrella Rank: 3069 s1.adform.net — Cisco Umbrella Rank: 6469	1 MB
37	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 static.doubleclick.net — Cisco Umbrella Rank: 421	228 KB
33	googlesyndication.com ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	272 KB
17	youtube.com www.youtube.com — Cisco Umbrella Rank: 94	2 MB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	468 KB
8	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 349	61 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	95 KB
8	google.com www.google.com — Cisco Umbrella Rank: 17 adservice.google.com — Cisco Umbrella Rank: 134	30 KB
7	onetrust.com cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 6193	122 KB
5	google.nl www.google.nl — Cisco Umbrella Rank: 6051 adservice.google.nl — Cisco Umbrella Rank: 10272	2 KB
5	sahibinden.com www.sahibinden.com — Cisco Umbrella Rank: 25653 static.sahibinden.com — Cisco Umbrella Rank: 87069 banaozel.sahibinden.com Failed image5.sahibinden.com — Cisco Umbrella Rank: 64881	96 KB
3	secureg3sahibindenparamguvende.com 1 redirects secureg3sahibindenparamguvende.com	63 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 106	71 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 202	5 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	112 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	154 KB
1	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 6250	297 B
1	sift.com cdn.sift.com — Cisco Umbrella Rank: 12844	20 KB
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 4397	16 KB
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 760 stags.bluekai.com Failed	207 B
289	23

	Domain	Requested by
60	i0.shbdn.com	secureg3sahibindenparamguvende.com
31	s1.adform.net	track.adform.net s1.adform.net secureg3sahibindenparamguvende.com
30	securepubads.g.doubleclick.net	secureg3sahibindenparamguvende.com securepubads.g.doubleclick.net s0.shbdn.com ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com www.googletagservices.com
23	s0.shbdn.com	2 redirects secureg3sahibindenparamguvende.com s0.shbdn.com
17	www.youtube.com	ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com www.youtube.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com tpc.googlesyndication.com
13	ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com	securepubads.g.doubleclick.net ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
11	track.adform.net	securepubads.g.doubleclick.net s1.adform.net track.adform.net
10	www.googletagservices.com	ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8	jnn-pa.googleapis.com	www.youtube.com
7	cdn-ukwest.onetrust.com	secureg3sahibindenparamguvende.com s0.shbdn.com cdn-ukwest.onetrust.com
6	www.google.com	secureg3sahibindenparamguvende.com tpc.googlesyndication.com www.youtube.com
5	pagead2.googlesyndication.com	s0.shbdn.com tpc.googlesyndication.com www.googletagservices.com
5	googleads.g.doubleclick.net	www.googletagmanager.com www.youtube.com
4	www.gstatic.com	www.youtube.com www.gstatic.com
4	fonts.gstatic.com	www.youtube.com
3	www.google.nl	secureg3sahibindenparamguvende.com
3	secureg3sahibindenparamguvende.com	1 redirects s0.shbdn.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	image5.sahibinden.com	ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.nl	securepubads.g.doubleclick.net
2	www.facebook.com	secureg3sahibindenparamguvende.com
2	connect.facebook.net	secureg3sahibindenparamguvende.com connect.facebook.net
2	www.googletagmanager.com	static.sahibinden.com www.googletagmanager.com
2	www.sahibinden.com	secureg3sahibindenparamguvende.com
1	hexagon-analytics.com
1	cdn.sift.com	s0.shbdn.com
1	tags.bkrtx.com	secureg3sahibindenparamguvende.com
1	tags.bluekai.com	s0.shbdn.com
1	static.sahibinden.com	secureg3sahibindenparamguvende.com
0	stags.bluekai.com Failed	tags.bkrtx.com
0	banaozel.sahibinden.com Failed	s0.shbdn.com
289	36

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.sahibinden.com
secure.sahibinden.com
banaozel.sahibinden.com
policies.google.com
insankaynaklari.sahibinden.com
yardim.sahibinden.com
www.facebook.com
www.twitter.com
www.linkedin.com
www.instagram.com
www.youtube.com
www.guvendamgasi.org.tr
etbis.eticaret.gov.tr

Subject Issuer	Validity	Valid
secureg3sahibindenparamguvende.com R3	`2022-11-03` - `2023-02-01`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-07-18` - `2023-07-18`	a year	crt.sh
*.shbdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-29` - `2023-09-28`	a year	crt.sh
i0.shbdn.com GeoTrust RSA CA 2018	`2022-08-18` - `2023-08-18`	a year	crt.sh
*.sahibinden.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-21` - `2023-04-18`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-13` - `2022-11-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
*.sift.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-07` - `2023-01-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.hexagon-analytics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-31` - `2023-12-01`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://secureg3sahibindenparamguvende.com/
Frame ID: DC67252B3CA830BD2BB072B89FBFA210
Requests: 134 HTTP requests in this frame

Frame: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 107F656EBC1CBBD4D42E5BF0CF1DB063
Requests: 1 HTTP requests in this frame

Frame: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 5020D68BEDEFA3D19CB767FF0A46188D
Requests: 7 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/39228?ret=html&phint=geoip_city%3D&phint=geoip_isp%3D&phint=__bk_t%3DSahibinden%20Sat%C4%B1l%C4%B1k%2C%20Kiral%C4%B1k%2C%20Emlak%2C%20Oto%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&phint=__bk_k%3Dsahibinden%2C%20al%C4%B1%C5%9Fveri%C5%9F%2C%20online%20al%C4%B1%C5%9Fveri%C5%9F%2C%20emlak%20fiyatlar%C4%B1%2C%202.el%20oto%2C%20ikinci%20el%20araba%20fiyatlar%C4%B1%2C%20motorsiklet%20fiyatlar%C4%B1%2C%20motor%2C%20kol%20saati%20modelleri%2C%20SLR%20foto%C4%9Fraf%20makinesi%2C%20cep%20telefonu%20fiyatlar%C4%B1%2C%20bayan%20i%C3%A7%20giyim%2C%20bayan%20%C3%A7anta%2C%20bayan%20ayakkab%C4%B1%2C%20gelinlik%20modelleri%2C%20oto%20yedek%20par%C3%A7a%20fiyatlar%C4%B1%2C%20mp3%20playerlar%2C%20%C3%A7ocuk%20oto%20koltu%C4%9Fu%2C%20bilgisayar%20par%C3%A7alar%C4%B1%2C%20klasik%20araba%2C%20tekne%2C%20%C3%BCcretsiz%20ilan%2C%20bedava%20ilan%2C%20%C3%BCcretsiz%20emlak%20ilan%2C%20%C3%BCcretsiz%20oto%20ilan%2C%20seri%20ilan%2C%20%C3%BCcretsiz%20i%C5%9F%20ilan%C4%B1&phint=__bk_l%3Dhttps%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&phint=__bk_v%3D3.1.10&limit=4&r=39884685
Frame ID: 261A7C5AB0E18138A1AAA9E89D44378D
Requests: 1 HTTP requests in this frame

Frame: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 266044E993B4E785D332135CC77EFB93
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvq5YDpXaYGG625-Ow9MfYUSHycezsV0vmSnu_gM65FNZoX9TGCz6xfQd-Jgiu-0LXbP_CMGq7VrJIMXN5DPyIfEQ7ZzZX5f7HSA5a2eaiLfIJn25EqiA3oFd3s4Kysfxwy6dwQfr5OUjJatSHIUIyo9rDY0vC6lxrLtLA2Gd60mZcyRRUjUF-qK9t6QPLOKjAOIr0omJGgJA6ootythW0PIFbYctvQCXeAibpFzjNwSqIySGgVsu4LTROqSaF8MT23qXcydVAeRP7506mLpa6qJ9Nrt2kQG8qWfRwMKYjhGrMmWtxqqlYZcS9WRyPrYS3o_k1v9i8f0RBcu3mxoGTJfGzhgJVsAK_gozQ&sai=AMfl-YTMvKJwpjDvAYtIQfX17gvCvXfutqOQiBkrgcOKI2SgTWe5nTuLvDJ5ykc3FuhtMIJgSFc4PuFAKah2njx4xRa0zX569oAYPJTP9N6JkBvfltuAjLfnRxdwae5FrQ1xuQ&sig=Cg0ArKJSzGSwAZdMlN6LEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 74ABA372086F068BB18E4D1ADAC215C5
Requests: 5 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstL0WRW1dLveMTI8zZovVzUXuK3ndTMhzkxn0y7f-qOJblkPzi29OYPYSEwjEGbML-WeXY4TVc5L2t0gF_pw5s1vEJPE17pdLsEmVMTbGY7Q-Ma6aQf1wSWFCfN9fD8lKRDJwtPA52Qrk2hzqd0dFL--BQTKGbIP5ZUqLib0C2gxyeX13u1OlEsraodyPrej9m76zVtbWttS2Fvk_fI8KinCMlLLa4K-KShvOFKTaf1rT8cnBQoAhH6OaEDCEbFUdjJSE-nBBOPVkQz-7K6JXCYECzgrZpUm7EqZpJNg18ItoLR37VFa-OxVZuALXF4OSRjsRZ7kEvQxJhPGgMo4hRmEKP2_J8&sai=AMfl-YSFq9S9FUiZREfmeOYKMQbUtEn0WMwODfmbSfpzXXZp7Qe77nxrTw6OC1zVTEErKNj1VIO3sYEcXK3MBPqXfWgt0wgAWyn5h_HJvy1kiRUKoMWIdCXwEU5VNr0dXIME5Q&sig=Cg0ArKJSzGlIpu8ZkmfXEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=117736586
Frame ID: 58B616934B827CBF56DA49DE37B6E1B8
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/QASJggonHWE
Frame ID: D74802B262848D06410B6C61609ED7E7
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B6289EC83E02161FF3D4D9BFDA86FE90
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 94814EDD39331D2FD9F2A2CC2CB5446E
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D579E053C2DE9D34D8C76E2D17D19D73
Requests: 1 HTTP requests in this frame

Frame: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 06A594BAD536384F94FFE0087FBA9198
Requests: 9 HTTP requests in this frame

Frame: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 0109B223331AB7C0503D58058B08291C
Requests: 8 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/11959692.js?ADFassetID=11959692&bv=769
Frame ID: 17A0F12E892AF5663700D91B101D52AD
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIE4-W-JpWuEdijSmggLVSUJdZ-b-Z-jvxnWws-hq2KQg6uqGbWTa-MQ-qc_ZkvqtnGii1JoqDINMCkvtgeuFDBQOULUtdDwyAZ5Ud9On5F2O1wHhbUsSDGKuRJkf0rwtbAMhNzwm2AzJjXidD02ATAHhh8K-h6IKAZhlNAFbck2lRPEU52FCmxisPE_0-u0UNt-2oAUhb8E2MRWS3wKkkxLmKVqbybCLNC9wUYuOusfklJrRTleNqh_MAMc0Dz5eJ7tzRWWZ6yz9ejQJMBjqvxCjBs_wsCN0SJyWEjH9bmULY9EocnVUTGAwPG_QQQU_VNdaluycoodTp9twI65g5t57nCQ4rsyLGGII&sai=AMfl-YSR-uB3U7W4mgKgqQHMwJFQGLLttCurTF0TDuQT36yVoiYIb44sawQSpaDOrDMEbCruKl-3YtInlMDtnaC0NlZ-OVxepUbsa6sXtoM-hu25tvtnrN8f1VSQwJrzXRyRwg&sig=Cg0ArKJSzO2ih3WfDebWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 685327E76B85D29B88B606B1900B9EBA
Requests: 5 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvMCD0PVwywLzZlWVYyMChzvTMIAwPz7_TdMp0eJDSyo_AmErZSv5Q5_4bN7gMYQb0SfXLwfIwUDFU6D_meYvdnoyVtW5sgzTUI-LnX4hh6po3XdrJWtr6NgenNgRw9ksywz6swz9lAKO7FBlt1g8mQ0ubb_uBRgV7apxxmAzjYnVJwReCkWpZ54SxG2V_FbZQNzlkCm8ZAaztUhUaxvfW4ORUPfhP6HhSjG6ynpR9tKpahAL9sJ_XQzSwqE5AzjNQSUGsyQ1u7rTb1XFZOHfkJNrGQjt7_GuuJ09in0joTqFQhLXz6AOlBCUa4mAxwQ6tQkncTHnn8aA--6wmWJitpCxkhI6g&sai=AMfl-YS-Gt-8aSB3Bo5y2fJg5dWnfbOW8B133HB7YIJfiDXBHB6n_yIUpy1FVYWa71z6BrG30HOV7kDqsjazpX8yyzZ-EHfw56Hr-lPg6iGKspMI-_dzL-KBnEV6HImhCR9uyA&sig=Cg0ArKJSzMpV6pW_tVfHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=1884043197
Frame ID: 45FC7EFA75D97730579EEA647D606A1E
Requests: 8 HTTP requests in this frame

Frame: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 53490A0FF16F78F36A5D3AA575022E01
Requests: 8 HTTP requests in this frame

Frame: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 3830C46BEF4A6F30738F906A5CA12DD0
Requests: 7 HTTP requests in this frame

Frame: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: D6F21D42D3C9E1DCF6BB19993B1045BC
Requests: 6 HTTP requests in this frame

Frame: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 8CBAECBF4903621B050C5E515D499CC3
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/QASJggonHWE
Frame ID: CB200673EE227AE18E31265A0E0177B1
Requests: 21 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/11959692.js?ADFassetID=11959692&bv=769
Frame ID: E6E9DF79686B3CAF46CA721DEE039DF8
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sahibinden Satılık, Kiralık, Emlak, Oto, Alışveriş Ürünleri

Page URL History Show full URLs

http://secureg3sahibindenparamguvende.com/ HTTP 301
https://secureg3sahibindenparamguvende.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

Page Statistics

289
Requests

96 %
HTTPS

69 %
IPv6

23
Domains

36
Subdomains

33
IPs

6
Countries

5368 kB
Transfer

20768 kB
Size

15
Cookies

124 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/tr/app/sahibinden.com-mobil/id418535251?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.sahibinden

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/
Title: sahibinden.com anasayfasına dön

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/arama/detayli
Title: Detaylı Arama

Search URL Search Domain Scan URL

URL: https://secure.sahibinden.com/giris
Title: Giriş Yap

Search URL Search Domain Scan URL

URL: https://secure.sahibinden.com/kayit
Title: Hesap Aç

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/favori-ilanlar
Title: Favori İlanlarım

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ilan-ver/adim-1/?state=new
Title: Ücretsiz* İlan Ver

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ekspertiz-ekle/adim-1
Title: Ekspertiz Raporu Oluştur

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/bilgilerim
Title: Fotoğraf Ekle

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/
Title: Bana Özel Özet

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ilanlarim
Title: İlanlarım

Search URL Search Domain Scan URL

URL: https://secure.sahibinden.com/odeme?hideSteps=true
Title: Sepetim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/magazam/toplu-doping
Title: Doping Satın Al

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/mevcut-siparislerim
Title: Siparişlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/satistaki-urunlerim
Title: Satış İşlemlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/alim-islemlerim
Title: Alım İşlemlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/satis-islemlerim
Title: Satış İşlemlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/kargolayacaklarim
Title: Satış İşlemlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/magazam/icerik
Title: Mağazam

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/emlak-ofisim
Title: Emlak Ofisim

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/cikis
Title: Çıkış Yap

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/mesajlarim
Title: Tümünü Gör

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/bilgilendirmeler
Title: Tümünü Gör

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ilanlarim/pasif
Title: Yayında Olmayanlar

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ekspertiz-raporlarim?reportStatus=U
Title: ilana eklenmeyenler

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ekspertiz-raporlarim?reportStatus=B
Title: ilana eklenenler

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/alicidan-onay-beklediklerim
Title: Alıcıdan Onay Beklediklerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/basarili-satislarim
Title: Başarılı Satışlarım

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/iade-edilenler
Title: İade Edilenler

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/iade-islemlerim
Title: İade İşlemlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/tamamlananlar
Title: Tamamlananlar

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/get
Title: Mesafeli Satış Sözleşmelerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/kargolayacaklarim
Title: Kargolayacaklarım

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/alicidan-onay-beklediklerim
Title: Alıcıdan Onay Beklediklerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/basarili-satislarim
Title: Başarılı Satışlarım

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/iade-edilenler
Title: İade Edilenler

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/satista-olmayan-urunlerim
Title: Satışta Olmayan Ürünlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/kapora/gonderilen
Title: Gönderdiklerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/kapora/alinan
Title: Gelenler

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/favori-aramalarim
Title: Favori Aramalarım'a Git

Search URL Search Domain Scan URL

URL: https://secure.sahibinden.com/sifremi-unuttum
Title: Şifremi Unuttum

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Gizlilik Politikası

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Kullanım Koşulları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/acil-acil
Title: Acil Acil

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/fiyati-dusenler
Title: Fiyatı Düşenler

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/son-48-saat
Title: Son 48 Saat

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/son-1-hafta
Title: 1 Hafta

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/son-1-ay
Title: 1 Ay

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/ozel-ders-verenler-dans
Title: Dans

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/efsane-ilanlar
Title: Efsane Ilanlar

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/ilginc-ilanlar
Title: İlginç İlanlar

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/cep-telefonu-modeller-apple-iphone-12-mini
Title: iPhone 12 Mini

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oyun-konsol-oyun-konsolu-playstation-5
Title: PlayStation 5

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/kosu-bandi
Title: Koşu Bandı

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/elektrikli-isitici
Title: Elektrikli Isıtıcı

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/toyota
Title: Toyota Fiyatları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/cep-telefonu-giyilebilir-teknoloji-akilli-saat-oppo
Title: Oppo Watch

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/kombi
Title: Kombi Fiyatları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/capa-makinesi
Title: Çapa Makinesi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/cep-telefonu-modeller-samsung-galaxy-s20-fe
Title: Galaxy S20 FE

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oyun-konsol-oyun-konsolu-xbox-series-s
Title: Xbox Series S

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto360/sifir-araclar/audi-a6-sedan-otomatik-dizel-50-tdi-quattro-design-2021
Title: Audi A6 50 TDI

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/param-guvende/bireysel
Title: sahibinden Param Güvende

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto360/sifir-araclar/mazda-fiyat-listesi
Title: Mazda Fiyat Listesi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto360/sifir-araclar/bmw-fiyat-listesi
Title: BMW Fiyat Listesi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto360/sifir-araclar/fiat-fiyat-listesi
Title: Fiat Fiyat Listesi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto360/sifir-araclar/dacia-fiyat-listesi
Title: Dacia Fiyat Listesi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto360/sifir-araclar/honda-fiyat-listesi
Title: Honda Fiyat Listesi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto360/sifir-araclar/mercedes-benz-fiyat-listesi
Title: Mercedes Fiyat Listesi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto360/sifir-araclar/renault-fiyat-listesi
Title: Renault Fiyat Listesi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto360/sifir-araclar/opel-fiyat-listesi
Title: Opel Fiyat Listesi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto360/sifir-araclar/audi-fiyat-listesi
Title: Audi Fiyat Listesi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto360/sifir-araclar/volkswagen-fiyat-listesi
Title: Volkswagen Fiyat Listesi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/boyaci-hizmetleri
Title: Boyacı

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/evden-eve-nakliyat-hizmetleri
Title: Evden Eve Nakliye

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/yalitim-mantolama-hizmetleri
Title: Mantolama

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/su-tesisati-hizmetleri
Title: Su Tesisatı

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/dogalgaz-tesisati-hizmetleri
Title: Doğal Gaz Tesisatı

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto-kaporta-boya-hizmetleri
Title: Oto Boya

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto-tamir-servis-hizmetleri
Title: Oto Tamiri

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/elektrikci-hizmetleri
Title: Elektrikçi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/cilingir-hizmetleri
Title: Çilingir

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/oto-plaka-hizmetleri
Title: Plaka

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/zemin-kaplama-hizmetleri
Title: Parke

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/banyo-mutfak-dekorasyonu-hizmetleri
Title: Mutfak Yenileme

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/restoran-ve-konaklama-is-ilanlari
Title: Restoran ve Konaklama

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/magazacilik-ve-perakendecilik-is-ilanlari
Title: Mağaza ve Perakendecilik

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/tekstil-ve-konfeksiyon-is-ilanlari
Title: Tekstil ve Konfeksiyon

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/ofis-yonetimi-ve-idari-isler-is-ilanlari
Title: Ofis Elemanı

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/satis-is-ilanlari
Title: Satış

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/musteri-hizmetleri-is-ilanlari
Title: Müşteri Hizmetleri

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/is-ilanlari/istanbul
Title: İstanbul İş İlanları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/is-ilanlari/ankara
Title: Ankara İş İlanları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/is-ilanlari/izmir
Title: İzmir İş İlanları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/is-ilanlari/adana
Title: Adana İş İlanları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/is-ilanlari/bursa
Title: Bursa İş İlanları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/is-ilanlari/antalya
Title: Antalya İş İlanları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/kurumsal/hakkimizda/
Title: Hakkımızda

Search URL Search Domain Scan URL

URL: https://insankaynaklari.sahibinden.com/
Title: İnsan Kaynakları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/kurumsal/iletisim/
Title: İletişim

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/doping-tanitim/
Title: Doping

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/guvenli-e-ticaret
Title: Güvenli e-Ticaret (GeT)

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/toplu-urun-girisi
Title: Toplu Ürün Girişi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/reklam/
Title: Reklam

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sahibinden-dogal-reklam/
Title: sahibinden Doğal Reklam

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/mobil
Title: Mobil

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/neden-magaza
Title: Neden Mağaza?

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/magaza-ac?sizi-arayalim
Title: Mağaza Açmak İstiyorum

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/guvenli-alisverisin-ipuclari/
Title: Güvenli Alışverişin İpuçları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sozlesmeler/
Title: Sözleşmeler ve Kurallar

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sozlesmeler/bireysel-uyelik-sozlesmesi-0
Title: Hesap Sözleşmesi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sozlesmeler/kullanim-kosullari-35
Title: Kullanım Koşulları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/site-haritasi
Title: Site Haritası

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sozlesmeler/kisisel-verilerin-korunmasi-58
Title: Kişisel Verilerin Korunması

Search URL Search Domain Scan URL

URL: https://yardim.sahibinden.com/hc/tr
Title: Yardım ve İşlem Rehberi

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sahibindencom
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/sahibindencom
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/sahibinden-com
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sahibindencom/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/sahibindencom
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.guvendamgasi.org.tr/firmadetay.php?Guid=25680f1d-270b-11ea-991b-48df373f4850

Search URL Search Domain Scan URL

URL: https://etbis.eticaret.gov.tr/sitedogrulama/A5A0C8D9C9844AA4881F75323D212DA1

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sozlesmeler/sahibindencom-cerez-politikasi-47
Title: Çerez Aydınlatma Metni’ni

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secureg3sahibindenparamguvende.com/ HTTP 301
https://secureg3sahibindenparamguvende.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://s0.shbdn.com/projeler/media/photos/Project/2021/09/b53209f0e4d2b233/Self/dce7b9d0bb7d8a86.jpg HTTP 302
https://www.sahibinden.com/kategori/emlak-projeler/

Request Chain 66

https://s0.shbdn.com/projeler/media/photos/Project/2020/09/7e7eb2d6d836e02f/Self/57b922744eed55f2.jpg HTTP 302
https://www.sahibinden.com/kategori/emlak-projeler/

289 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
secureg3sahibindenparamguvende.com/
Redirect Chain

http://secureg3sahibindenparamguvende.com/
https://secureg3sahibindenparamguvende.com/

210 KB
62 KB

313ms
280ms

Document
text/html

52.233.252.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.233.252.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / PHP/8.0.25 PleskLin

Resource Hash

2587dc90996e1c8e061ba5114c24f3dc5e742e810cf4eb8a468daa7ca79af37f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 04 Nov 2022 06:50:39 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.0.25 PleskLin

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 04 Nov 2022 06:50:39 GMT
Location: https://secureg3sahibindenparamguvende.com/
Server: nginx

GET
H2 200 OtAutoBlock.js Show response
cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/ 11 KB
3 KB 111ms
58ms Script
application/x-javascript 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/OtAutoBlock.js

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcbcdc99957ee59c1a3d1a2d8cf4f4ee9b52c0eee8d745461851858838678d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 06:50:39 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: argJU+0o985M5lq79558WQ==
age: 10908
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2836
x-ms-lease-status: unlocked
last-modified: Fri, 30 Sep 2022 08:03:38 GMT
server: cloudflare
etag: 0x8DAA2BA485D199F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 19b044aa-701e-000b-588f-ee3cef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 764b6aae3858bb4f-FRA

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 21 KB
8 KB 101ms
49ms Script
application/javascript 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 06:50:39 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: e0VkrpV+7zqDAjQ/RMXPsw==
age: 10943
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Tue, 25 Oct 2022 19:11:55 GMT
server: cloudflare
etag: 0x8DAB6BCC7E8944A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 729a0eb7-001e-002d-0e8f-eea75b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 764b6aae385dbb4f-FRA
expires: Fri, 04 Nov 2022 10:50:39 GMT

GET
H2 200 common:792f0be8a5899e70a6c6d7fe80386f04.css
s0.shbdn.com/assets/ 184 KB
36 KB 245ms
66ms Stylesheet
text/css 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

0e124860d2af8ff60c41f3acde3aeed89e77ce56a8713f93d3876adc77a05e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Wed, 05 Oct 2022 07:55:13 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 2588078
content-length: 35623
x-secure-option: secure
last-modified: Wed, 15 Jun 2022 07:50:36 GMT
server: Sahibinden Web Servers
etag: W/"62a98f4c-2de01"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 homepage:9baa9b5a488ef7799328c992ad0379c0.css
s0.shbdn.com/assets/ 75 KB
9 KB 356ms
177ms Stylesheet
text/css 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/homepage:9baa9b5a488ef7799328c992ad0379c0.css

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

ebdd45b769d30106a6cab38a7383fd158695fb8f13be53782ed14a16b6b2c374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Thu, 06 Oct 2022 09:37:06 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 2495573
content-length: 9440
x-secure-option: secure
last-modified: Mon, 25 Apr 2022 15:37:46 GMT
server: Sahibinden Web Servers
etag: W/"6266c04a-12a95"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 header:c6b3129350353426751445b895a83cd7.png
s0.shbdn.com/assets/images/ 47 KB
48 KB 57ms
57ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/header:c6b3129350353426751445b895a83cd7.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

0859b5ac6be24f29f4c93380fd4e02fe8a37e840286f55c0d4b4fcfdbdb0d701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Wed, 05 Oct 2022 03:40:59 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2603330
content-length: 48219
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:28 GMT
server: Sahibinden Web Servers
etag: "633c4d5c-bc5b"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 LucidaGrande:ac6eab3860943d84118563394a9d86b3.woff
s0.shbdn.com/assets/blob/ 35 KB
35 KB 239ms
64ms Font
application/font-woff 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/blob/LucidaGrande:ac6eab3860943d84118563394a9d86b3.woff

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

b40a6b4901212b611472999a4f3b0c0347813ae58891aa0019c55521ef7b7eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css
Origin: https://secureg3sahibindenparamguvende.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Wed, 05 Oct 2022 03:41:20 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2603310
content-length: 35540
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:26 GMT
server: Sahibinden Web Servers
etag: "633c4d5a-8ad4"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 LucidaGrande-Bold:d6dc488393ebe0e7e04044b162f0967a.woff
s0.shbdn.com/assets/blob/ 30 KB
31 KB 346ms
178ms Font
application/font-woff 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/blob/LucidaGrande-Bold:d6dc488393ebe0e7e04044b162f0967a.woff

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

0a9e8c4bdfe123d1b0b73263cb9c16321b8d147484b3f425d36e8af80b1b7a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css
Origin: https://secureg3sahibindenparamguvende.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Wed, 05 Oct 2022 03:41:53 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2603278
content-length: 31032
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:26 GMT
server: Sahibinden Web Servers
etag: "633c4d5a-7938"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 categoryIcons:86f990652082849473493736b187bc5a.png
s0.shbdn.com/assets/images/ 20 KB
20 KB 56ms
55ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/categoryIcons:86f990652082849473493736b187bc5a.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/homepage:9baa9b5a488ef7799328c992ad0379c0.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

4a0cdb0b55b18dec492034480072cc8c5968cc92a5720244a89bce8de14b93a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.shbdn.com/assets/homepage:9baa9b5a488ef7799328c992ad0379c0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Wed, 05 Oct 2022 03:42:25 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2603244
content-length: 20293
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:28 GMT
server: Sahibinden Web Servers
etag: "633c4d5c-4f45"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 homepage:19346fbed6aa19ea685a8b1d6b599500.png
s0.shbdn.com/assets/images/ 6 KB
6 KB 95ms
95ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/homepage:19346fbed6aa19ea685a8b1d6b599500.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/homepage:9baa9b5a488ef7799328c992ad0379c0.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

2dc10413c3504f5fe304a4f5ee322ab042147251639a2a0fdb6610eb82e882e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.shbdn.com/assets/homepage:9baa9b5a488ef7799328c992ad0379c0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Wed, 05 Oct 2022 03:42:25 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2603244
content-length: 6368
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:28 GMT
server: Sahibinden Web Servers
etag: "633c4d5c-18e0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 thmb_1003222181uw5.jpg
i0.shbdn.com/photos/22/21/81/ 3 KB
3 KB 305ms
108ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/22/21/81/thmb_1003222181uw5.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 800a5ecf1b4eea2da9ba7994f993d266e383792b2173f5d323592f68f5bb90d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 52,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 59267941 7167320
last-modified: Sun, 27 Mar 2022 16:41:47 GMT
etag: "624093cb-d79"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3449
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_655021072tji.jpg
i0.shbdn.com/photos/02/10/72/ 5 KB
5 KB 359ms
163ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/02/10/72/thmb_655021072tji.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: cf83ab610a76346516edf7982ea17113793e77ebc32752d8c657b43d33adfd9d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-206 36,8087, tmll-217 167,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 136897223 8174744
last-modified: Mon, 25 Jan 2021 14:20:27 GMT
content-md5: qVzfy3jxzBlunaflNxuWMw==
x-isdebug: t=isv2p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5151
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_7953818720pu.jpg
i0.shbdn.com/photos/38/18/72/ 7 KB
7 KB 251ms
55ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/38/18/72/thmb_7953818720pu.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 804452fcf1d17cc71e7ba2d286c26f9ef1ec33b1c874e238f174bfaa582c1ff2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 165,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 36044423 16138860
last-modified: Mon, 09 Aug 2021 19:56:50 GMT
etag: "61118882-1a6f"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 6767
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_9567047413bd.jpg
i0.shbdn.com/photos/70/47/41/ 7 KB
7 KB 250ms
55ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/70/47/41/thmb_9567047413bd.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 3a29301f8fa867418f936a52e29cdcc2e4db7c6305b264bd49cab60e3d888bc4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 170,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 68276878 7913041
last-modified: Mon, 20 Sep 2021 07:41:14 GMT
etag: "61483b1a-1c36"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 7222
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_1013829906wxc.jpg
i0.shbdn.com/photos/82/99/06/ 6 KB
6 KB 304ms
109ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/82/99/06/thmb_1013829906wxc.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 0949334ca6d10831fb16720d631d7d4f3fc24296be714e8a1dc7cf37e5a4cb5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 50,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 63231577 7352758
last-modified: Sat, 02 Apr 2022 08:11:31 GMT
etag: "62480533-1666"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5734
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_1012811637lnx.jpg
i0.shbdn.com/photos/81/16/37/ 5 KB
5 KB 304ms
110ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/81/16/37/thmb_1012811637lnx.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 8760e9214111895d236fdc98eb7386ca8a5b576b96b25c489c8eec3416e1a9e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 56,83
date: Fri, 16 Sep 2022 18:43:19 GMT
x-vdebug: processed_images_nginx 26295720 2744960
last-modified: Tue, 29 Mar 2022 12:37:24 GMT
etag: "6242fd84-1470"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5232
expires: Sun, 16 Oct 2022 18:43:19 GMT

GET
H2 200 thmb_1013060895a2h.jpg
i0.shbdn.com/photos/06/08/95/ 3 KB
3 KB 444ms
281ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/06/08/95/thmb_1013060895a2h.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: b8dc0982f0070cb72f613cf3fff323b94e5e5174531bd5c1a649e759a6207d60

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 55,83
date: Sun, 23 Oct 2022 05:24:50 GMT
x-vdebug: processed_images_nginx 246482116 557117
last-modified: Wed, 30 Mar 2022 11:16:28 GMT
etag: "62443c0c-ba6"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2982
expires: Tue, 22 Nov 2022 05:24:50 GMT

GET
H2 200 thmb_9972113217yd.jpg
i0.shbdn.com/photos/21/13/21/ 6 KB
6 KB 380ms
219ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/21/13/21/thmb_9972113217yd.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: bdc193e685997d86af4a293c2feb6c42389cb08511b867d5ee04c345cd33c64a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-206 36,8087, tmll-217 46,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 1049997889 6706972
last-modified: Fri, 04 Feb 2022 16:45:07 GMT
content-md5: xcmYr5h0McBpx1sjM6GK6Q==
x-isdebug: t=isv2p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 6373
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_10121246204cf.jpg
i0.shbdn.com/photos/12/46/20/ 6 KB
6 KB 445ms
282ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/12/46/20/thmb_10121246204cf.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 6c4983067c8338ca679076be09bcb927795b486461256446e01a775803e4a3a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 173,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 45690739 6118078
last-modified: Sat, 26 Mar 2022 21:44:25 GMT
etag: "623f8939-1874"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 6260
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_998982653wyj.jpg
i0.shbdn.com/photos/98/26/53/ 6 KB
6 KB 433ms
271ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/98/26/53/thmb_998982653wyj.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 809be4e88992dbaed5f252ff30ebcd0d925065a578b7dca32f96306791de84d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 53,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 70107961 6345167
last-modified: Thu, 10 Feb 2022 13:48:23 GMT
etag: "620517a7-18bf"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 6335
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_1007028850zlg.jpg
i0.shbdn.com/photos/02/88/50/ 5 KB
6 KB 326ms
163ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/02/88/50/thmb_1007028850zlg.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 94e286a4a63623b4e64017a3eac0eca0888d298c3a6e6da11ffcf9cfec61c9ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 48,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 51491703 2421099
last-modified: Wed, 09 Mar 2022 20:53:58 GMT
etag: "622913e6-158b"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5515
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_1008373715e28.jpg
i0.shbdn.com/photos/37/37/15/ 6 KB
6 KB 444ms
281ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/37/37/15/thmb_1008373715e28.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: a670e6091e74c0ae54446a7bce34f602797e9e6596f95c23a45df26c60e7dfc9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-206 53,8087, tmll-217 57,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 26190896 9182315
last-modified: Mon, 14 Mar 2022 13:58:24 GMT
content-md5: v+kaMg2qpPGh+ThyWD2CYA==
x-isdebug: t=isv2p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 6478
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_1011569334vml.jpg
i0.shbdn.com/photos/56/93/34/ 5 KB
5 KB 381ms
219ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/56/93/34/thmb_1011569334vml.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: af35391336179ac692442637b95488641864cb93122a39e05e7ba18af18ce288

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 56,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 26295721 9274343
last-modified: Thu, 24 Mar 2022 21:35:00 GMT
etag: "623ce404-128b"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4747
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_9279256881u7.jpg
i0.shbdn.com/photos/92/56/88/ 6 KB
6 KB 327ms
165ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/92/56/88/thmb_9279256881u7.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 523ee90d17489bb368ef1474d5fcada7696e8508069c8a81b02e37e899f78ea1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 65,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 25745745 9277289
last-modified: Fri, 28 May 2021 16:36:23 GMT
etag: "60b11c07-161f"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5663
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 404 thmb_1013387066ey5.jpg
i0.shbdn.com/photos/38/70/66/ 0
60 B 441ms
278ms Image
image/webp 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/38/70/66/thmb_1013387066ey5.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-206 23,8087, tmll-217 168,83
date: Fri, 04 Nov 2022 06:47:24 GMT
cache-control: max-age=300
x-vdebug: processed_images_nginx_cdc 376118369 373455971
content-length: 0
content-type: image/webp

GET
H2 200 thmb_1012743181vva.jpg
i0.shbdn.com/photos/74/31/81/ 6 KB
6 KB 382ms
220ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/74/31/81/thmb_1012743181vva.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 1e1765fdfe102fca2550a34c864e02ec8737336b7127b0a5563d066c10e40bc7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-206 53,8087, tmll-217 172,83
date: Mon, 24 Oct 2022 09:17:32 GMT
x-vdebug: processed_images_nginx 251682582 30805929
last-modified: Thu, 31 Mar 2022 11:32:45 GMT
content-md5: UsL3F7Hg9PZmZJAmLT1T5g==
x-isdebug: t=isv2p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5672
expires: Wed, 23 Nov 2022 09:17:32 GMT

GET
H2 200 thmb_1006065940ndg.jpg
i0.shbdn.com/photos/06/59/40/ 4 KB
4 KB 436ms
274ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/06/59/40/thmb_1006065940ndg.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 58eca727604c51ea39ea5226a9e70031e5087a9fcf2ec5f9848f043779ef301e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 47,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 55477762 14039203
last-modified: Sun, 06 Mar 2022 10:09:47 GMT
etag: "6224886b-ea3"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3747
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_1004994504v9f.jpg
i0.shbdn.com/photos/99/45/04/ 6 KB
6 KB 435ms
274ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/99/45/04/thmb_1004994504v9f.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: ed83e2eac41ac51f344f29661ef2fa58c89a93efd1f3999aa204cc292ca272c9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 174,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 33880257 9601384
last-modified: Wed, 02 Mar 2022 15:13:36 GMT
etag: "621f89a0-16f7"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5879
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_1013598647c0f.jpg
i0.shbdn.com/photos/59/86/47/ 6 KB
6 KB 441ms
278ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/59/86/47/thmb_1013598647c0f.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 16704446839b353bc6f4253d5dd6920457a4bf640d34a1e640aa4ebe89a06829

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 64,83
date: Fri, 16 Sep 2022 18:43:23 GMT
x-vdebug: processed_images_nginx 38204733 3536710
last-modified: Fri, 01 Apr 2022 10:24:33 GMT
etag: "6246d2e1-176a"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5994
expires: Sun, 16 Oct 2022 18:43:23 GMT

GET
H2 200 thmb_936674447d5l.jpg
i0.shbdn.com/photos/67/44/47/ 4 KB
4 KB 382ms
220ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/67/44/47/thmb_936674447d5l.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: a4c21f821670a78f2293d9472e69fdd5254c9f504bb715cc9ecf0cdd366979e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 167,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 136897224 8339305
last-modified: Wed, 12 Jan 2022 12:34:02 GMT
etag: "61decaba-e94"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3732
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_1013102899b57.jpg
i0.shbdn.com/photos/10/28/99/ 5 KB
5 KB 434ms
273ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/10/28/99/thmb_1013102899b57.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 0f8e789439d7c1acb29f96b44d113d2cf782d19f0250559ccda58af8a6400693

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 53,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 70107962 6602262
last-modified: Wed, 30 Mar 2022 15:39:19 GMT
etag: "624479a7-14c7"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5319
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_1013488767oz6.jpg
i0.shbdn.com/photos/48/87/67/ 4 KB
4 KB 328ms
166ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/48/87/67/thmb_1013488767oz6.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 226475e4cf18d1dd01990a6b0d9ca5022e7a8020a8e84dde81513ff3495e7da9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-206 57,8087, tmll-217 51,83
date: Fri, 16 Sep 2022 18:43:26 GMT
x-vdebug: processed_images_nginx 51586936 5391567
last-modified: Thu, 31 Mar 2022 22:34:38 GMT
content-md5: vrgwua7/fzZ+/UPSH5NjeQ==
x-isdebug: t=isv2p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4229
expires: Sun, 16 Oct 2022 18:43:26 GMT

GET
H2 200 thmb_1012933071tnf.jpg
i0.shbdn.com/photos/93/30/71/ 4 KB
4 KB 327ms
164ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/93/30/71/thmb_1012933071tnf.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 029b6281d992711b9f72a33229905734c5f87bbf7d7c0fd154b238a64745fcf0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 171,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 59185176 1898845
last-modified: Wed, 30 Mar 2022 00:44:22 GMT
etag: "6243a7e6-e58"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3672
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 404 thmb_976287123a6j.jpg
i0.shbdn.com/photos/28/71/23/ 0
139 B 217ms
54ms Image
image/webp 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/28/71/23/thmb_976287123a6j.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-206 10,8087, tmll-217 62,83
date: Fri, 04 Nov 2022 06:47:24 GMT
cache-control: max-age=300
x-vdebug: processed_images_nginx_cdc 37399509 37917407
content-length: 0
content-type: image/webp

GET
H2 200 thmb_10041062290ru.jpg
i0.shbdn.com/photos/10/62/29/ 5 KB
5 KB 437ms
275ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/10/62/29/thmb_10041062290ru.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 6a2c7bfb36ae8b60a38dc17ce1b36f640243cc9cdb227c43aabff9736f85232f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 48,83
date: Fri, 16 Sep 2022 18:43:25 GMT
x-vdebug: processed_images_nginx 51491704 6227379
last-modified: Sun, 27 Feb 2022 15:37:00 GMT
etag: "621b9a9c-12a2"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4770
expires: Sun, 16 Oct 2022 18:43:25 GMT

GET
H2 200 thmb_1013935799o6u.jpg
i0.shbdn.com/photos/93/57/99/ 4 KB
4 KB 443ms
280ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/93/57/99/thmb_1013935799o6u.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: d250addc678adbf8fae04975dc2fac402336c949bfbdcdb3788add23069202d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 165,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 36044424 9183114
last-modified: Sat, 02 Apr 2022 13:41:22 GMT
etag: "62485282-1062"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4194
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_10143496783av.jpg
i0.shbdn.com/photos/34/96/78/ 6 KB
6 KB 383ms
220ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/34/96/78/thmb_10143496783av.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: c831e1ca21a06efa859224ad33e9cb73209290f677a1e1e0033206cf6af733cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 63,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 32130992 6450158
last-modified: Mon, 04 Apr 2022 08:04:22 GMT
etag: "624aa686-17cd"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 6093
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_1012562550rjk.jpg
i0.shbdn.com/photos/56/25/50/ 3 KB
3 KB 327ms
165ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/56/25/50/thmb_1012562550rjk.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: d552913a94e926a6e997baf6e1cc6199e49c06f4212ce7a79601003eaad49259

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 63,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 32130991 9898240
last-modified: Mon, 28 Mar 2022 15:37:33 GMT
etag: "6241d63d-d15"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3349
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_1013473892ubu.jpg
i0.shbdn.com/photos/47/38/92/ 5 KB
5 KB 446ms
283ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/47/38/92/thmb_1013473892ubu.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 089c55a40992eb010120cd2dbc209e75b7eee50db7b91403985d303627541b64

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 61,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 46755777 8498768
last-modified: Thu, 31 Mar 2022 20:55:29 GMT
etag: "62461541-156d"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5485
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 param-guvende-iade-tr:1e8a8ec5759acc382dc7bbe9d829806b.png
s0.shbdn.com/assets/images/ 12 KB
12 KB 95ms
90ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/param-guvende-iade-tr:1e8a8ec5759acc382dc7bbe9d829806b.png

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

8e5b3db565036219e63146b381a63e38f4b126f2164753ad42af8a912b399432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Wed, 05 Oct 2022 09:15:15 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2583276
content-length: 12102
x-secure-option: secure
last-modified: Wed, 05 Oct 2022 06:34:44 GMT
server: Sahibinden Web Servers
etag: "633d2584-2f46"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 thmb_1010950667l0j.jpg
i0.shbdn.com/photos/95/06/67/ 5 KB
5 KB 435ms
272ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/95/06/67/thmb_1010950667l0j.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 24dbe47be92dc803180399f3bbede24ef2ac4c73821ab2f3af5a5ac766579680

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-206 53,8087, tmll-217 46,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 1049997890 7250123
last-modified: Wed, 23 Mar 2022 21:39:15 GMT
content-md5: DbkFrAS5gKJp+G7qohcU8g==
x-isdebug: t=isv2p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4818
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_993989941n5y.jpg
i0.shbdn.com/photos/98/99/41/ 4 KB
4 KB 436ms
273ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/98/99/41/thmb_993989941n5y.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 8878d86cde8c46058bd664a86f161a6347df290b9a89acc05e5e1c02003ae921

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 59,83
date: Fri, 16 Sep 2022 08:20:00 GMT
x-vdebug: processed_images_nginx 36007166 8
last-modified: Mon, 24 Jan 2022 17:18:11 GMT
etag: "61eedf53-1125"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4389
expires: Sun, 16 Oct 2022 08:20:00 GMT

GET
H2 200 thmb_10118668846u8.jpg
i0.shbdn.com/photos/86/68/84/ 4 KB
4 KB 445ms
282ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/86/68/84/thmb_10118668846u8.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: c6e7abb3cd0bc3ce900ed92137f7827184d23f5d547e7d07be76c4c70d883d70

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-206 26,8087, tmll-217 46,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 1049997891 995322
last-modified: Sun, 27 Mar 2022 08:53:58 GMT
content-md5: 8+Riuc+RYbSXwmDZ3upPUw==
x-isdebug: t=isv2p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3936
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_10133193278zi.jpg
i0.shbdn.com/photos/31/93/27/ 6 KB
6 KB 443ms
280ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/31/93/27/thmb_10133193278zi.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 6470009192203d51e397ab6e630b9c7793e94f114b8590e66726d0a94dff481b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 64,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 38204734 6190318
last-modified: Thu, 31 Mar 2022 10:36:15 GMT
etag: "6245841f-16bf"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5823
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_10131157524bw.jpg
i0.shbdn.com/photos/11/57/52/ 4 KB
4 KB 380ms
218ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/11/57/52/thmb_10131157524bw.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: c871b6a1cb8370ff1a23ea43d1417cd5a9b1de6bad30de2dbf3a54542d7d2ead

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-206 23,8087, tmll-217 50,83
date: Fri, 16 Sep 2022 18:43:28 GMT
x-vdebug: processed_images_nginx 63231578 4553085
last-modified: Wed, 30 Mar 2022 17:16:03 GMT
content-md5: 1gBL6FKDSTH7MXC6rLK6Gg==
x-isdebug: t=isv2p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4083
expires: Sun, 16 Oct 2022 18:43:28 GMT

GET
H2 200 thmb_10000892301i3.jpg
i0.shbdn.com/photos/08/92/30/ 5 KB
5 KB 435ms
273ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/08/92/30/thmb_10000892301i3.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 2b63ace158af3a33d574702cd0ca8081c2cf4030c00c070d723b1c8b8538f0f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 60,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 51719463 5335230
last-modified: Mon, 14 Feb 2022 12:17:06 GMT
etag: "620a4842-1202"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4610
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_972494269y28.jpg
i0.shbdn.com/photos/49/42/69/ 5 KB
5 KB 436ms
274ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/49/42/69/thmb_972494269y28.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: be5962e1cec02200366ee90bc16ae755fd4b7354c90e628b2660739db5f9c680

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 54,83
date: Fri, 16 Sep 2022 18:39:04 GMT
x-vdebug: processed_images_nginx 19482247 5258483
last-modified: Wed, 22 Dec 2021 08:23:44 GMT
etag: "61c2e090-13c9"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5065
expires: Sun, 16 Oct 2022 18:39:04 GMT

GET
H2 200 thmb_919889926115.jpg
i0.shbdn.com/photos/88/99/26/ 5 KB
5 KB 383ms
221ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/88/99/26/thmb_919889926115.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: b0c3a8b73a1e8310dbbbb360a2d7179f57a808caa5b3130a4e54f83ca2db799a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 171,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 59185177 6930388
last-modified: Tue, 13 Apr 2021 11:01:49 GMT
etag: "60757a1d-13c7"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5063
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_981877134xc9.jpg
i0.shbdn.com/photos/87/71/34/ 5 KB
5 KB 379ms
217ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/87/71/34/thmb_981877134xc9.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 854f8d8d3450e9918bf7492a62c87cee4c27d250ce59c9464a64760fa72f1d68

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 62,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 37399510 5234107
last-modified: Fri, 10 Dec 2021 16:24:58 GMT
etag: "61b37f5a-1311"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4881
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_94644255452j.jpg
i0.shbdn.com/photos/44/25/54/ 6 KB
6 KB 442ms
279ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/44/25/54/thmb_94644255452j.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 5dd689afb1765e844f5aed12487f28fd215ae11cb5b87b6d3567814b879204e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 58,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 30505370 3987883
last-modified: Fri, 19 Nov 2021 08:24:12 GMT
etag: "61975f2c-180f"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 6159
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_1009078960de2.jpg
i0.shbdn.com/photos/07/89/60/ 2 KB
2 KB 441ms
277ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/07/89/60/thmb_1009078960de2.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 173981b6b3688a4197d33a6cec94459ba352f9fcde4ee48e59334c7e377a71f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 58,83
date: Fri, 16 Sep 2022 18:43:32 GMT
x-vdebug: processed_images_nginx 30505369 5906447
last-modified: Mon, 21 Mar 2022 16:51:33 GMT
etag: "6238ad15-797"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1943
expires: Sun, 16 Oct 2022 18:43:32 GMT

GET
H2 200 thmb_977943749v25.jpg
i0.shbdn.com/photos/94/37/49/ 4 KB
5 KB 379ms
218ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/94/37/49/thmb_977943749v25.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: aca5f9dbcbe39a107bc17b9c36065a1c04d3aa1ad1b6550c91a011812c6481b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 64,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 38204732 9638568
last-modified: Sun, 13 Mar 2022 16:39:18 GMT
etag: "622e1e36-11e0"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4576
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 see-your-ad-here-tr:f22d9eeae42a5ab3ac9e98f6d800c131.png
s0.shbdn.com/assets/images/ 22 KB
22 KB 93ms
90ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/see-your-ad-here-tr:f22d9eeae42a5ab3ac9e98f6d800c131.png

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

32ba12f52a73ca68c527f700a200a0537432791e3ec8bd71b06fc3398fb6ad4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Wed, 05 Oct 2022 03:42:10 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2603260
content-length: 22085
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:28 GMT
server: Sahibinden Web Servers
etag: "633c4d5c-5645"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 thmb_10136859582jw.jpg
i0.shbdn.com/photos/68/59/58/ 3 KB
3 KB 444ms
281ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/68/59/58/thmb_10136859582jw.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: c84e9a9ee67f4576ac555b7f5c543c5f38bd310a52f84ec67fe2ae86d2c32073

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 65,83
date: Fri, 16 Sep 2022 18:43:36 GMT
x-vdebug: processed_images_nginx 25745746 3377483
last-modified: Fri, 01 Apr 2022 16:04:07 GMT
etag: "62472277-d46"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3398
expires: Sun, 16 Oct 2022 18:43:36 GMT

GET
H2 200 thmb_871575598eim.jpg
i0.shbdn.com/photos/57/55/98/ 5 KB
5 KB 443ms
280ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/57/55/98/thmb_871575598eim.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: a73f9b6d1e2afcc9bbaa6b2ff012c88ad9976725532c170c7d61ba741a3d578e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 54,83
date: Fri, 16 Sep 2022 14:56:20 GMT
x-vdebug: processed_images_nginx 19482248 2929695
last-modified: Fri, 16 Oct 2020 11:00:54 GMT
etag: "5f897d66-1211"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4625
expires: Sun, 16 Oct 2022 14:56:20 GMT

GET
H2 200 thmb_9024113577nm.jpg
i0.shbdn.com/photos/41/13/57/ 5 KB
5 KB 444ms
281ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/41/13/57/thmb_9024113577nm.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 4022ddb53fde666a9bb5feabbcd14ac9a8c7d765bb6e9dd4a3b2223c32eb83c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 54,83
date: Fri, 16 Sep 2022 13:05:47 GMT
x-vdebug: processed_images_nginx 19482249 5964425
last-modified: Thu, 06 Jan 2022 12:06:59 GMT
etag: "61d6db63-1492"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5266
expires: Sun, 16 Oct 2022 13:05:47 GMT

GET
H2 200 param-guvende-taksit-tr:2b0f1ae71d7ecdf30b18f3660a8b691d.png
s0.shbdn.com/assets/images/ 14 KB
15 KB 93ms
91ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/param-guvende-taksit-tr:2b0f1ae71d7ecdf30b18f3660a8b691d.png

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

20738a2eb3eac0799cc62a59317a3e6d9427d0bae220790b5676ffb7d1ca40f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Wed, 05 Oct 2022 10:51:04 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2577526
content-length: 14669
x-secure-option: secure
last-modified: Wed, 05 Oct 2022 06:34:44 GMT
server: Sahibinden Web Servers
etag: "633d2584-394d"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 thmb_965568074eh6.jpg
i0.shbdn.com/photos/56/80/74/ 5 KB
5 KB 326ms
165ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/56/80/74/thmb_965568074eh6.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: a56f5476f9eb34977206de87edbac5ede117223eab875426fd6bab021c9b9ae9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 172,83
date: Mon, 24 Oct 2022 08:41:19 GMT
x-vdebug: processed_images_nginx 251682581 29370413
last-modified: Mon, 18 Oct 2021 17:03:40 GMT
etag: "616da8ec-13da"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5082
expires: Wed, 23 Nov 2022 08:41:19 GMT

GET
H2 200 thmb_101070870525m.jpg
i0.shbdn.com/photos/70/87/05/ 6 KB
6 KB 326ms
164ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/70/87/05/thmb_101070870525m.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 952fe98642c12debdeed81fe2dfff28284fa855929ff4ad0eaaac249755e2251

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-206 10,8087, tmll-217 52,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 59267942 5423936
last-modified: Mon, 21 Mar 2022 19:22:56 GMT
content-md5: FakxX1ZJZK76mKLDilqgKA==
x-isdebug: t=isv2p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5647
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_10097409799mc.jpg
i0.shbdn.com/photos/74/09/79/ 4 KB
4 KB 438ms
277ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/74/09/79/thmb_10097409799mc.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 244470b190d15ddb8725c831ed3c65c2d6560599224880a92be57618a072855d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 167,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 136897225 8987457
last-modified: Tue, 22 Mar 2022 12:23:46 GMT
etag: "6239bfd2-fe1"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4065
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_1010285283cof.jpg
i0.shbdn.com/photos/28/52/83/ 5 KB
5 KB 437ms
276ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/28/52/83/thmb_1010285283cof.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: dec176c33b21311a166c1e5d7b3da5c5b0bf52d7f61fad3db5ef454b4c88bb66

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 61,83
date: Fri, 16 Sep 2022 16:18:10 GMT
x-vdebug: processed_images_nginx 46755776 5573883
last-modified: Sun, 20 Mar 2022 10:08:53 GMT
etag: "6236fd35-1492"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5266
expires: Sun, 16 Oct 2022 16:18:10 GMT

GET
H2 200 thmb_10112969289o0.jpg
i0.shbdn.com/photos/29/69/28/ 6 KB
6 KB 439ms
277ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/29/69/28/thmb_10112969289o0.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: d87f584d5d64bb91e43f7947c89bed10d8b40fa8e46150b6217eb89bc8a243c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 168,83
date: Wed, 19 Oct 2022 16:08:30 GMT
x-vdebug: processed_images_nginx 376118368 17326844
last-modified: Wed, 23 Mar 2022 18:39:43 GMT
etag: "623b696f-1698"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5784
expires: Fri, 18 Nov 2022 16:08:30 GMT

GET
H2 200 thmb_10132240543jl.jpg
i0.shbdn.com/photos/22/40/54/ 3 KB
3 KB 438ms
277ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/22/40/54/thmb_10132240543jl.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 25a54f0e39f550938dc7d88ecf3ce1fdc0c745eb41c6263456f6db51830eba9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-206 22,8087, tmll-217 60,83
date: Fri, 16 Sep 2022 18:43:37 GMT
x-vdebug: processed_images_nginx 51719464 2939045
last-modified: Thu, 31 Mar 2022 01:01:42 GMT
content-md5: hSfPkmGDCot+2sGdufblpA==
x-isdebug: t=isv2p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3434
expires: Sun, 16 Oct 2022 18:43:37 GMT

GET
H2 200 thmb_10076673847nu.jpg
i0.shbdn.com/photos/66/73/84/ 4 KB
4 KB 487ms
326ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/66/73/84/thmb_10076673847nu.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 4fcfe8f3df74301ed41f11d4d747edaeae1d3b5d540559aac296f6230c659931

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 50,83
date: Fri, 16 Sep 2022 21:10:39 GMT
x-vdebug: processed_images_nginx 63231581 3357739
last-modified: Sun, 03 Apr 2022 09:00:56 GMT
etag: "62496248-e55"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3669
expires: Sun, 16 Oct 2022 21:10:39 GMT

GET
H2 200 thmb_995544088bob.jpg
i0.shbdn.com/photos/54/40/88/ 4 KB
5 KB 438ms
276ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/54/40/88/thmb_995544088bob.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 199785f9eb06ae04bb5a618779db48f1a0069a75083852952044c9e8916e6089

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 50,83
date: Fri, 16 Sep 2022 08:24:04 GMT
x-vdebug: processed_images_nginx 63231579 491738
last-modified: Sun, 30 Jan 2022 11:52:44 GMT
etag: "61f67c0c-118e"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4494
expires: Sun, 16 Oct 2022 08:24:04 GMT

GET
H2 200 thmb_1001059888ejp.jpg
i0.shbdn.com/photos/05/98/88/ 5 KB
5 KB 438ms
276ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/05/98/88/thmb_1001059888ejp.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: d73c07f849ce47a3cb3df93a3dd26e92dac561b7eac26b04e7ebefca4f83e0cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 52,83
date: Fri, 16 Sep 2022 18:43:37 GMT
x-vdebug: processed_images_nginx 59267943 5172781
last-modified: Thu, 17 Feb 2022 14:44:23 GMT
etag: "620e5f47-13f7"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5111
expires: Sun, 16 Oct 2022 18:43:37 GMT

GET
H2

429

/
www.sahibinden.com/kategori/emlak-projeler/
Redirect Chain

https://s0.shbdn.com/projeler/media/photos/Project/2021/09/b53209f0e4d2b233/Self/dce7b9d0bb7d8a86.jpg
https://www.sahibinden.com/kategori/emlak-projeler/

0
0

203ms
108ms

Image
text/html

104.18.10.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sahibinden.com/kategori/emlak-projeler/
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Server: 104.18.10.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

location: https://www.sahibinden.com/kategori/emlak-projeler/
cache-control: private
content-type: text/html

GET
H2

429

/
www.sahibinden.com/kategori/emlak-projeler/
Redirect Chain

https://s0.shbdn.com/projeler/media/photos/Project/2020/09/7e7eb2d6d836e02f/Self/57b922744eed55f2.jpg
https://www.sahibinden.com/kategori/emlak-projeler/

0
0

204ms
109ms

Image
text/html

104.18.10.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sahibinden.com/kategori/emlak-projeler/
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Server: 104.18.10.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

location: https://www.sahibinden.com/kategori/emlak-projeler/
cache-control: private
content-type: text/html

GET
H2 200 s360HomePageShowcase:796052e8932edf60e373ae7333d5f70d.png
s0.shbdn.com/assets/images/ 8 KB
8 KB 90ms
90ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/s360HomePageShowcase:796052e8932edf60e373ae7333d5f70d.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/homepage:9baa9b5a488ef7799328c992ad0379c0.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

7865f573443123a3a839956b13619680221514563ab784b77e1654b0dc600373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.shbdn.com/assets/homepage:9baa9b5a488ef7799328c992ad0379c0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Wed, 05 Oct 2022 03:42:17 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2603252
content-length: 7789
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:28 GMT
server: Sahibinden Web Servers
etag: "633c4d5c-1e6d"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 thmb_397694640n4m.jpg
i0.shbdn.com/photos/69/46/40/ 4 KB
4 KB 324ms
321ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/69/46/40/thmb_397694640n4m.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 75b5fedfb4183ada888c57b48514b06ebe7166cb649b28a81506b7e593734983

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 48,83
date: Fri, 16 Sep 2022 08:20:04 GMT
x-vdebug: processed_images_nginx 51491705 655370
last-modified: Fri, 10 Feb 2017 12:14:46 GMT
etag: "589daeb6-1022"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4130
expires: Sun, 16 Oct 2022 08:20:04 GMT

GET
H2 200 thmb_152751203dfw.jpg
i0.shbdn.com/photos/75/12/03/ 3 KB
3 KB 324ms
322ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/75/12/03/thmb_152751203dfw.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 51771b1a6e2a42380d4cda0d660d28656458f909d2e54ad3a7ffc8e4a4618ba1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 63,83
date: Fri, 16 Sep 2022 14:14:39 GMT
x-vdebug: processed_images_nginx 32130993 1320470
last-modified: Sat, 22 Sep 2018 20:43:30 GMT
etag: "5ba6a972-b09"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2825
expires: Sun, 16 Oct 2022 14:14:39 GMT

GET
H2 200 thmb_55912824222i.jpg
i0.shbdn.com/photos/12/82/42/ 6 KB
7 KB 325ms
322ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/12/82/42/thmb_55912824222i.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 758195006caef972efce32f02801b49d6df67f45326767a533aa57169cff9b96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 168,83
date: Wed, 19 Oct 2022 00:06:29 GMT
x-vdebug: processed_images_nginx 376118370 32789
last-modified: Mon, 04 Jan 2021 17:49:13 GMT
etag: "5ff35519-198c"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 6540
expires: Fri, 18 Nov 2022 00:06:29 GMT

GET
H2 200 thmb_144190656dfv.jpg
i0.shbdn.com/photos/19/06/56/ 13 KB
13 KB 324ms
322ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/19/06/56/thmb_144190656dfv.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 756685b686f2a316114d3cd82e1cd5fb33fe32b7e541aa1bb53f6f6f489de247

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 169,83
date: Fri, 16 Sep 2022 08:20:10 GMT
x-vdebug: processed_images_nginx 65899221 1277970
last-modified: Fri, 31 Jul 2015 13:44:45 GMT
etag: "55bb7bcd-33d5"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13269
expires: Sun, 16 Oct 2022 08:20:10 GMT

GET
H2 200 thmb_44760844765f.jpg
i0.shbdn.com/photos/60/84/47/ 5 KB
5 KB 325ms
323ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/60/84/47/thmb_44760844765f.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: cb9c3de53698737781d648714d0b167f3ffbad9cae453393032d4347933e137d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 55,83
date: Sun, 23 Oct 2022 04:30:32 GMT
x-vdebug: processed_images_nginx 246482117 5439495
last-modified: Tue, 17 Aug 2021 22:08:38 GMT
etag: "611c3366-137e"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4990
expires: Tue, 22 Nov 2022 04:30:32 GMT

GET
H2 200 thmb_777024358tuz.jpg
i0.shbdn.com/photos/02/43/58/ 3 KB
3 KB 326ms
323ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/02/43/58/thmb_777024358tuz.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 300687b9e712f18d6688d417cd5fd7efe34dd2220c9f12eed9a4ca49c0bd025d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 56,83
date: Fri, 16 Sep 2022 14:14:39 GMT
x-vdebug: processed_images_nginx 26295722 3087554
last-modified: Tue, 07 Jan 2020 16:21:31 GMT
etag: "5e14b00b-c24"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3108
expires: Sun, 16 Oct 2022 14:14:39 GMT

GET
H2 200 thmb_373185768bk5.jpg
i0.shbdn.com/photos/18/57/68/ 3 KB
3 KB 326ms
324ms Image
image/jpeg 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.shbdn.com/photos/18/57/68/thmb_373185768bk5.jpg
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 41a960dd1339b86a493c8de436f5a498931ea48a02b7ea7b7dd447eece7b5c5f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 47,83
date: Fri, 16 Sep 2022 14:14:39 GMT
x-vdebug: processed_images_nginx 55477763 4532485
last-modified: Tue, 28 Dec 2021 11:09:05 GMT
etag: "61caf051-c67"
x-isdebug: t=pu01p
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3175
expires: Sun, 16 Oct 2022 14:14:39 GMT

GET
DATA 200
OK truncated
/ 35 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: affe37b465da5c8e7605b32ce0f19dd9c4d10a73f9a9c73484c98336bb6af25d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 analytics:1.js Show response
static.sahibinden.com/assets/ 11 KB
5 KB 239ms
64ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.sahibinden.com/assets/analytics:1.js?t=926413

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

39caaab55f7e3db03570fc994b879907bd5fa524fa0d733577381143195cdd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Fri, 04 Nov 2022 06:47:17 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 204
content-length: 4733
x-secure-option: secure
last-modified: Tue, 01 Nov 2022 07:16:14 GMT
server: Sahibinden Web Servers
etag: W/"6360c7be-2c72"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=300,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 prebid:35802e87d11a2ce2ec228c6e38acf487.js Show response
s0.shbdn.com/assets/ 185 KB
71 KB 66ms
65ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/prebid:35802e87d11a2ce2ec228c6e38acf487.js

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

89b18a7d4c82e76ede5110c86e82655eea78ccd4bdc6086ee27b715746f96c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Wed, 05 Oct 2022 03:40:27 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 2603362
content-length: 71577
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:15:56 GMT
server: Sahibinden Web Servers
etag: W/"633c4e2c-2e4f6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 common:87c94551a4f861bcb53fdef23fc14191.js Show response
s0.shbdn.com/assets/ 447 KB
164 KB 105ms
104ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

5da564ff5d717ad8c90f3f70a21020749eb54bcbf777e2b99fae79b16e920a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Thu, 06 Oct 2022 10:47:30 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 2491348
content-length: 166159
x-secure-option: secure
last-modified: Thu, 07 Apr 2022 11:40:42 GMT
server: Sahibinden Web Servers
etag: W/"624ecdba-6fc1c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 footer:431f7032690d6f5c31a44bc8e7413480.png
s0.shbdn.com/assets/images/ 6 KB
6 KB 123ms
123ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/footer:431f7032690d6f5c31a44bc8e7413480.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

9e69888ea0cb4421ac721fe340efffb88c3e7e6917169949656b7bae92218a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Wed, 05 Oct 2022 03:42:00 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2603269
content-length: 6131
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:28 GMT
server: Sahibinden Web Servers
etag: "633c4d5c-17f3"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 group-2:aa3f890f7a83e1ccf00f8a24b53f033b.png
s0.shbdn.com/assets/images/ 2 KB
2 KB 125ms
125ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/group-2:aa3f890f7a83e1ccf00f8a24b53f033b.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

f5f6bdd8c7b8e9421a4a9a192b5964d536f0e6f114a7729d14342024896da804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Wed, 05 Oct 2022 03:41:07 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2603322
content-length: 2346
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:28 GMT
server: Sahibinden Web Servers
etag: "633c4d5c-92a"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 AvenirNextLTW04-Medium:01966d00d03af3048b3f7a35b000f3a6.woff2
s0.shbdn.com/assets/blob/ 34 KB
35 KB 346ms
237ms Font
application/octet-stream 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/blob/AvenirNextLTW04-Medium:01966d00d03af3048b3f7a35b000f3a6.woff2

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

e772fc22762855b99fb206191a3beaa4a0994aa30b43da1511ae8c22e24573c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css
Origin: https://secureg3sahibindenparamguvende.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Wed, 05 Oct 2022 03:41:06 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2603325
content-length: 35188
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:26 GMT
server: Sahibinden Web Servers
etag: "633c4d5a-8974"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 AvenirNextW04-Demi:ff4b64120fd7273a6eea62db3bf1eee5.woff2
s0.shbdn.com/assets/blob/ 42 KB
42 KB 288ms
179ms Font
application/octet-stream 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/blob/AvenirNextW04-Demi:ff4b64120fd7273a6eea62db3bf1eee5.woff2

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

99a904573c091f27516a66969b1b1d3df5fb53cc0e6085f566982e9e1d5e0244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css
Origin: https://secureg3sahibindenparamguvende.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Wed, 05 Oct 2022 03:41:06 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2603325
content-length: 42812
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:26 GMT
server: Sahibinden Web Servers
etag: "633c4d5a-a73c"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 39228 Show response
tags.bluekai.com/site/ 38 B
207 B 327ms
167ms Script
text/javascript 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/39228?ret=js
Requested by: Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7c1f66940e22d66301667eefccc248df97e5309985b48dd11e5329dffd9e8a7c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 04 Nov 2022 06:50:40 GMT
content-length: 38
content-type: text/javascript

GET
H2 200 searchSuggestion:8caa56513cf8f16bb3c8a1cfdf3dd3f8.js Show response
s0.shbdn.com/assets/ 12 KB
4 KB 56ms
56ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/searchSuggestion:8caa56513cf8f16bb3c8a1cfdf3dd3f8.js

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

6402c8da7764d9953005be29e32b6ec41880d67e57e98b747146ff6386011efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Wed, 05 Oct 2022 06:58:35 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 2591476
content-length: 4244
x-secure-option: secure
last-modified: Thu, 07 Jul 2022 14:19:20 GMT
server: Sahibinden Web Servers
etag: W/"62c6eb68-3044"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 321 KB
89 KB 101ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-58T6ZP

Requested by

Host: static.sahibinden.com
URL: https://static.sahibinden.com/assets/analytics:1.js?t=926413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffed03a64fdf15a9341bf831a169313677b93bb658e2e8725defa1f0281b19b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90373
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Nov 2022 06:50:40 GMT

GET
H2 200 homepage:6d993bde8009ab02305d01d96ea35715.js Show response
s0.shbdn.com/assets/ 10 KB
5 KB 56ms
56ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/homepage:6d993bde8009ab02305d01d96ea35715.js

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

20d073216aa771bb9e87ad7ecc280eaea22a68bc461a48d8b5589079a8cb8eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Thu, 06 Oct 2022 09:37:09 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 2495569
content-length: 4708
x-secure-option: secure
last-modified: Mon, 25 Apr 2022 15:39:58 GMT
server: Sahibinden Web Servers
etag: W/"6266c0ce-27ec"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 lastScripts:cfa5d49129048f4e398f292f2accea2c.js Show response
s0.shbdn.com/assets/ 47 B
152 B 56ms
56ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/lastScripts:cfa5d49129048f4e398f292f2accea2c.js

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

fb589526ee553a3625c42787485a4dab000ed1c9af6d6a449a17bc7e5299f029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Wed, 05 Oct 2022 03:40:43 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 2603346
content-length: 67
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:15:56 GMT
server: Sahibinden Web Servers
etag: W/"633c4e2c-2f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 72ms
22ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 04 Nov 2022 06:50:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: vJvGKvSVFqeRi8S3CSqoIKv8xRAAv0dmIH1khFu5zNCec1LPSXngqApPZ6+crgE2MtpGJEe4LjjvFKTSkc6thQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-621317847

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58T6ZP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44d5d435a5aea2acbbf2fd8fe6b8d146ef75494db62115a17090182154580d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66740
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Nov 2022 06:50:40 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 103ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b08bb1324b4b22f87f3a1a246075158197e9315d1fa830360c0a9807e7ee81b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27282
x-xss-protection: 0
server: sffe
etag: "1383 / 498 of 1000 / last-modified: 1667513160"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Nov 2022 06:50:40 GMT

GET
H2 200 9f768f58-cb4a-4de6-83e2-f8d83f22909b.json Show response
cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/ 3 KB
2 KB 133ms
91ms XHR
application/x-javascript 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/9f768f58-cb4a-4de6-83e2-f8d83f22909b.json

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cdf837975fc10d9ac1d4b14ecbe6b343989c42ba54b8fe2fbb0b074f0459292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: XiINKWrfrlrQhJ0zwCC1ng==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1430
x-ms-lease-status: unlocked
last-modified: Fri, 30 Sep 2022 08:03:37 GMT
server: cloudflare
etag: 0x8DAA2BA4763DAAF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ec0123da-901e-004e-577e-efe17e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 764b6ab38e16bb41-FRA

POST info
banaozel.sahibinden.com/ajax/login/ 0
0

GET
H2 200 ui-bg_highlight-soft_100_eeeeee_1x100:384c3f17709ba0f809b023b6e7b10b84.png
s0.shbdn.com/assets/images/ 90 B
173 B 56ms
55ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/ui-bg_highlight-soft_100_eeeeee_1x100:384c3f17709ba0f809b023b6e7b10b84.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

41ff65fb4f9b6f2fa9c9d025c2e9b0c9e09a2aee6f32266d19ee93c8af4dacbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.shbdn.com/assets/common:792f0be8a5899e70a6c6d7fe80386f04.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Wed, 05 Oct 2022 03:41:06 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 2603324
content-length: 90
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:28 GMT
server: Sahibinden Web Servers
etag: "633c4d5c-5a"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

POST
H2 404 increment Show response
secureg3sahibindenparamguvende.com/ajax/counter/projects/ 808 B
546 B 24ms
24ms XHR
text/html 52.233.252.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://secureg3sahibindenparamguvende.com/ajax/counter/projects/increment

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.233.252.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secureg3sahibindenparamguvende.com/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 06:50:40 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Thu, 03 Nov 2022 12:16:42 GMT
server: nginx
etag: W/"328-5ec8fee194b29"
content-type: text/html

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/621317847/ 2 KB
2 KB 101ms
37ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/621317847/?random=1667544640584&cv=11&fst=1667544640584&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&tiba=Sahibinden%20Sat%C4%B1l%C4%B1k%2C%20Kiral%C4%B1k%2C%20Emlak%2C%20Oto%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&auid=1912195257.1667544641&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-621317847

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

135d9685d0c8f1d42aeb14355254a03982ec465657c4d900353e8e9835c96313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 935
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/621317847/ 2 KB
1 KB 98ms
37ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/621317847/?random=1667544640593&cv=11&fst=1667544640593&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&tiba=Sahibinden%20Sat%C4%B1l%C4%B1k%2C%20Kiral%C4%B1k%2C%20Emlak%2C%20Oto%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&auid=1912195257.1667544641&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-621317847

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

132888750f209f4af6f387956528a7b14e4fdd93605b25314feb518b5fae27a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 936
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 270782849932496 Show response
connect.facebook.net/signals/config/ 294 KB
85 KB 44ms
22ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/270782849932496?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60dcadd340dd2412ec6bb1c74657bef683e1debeb3ebffcbfefe79149e877359

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 04 Nov 2022 06:50:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86655
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: GB1OECATfs7tnRpWuRwp0W7agtUJIWQXtX9IvwgL48K97EwkaqTTh9MjSKpvJPQlMnrtU4EP5s7FfO5j2BAXTg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubads_impl_2022110101.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
128 KB 61ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce331bf5c6c5e330f399d37e697146dd66cbc23038c122adba0b3cd3b1fe2781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130882
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 08:35:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Nov 2023 06:39:50 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 56 B
79 B 71ms
30ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=secureg3sahibindenparamguvende.com

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38ae04895216a5a8a902acd955c5760ec366203299cac6252e7294a98de3dc6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
expires: Fri, 04 Nov 2022 06:50:40 GMT

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/6.22.0/ 311 KB
74 KB 53ms
51ms Script
application/javascript 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.22.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Uj6Yo16pL9bm0y1nKKjJjg==
age: 10906
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 75930
x-ms-lease-status: unlocked
last-modified: Tue, 10 Aug 2021 20:26:00 GMT
server: cloudflare
etag: 0x8D95C3D1199287D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4c446842-701e-006d-498f-ee8eb5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 764b6ab42a68bb4f-FRA
expires: Fri, 04 Nov 2022 10:50:40 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/621317847/ 42 B
548 B 81ms
31ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/621317847/?random=1667544640593&cv=11&fst=1667541600000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&tiba=Sahibinden%20Sat%C4%B1l%C4%B1k%2C%20Kiral%C4%B1k%2C%20Emlak%2C%20Oto%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&data=event%3Dpage_view&fmt=3&is_vtc=1&random=2958698283&rmt_tld=0&ipr=y

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/621317847/ 42 B
108 B 91ms
42ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/621317847/?random=1667544640593&cv=11&fst=1667541600000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&tiba=Sahibinden%20Sat%C4%B1l%C4%B1k%2C%20Kiral%C4%B1k%2C%20Emlak%2C%20Oto%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&data=event%3Dpage_view&fmt=3&is_vtc=1&random=2958698283&rmt_tld=1&ipr=y

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/621317847/ 42 B
108 B 83ms
33ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/621317847/?random=1667544640584&cv=11&fst=1667541600000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&tiba=Sahibinden%20Sat%C4%B1l%C4%B1k%2C%20Kiral%C4%B1k%2C%20Emlak%2C%20Oto%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=912586717&rmt_tld=0&ipr=y

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/621317847/ 42 B
548 B 82ms
34ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/621317847/?random=1667544640584&cv=11&fst=1667541600000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&tiba=Sahibinden%20Sat%C4%B1l%C4%B1k%2C%20Kiral%C4%B1k%2C%20Emlak%2C%20Oto%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=912586717&rmt_tld=1&ipr=y

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 63ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=270782849932496&ev=PageView&dl=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&rl=&if=false&ts=1667544640711&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667544640709.1965532359&it=1667544640610&coo=false&rqm=GET

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 06:50:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 tr.json Show response
cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/3b4603d6-d32c-48e5-a49e-a908f2f68f9a/ 144 KB
28 KB 78ms
78ms Fetch
application/x-javascript 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/3b4603d6-d32c-48e5-a49e-a908f2f68f9a/tr.json

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6664c4d244eff2c65e85d138b8b92511700f68bb26c58a45e13600f55407155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: UuScERYQXxqMcbPdwd0KFw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 28097
x-ms-lease-status: unlocked
last-modified: Fri, 30 Sep 2022 08:03:41 GMT
server: cloudflare
etag: 0x8DAA2BA49F411D7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c6858db5-501e-0053-377e-ef3894000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 764b6ab4afa9bb41-FRA

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 111ms
41ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=secureg3sahibindenparamguvende.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 86ms
31ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=secureg3sahibindenparamguvende.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 309ms
309ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4446504275661157&correlator=2386217433028503&eid=31068458%2C31069354%2C31069925%2C31069563&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=32607536%2Cmainpage_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x25%7C970x250&ifi=1&adks=2365433215&sfv=1-0-39&sc=1&cookie_enabled=1&abxe=1&dt=1667544640802&lmt=1667544640&dlt=1667544639640&idt=1127&adxs=315&adys=74&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&frm=20&vis=1&psz=1115x250&msz=970x250&fws=0&ohw=0&ga_vid=1741527180.1667544641&ga_sid=1667544641&ga_hid=1226131067&ga_fc=false

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b53aa1d969b62760552b9f4bc62677d467ebc008b0d284558c04728ef3be5eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10769
x-xss-protection: 0
google-lineitem-id: 6149331356
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138411120212
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://secureg3sahibindenparamguvende.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 584 B
325 B 366ms
364ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4446504275661157&correlator=2386217433028503&eid=31068458%2C31069354%2C31069925%2C31069563&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=32607536%2Cmainpage_masthead_floating&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=3427112602&sfv=1-0-39&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1667544640808&lmt=1667544640&dlt=1667544639640&idt=1127&adxs=243&adys=340&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&frm=20&vis=1&psz=1115x250&msz=0x-1&fws=0&ohw=0&ga_vid=1741527180.1667544641&ga_sid=1667544641&ga_hid=1226131067&ga_fc=false

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb29d3ea12f4427935fa71b98e149344252c134ca7f78c29cc822b0846182c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 294
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://secureg3sahibindenparamguvende.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 292ms
290ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4446504275661157&correlator=2386217433028503&eid=31068458%2C31069354%2C31069925%2C31069563&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=32607536%2Canasayfa728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=3281038005&sfv=1-0-39&cust_params=language%3Dtr&sc=1&cookie_enabled=1&abxe=1&dt=1667544640810&lmt=1667544640&dlt=1667544639640&idt=1127&adxs=575&adys=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&frm=20&vis=1&psz=838x90&msz=728x-1&fws=0&ohw=0&ga_vid=1741527180.1667544641&ga_sid=1667544641&ga_hid=1226131067&ga_fc=false

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d893550b5b7f04e5501eff0ac81633bb5d112b615572b5f6cd90cdb89db82067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10590
x-xss-protection: 0
google-lineitem-id: 5916612141
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138410684408
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://secureg3sahibindenparamguvende.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 468ms
466ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4446504275661157&correlator=2386217433028503&eid=31068458%2C31069354%2C31069925%2C31069563&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=32607536%2Cmainpage_populer_urunler&enc_prev_ius=%2F0%2F1&prev_iu_szs=835x150&ifi=4&adks=1812325220&sfv=1-0-39&cust_params=language%3Dtr&sc=1&cookie_enabled=1&abxe=1&dt=1667544640813&lmt=1667544640&dlt=1667544639640&idt=1127&adxs=521&adys=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&frm=20&vis=1&psz=838x185&msz=835x150&fws=4&ohw=838&ga_vid=1741527180.1667544641&ga_sid=1667544641&ga_hid=1226131067&ga_fc=false

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22ff99787c5f2a8427efba2e3ea43abe5d07149d350fa7fabe73287341378656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10329
x-xss-protection: 0
google-lineitem-id: 1007309776
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138207794464
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://secureg3sahibindenparamguvende.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 157ms
156ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4446504275661157&correlator=2386217433028503&eid=31068458%2C31069354%2C31069925%2C31069563&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=32607536%2Cmainpage_midcenter_w&enc_prev_ius=%2F0%2F1&prev_iu_szs=522x250&ifi=5&adks=4131813785&sfv=1-0-39&cust_params=language%3Dtr&sc=1&cookie_enabled=1&abxe=1&dt=1667544640814&lmt=1667544640&dlt=1667544639640&idt=1127&adxs=520&adys=2203&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&frm=20&vis=1&psz=838x2609&msz=522x250&fws=4&ohw=522&ga_vid=1741527180.1667544641&ga_sid=1667544641&ga_hid=1226131067&ga_fc=false

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c8ccf43f3043e7ed7de32b3e55ff3e8da66f79bd5dd3f58a6c108b8445c5a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9294
x-xss-protection: 0
google-lineitem-id: 5916612141
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138410799270
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://secureg3sahibindenparamguvende.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 454ms
453ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4446504275661157&correlator=2386217433028503&eid=31068458%2C31069354%2C31069925%2C31069563&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=32607536%2Cmainpage_midright&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=1680882054&sfv=1-0-39&cust_params=language%3Dtr&sc=1&cookie_enabled=1&abxe=1&dt=1667544640816&lmt=1667544640&dlt=1667544639640&idt=1127&adxs=1058&adys=2203&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&frm=20&vis=1&psz=838x2609&msz=300x0&fws=4&ohw=300&ga_vid=1741527180.1667544641&ga_sid=1667544641&ga_hid=1226131067&ga_fc=false

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b39b5e9fefa16c6e90b03a0c616878beb2633594fa26b29c8dac4bb4cfa5ed3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10130
x-xss-protection: 0
google-lineitem-id: 5916612141
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138410688470
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://secureg3sahibindenparamguvende.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 107F 6 KB
3 KB 107ms
29ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 06:50:40 GMT
expires: Sat, 04 Nov 2023 06:50:40 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 otFlat.json Show response
cdn-ukwest.onetrust.com/scripttemplates/6.22.0/assets/ 13 KB
3 KB 59ms
59ms Fetch
application/json 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.22.0/assets/otFlat.json

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: eS/vZlhjCBp2QvELx7IrSQ==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Tue, 10 Aug 2021 20:25:50 GMT
server: cloudflare
etag: 0x8D95C3D0BB3DAD4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2ee12e2f-101e-005f-3c7e-efd665000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 764b6ab54886bb41-FRA
expires: Fri, 04 Nov 2022 10:50:40 GMT

GET
H2 200 otCommonStyles.css Show response
cdn-ukwest.onetrust.com/scripttemplates/6.22.0/assets/ 20 KB
4 KB 76ms
75ms Fetch
text/css 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.22.0/assets/otCommonStyles.css

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 06:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
x-ms-lease-status: unlocked
last-modified: Tue, 10 Aug 2021 20:26:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b61a76fb-201e-0057-787e-efcd16000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 764b6ab54887bb41-FRA
expires: Fri, 04 Nov 2022 10:50:40 GMT

GET
DATA 200
OK truncated
/ 373 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d69d109cd164771ed1bc277c0657302d389cb463d1d39aa54c73f6bb350f165

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 83ms
35ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110101&st=env

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

353b2feb891c7c62905b13e00a805f1d3fe17c2351ade739493e2f08fbe8c9d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11253
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1019563983/ 2 KB
1010 B 119ms
77ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1019563983/?random=1667544640962&cv=11&fst=1667544640962&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&tiba=Sahibinden%20Sat%C4%B1l%C4%B1k%2C%20Kiral%C4%B1k%2C%20Emlak%2C%20Oto%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&auid=1912195257.1667544641&data=virtualPage%3D%2F%3Bpagetype%3Dhomepage%3Byakit%3D%7B%7B%3Bpagetitle%3DSahibinden%20Sat%C4%B1l%C4%B1k%5C%2C%20Kiral%C4%B1k%5C%2C%20Emlak%5C%2C%20Oto%5C%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58T6ZP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05b8653a941b989ca3038203a25d699dde554b0c976cd76e01fa8b8055b8b857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 984
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 100ms
30ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58T6ZP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 05:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5687
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 04 Nov 2022 07:15:54 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 105ms
21ms Script
application/javascript 184.24.6.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.6.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-6-87.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

unused62: 8096267
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Fri, 04 Nov 2022 06:50:41 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Fri, 11 Nov 2022 06:50:41 GMT

GET
H3 200 container.html Show response
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 5020 6 KB
3 KB 61ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 06:50:40 GMT
expires: Sat, 04 Nov 2023 06:50:40 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 s.js Show response
cdn.sift.com/ 61 KB
20 KB 89ms
15ms Script
application/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sift.com/s.js
Requested by: Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.67.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:15:26 GMT
content-encoding: gzip
age: 20115
x-guploader-uploadid: ADPycdtmMIISpjiGYE17T1J9xrWlbhZQFBwtPezs4eI0fBM1I2zJHnqTIgz81g0TutDsFWTO9MVcvNNlN0we3lx2NcSEoNPgj9Xd
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20452
last-modified: Thu, 09 Apr 2020 21:59:13 GMT
server: UploadServer
etag: "07cb8203158abb26b3c18318350e7b36"
vary: Accept-Encoding
x-goog-generation: 1586469553682331
x-goog-hash: crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
content-type: application/javascript
cache-control: public, max-age=86400
x-goog-stored-content-length: 20452
accept-ranges: bytes
expires: Sat, 05 Nov 2022 01:15:26 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 84ms
35ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 06:50:41 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 5020 24 KB
8 KB 50ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7370
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Nov 2023 08:50:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5020 153 KB
47 KB 88ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 06:50:41 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 62ms
20ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Nov 2022 07:46:10 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1019563983/ 42 B
64 B 79ms
35ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1019563983/?random=1667544640962&cv=11&fst=1667541600000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&tiba=Sahibinden%20Sat%C4%B1l%C4%B1k%2C%20Kiral%C4%B1k%2C%20Emlak%2C%20Oto%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&data=virtualPage%3D%2F%3Bpagetype%3Dhomepage%3Byakit%3D%7B%7B%3Bpagetitle%3DSahibinden%20Sat%C4%B1l%C4%B1k%5C%2C%20Kiral%C4%B1k%5C%2C%20Emlak%5C%2C%20Oto%5C%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&fmt=3&is_vtc=1&random=2000167360&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.nl/pagead/1p-user-list/1019563983/ 42 B
64 B 74ms
32ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/1019563983/?random=1667544640962&cv=11&fst=1667541600000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&tiba=Sahibinden%20Sat%C4%B1l%C4%B1k%2C%20Kiral%C4%B1k%2C%20Emlak%2C%20Oto%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&data=virtualPage%3D%2F%3Bpagetype%3Dhomepage%3Byakit%3D%7B%7B%3Bpagetitle%3DSahibinden%20Sat%C4%B1l%C4%B1k%5C%2C%20Kiral%C4%B1k%5C%2C%20Emlak%5C%2C%20Oto%5C%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&fmt=3&is_vtc=1&random=2000167360&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 39228
stags.bluekai.com/site/ Frame 261A 0
0

GET
H2 200 812800.gif
hexagon-analytics.com/images/ 43 B
297 B 159ms
108ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/812800.gif?bk=cf7e6c3cf0&tm=32&r=898693445&v=105&cs=UTF-8&h=secureg3sahibindenparamguvende.com&l=en-US&S=7e21779dc5f2dd7ca6a4406ae79e4624&uu=6d84a061df385381a5fe526ad44ceb7&t=Sahibinden%20Sat%C4%B1l%C4%B1k%2C%20Kiral%C4%B1k%2C%20&u=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:41 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 container.html Show response
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 2660 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 06:50:40 GMT
expires: Sat, 04 Nov 2023 06:50:40 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74AB 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvq5YDpXaYGG625-Ow9MfYUSHycezsV0vmSnu_gM65FNZoX9TGCz6xfQd-Jgiu-0LXbP_CMGq7VrJIMXN5DPyIfEQ7ZzZX5f7HSA5a2eaiLfIJn25EqiA3oFd3s4Kysfxwy6dwQfr5OUjJatSHIUIyo9rDY0vC6lxrLtLA2Gd60mZcyRRUjUF-qK9t6QPLOKjAOIr0omJGgJA6ootythW0PIFbYctvQCXeAibpFzjNwSqIySGgVsu4LTROqSaF8MT23qXcydVAeRP7506mLpa6qJ9Nrt2kQG8qWfRwMKYjhGrMmWtxqqlYZcS9WRyPrYS3o_k1v9i8f0RBcu3mxoGTJfGzhgJVsAK_gozQ&sai=AMfl-YTMvKJwpjDvAYtIQfX17gvCvXfutqOQiBkrgcOKI2SgTWe5nTuLvDJ5ykc3FuhtMIJgSFc4PuFAKah2njx4xRa0zX569oAYPJTP9N6JkBvfltuAjLfnRxdwae5FrQ1xuQ&sig=Cg0ArKJSzGSwAZdMlN6LEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 58B6 2 KB
2 KB 86ms
25ms Document
text/html 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstL0WRW1dLveMTI8zZovVzUXuK3ndTMhzkxn0y7f-qOJblkPzi29OYPYSEwjEGbML-WeXY4TVc5L2t0gF_pw5s1vEJPE17pdLsEmVMTbGY7Q-Ma6aQf1wSWFCfN9fD8lKRDJwtPA52Qrk2hzqd0dFL--BQTKGbIP5ZUqLib0C2gxyeX13u1OlEsraodyPrej9m76zVtbWttS2Fvk_fI8KinCMlLLa4K-KShvOFKTaf1rT8cnBQoAhH6OaEDCEbFUdjJSE-nBBOPVkQz-7K6JXCYECzgrZpUm7EqZpJNg18ItoLR37VFa-OxVZuALXF4OSRjsRZ7kEvQxJhPGgMo4hRmEKP2_J8&sai=AMfl-YSFq9S9FUiZREfmeOYKMQbUtEn0WMwODfmbSfpzXXZp7Qe77nxrTw6OC1zVTEErKNj1VIO3sYEcXK3MBPqXfWgt0wgAWyn5h_HJvy1kiRUKoMWIdCXwEU5VNr0dXIME5Q&sig=Cg0ArKJSzGlIpu8ZkmfXEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=117736586

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d1022f3a2da27dd7b6d86e5d0e2dc95fbfff13a35b97769f3918a61ea24264df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 04 Nov 2022 06:50:41 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74AB 153 KB
47 KB 74ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 06:50:41 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5020 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv36kn4w8HeiUkxR9Tr8ZgosD0SZyEyfdDk74Wo2z_sOex_Oi9fgDb34blc7zHrXDI5RwkeCN8NRc7US36woHq_AgcHCvsDsnHOcs9GqkyzbfpC4qiQSwS6DfirRfWCbQ-eqqD7FL3VclnmN6SQ8p7l5dcdf8NpEEK_m8eQimTNKch9SBHZTnY0NheqmfiTfLnY3PwxEtX5i-LdOIs2q8HW9VVNTFpxhVhx4LshMcYKjHCtPNprP1rX68LMAL3uBhRUrUKaUVo74SwzuBPKsyZddis3N94DbGXsm-IlPnp8SncgXooXSU27Ls7zo4H9oiPR5vbH3nps0MnjZfXwEWvAcnOBB9fHfxPcryE&sai=AMfl-YTQJ_PAYzC4tQ5FxmMOjBg3tuQSa2c9HcMpSg0L_F_6v4EOe0A8IBj2uioO10d9zEcmy0-Www6QBYUe4oZf5Mb8elKQ7Ltpfy3b3mAZLwhN08NxcNAv2O7y9n3PBOgd&sig=Cg0ArKJSzCM4gJ3w9tZ6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 QASJggonHWE Show response
www.youtube.com/embed/ Frame D748 69 KB
29 KB 142ms
71ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/QASJggonHWE

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3c70cf0f97883d616dca300edb9cc26b50cfcf9eecfd53821145b615e4dbc31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 04 Nov 2022 06:50:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 2660 24 KB
7 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7370
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Nov 2023 08:50:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2660 153 KB
47 KB 68ms
46ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 06:50:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B628 13 KB
5 KB 57ms
20ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 06:17:51 GMT
expires: Sat, 04 Nov 2023 06:17:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9481 783 B
532 B 30ms
30ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cde38eccaafc3664abdc68a0b06bf48a9d5d8a822bfb40cc0d03cb0f65412d25

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4FaKP6shVddE_nOdLmlgMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-4FaKP6shVddE_nOdLmlgMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 06:50:41 GMT
expires: Fri, 04 Nov 2022 06:50:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5020 0
0 57ms
56ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlKQhESoS3bDpwHpicEeQ1Ke7m6lVZEgPKroPgnK23SClucdrcvZ5GvAjaVCGWNKyIS7h0kY-5tziXYegi8F0NBLbeJiUqCMrMVnutAMuk_wdcRewCb_i6ZB4YKK_n7QnGHLMvhW6UZNIPfNUaPWYtlihlWGfZ1S1P6L4zobSt3gkI-pjGLaUWsq9B3KI-0w-0ImdTum_u3Ufjt7KiuiLvxSq8Wonl-I8Bi2w1n4UklWlD_7g4kXqlDthlT42sM4UFeOUYQ-vG-XLc1JNETEn9A365s1bf3zMku3P1Cr74gw9bgfeV5kSxAy9V6oupLjtDUJ6c9wm4yciQ--uWu1B-uVYq2qVT-xCi1ARKxQ&sai=AMfl-YQAReG6ePSfgzenbTF4maySbNqSPMke_0HYGFHg8qdSE3hC9sww8sBPfXI21pdc0TROvwMxFsjxHAceRZ_DpJrGTd-pIiv9NgCObYph8-9dEjy8ZvggBty432Rt5PJR&sig=Cg0ArKJSzDkLVf4x81gWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 06:50:41 GMT

GET
DATA 200
OK truncated
/ Frame 5020 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 625f297db9caaa4dfd8fc4e526b8f87668658aa89b48850baa62dd15b72f45b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D579 0
18 B 45ms
21ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://secureg3sahibindenparamguvende.com
Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://secureg3sahibindenparamguvende.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 06:50:41 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 58B6 34 KB
16 KB 115ms
25ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstL0WRW1dLveMTI8zZovVzUXuK3ndTMhzkxn0y7f-qOJblkPzi29OYPYSEwjEGbML-WeXY4TVc5L2t0gF_pw5s1vEJPE17pdLsEmVMTbGY7Q-Ma6aQf1wSWFCfN9fD8lKRDJwtPA52Qrk2hzqd0dFL--BQTKGbIP5ZUqLib0C2gxyeX13u1OlEsraodyPrej9m76zVtbWttS2Fvk_fI8KinCMlLLa4K-KShvOFKTaf1rT8cnBQoAhH6OaEDCEbFUdjJSE-nBBOPVkQz-7K6JXCYECzgrZpUm7EqZpJNg18ItoLR37VFa-OxVZuALXF4OSRjsRZ7kEvQxJhPGgMo4hRmEKP2_J8&sai=AMfl-YSFq9S9FUiZREfmeOYKMQbUtEn0WMwODfmbSfpzXXZp7Qe77nxrTw6OC1zVTEErKNj1VIO3sYEcXK3MBPqXfWgt0wgAWyn5h_HJvy1kiRUKoMWIdCXwEU5VNr0dXIME5Q&sig=Cg0ArKJSzGlIpu8ZkmfXEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=117736586
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2bc342ab9f4dea0eb0b244afb0e55862e8f8eadf462e36b16c3bdf6b33c0f87d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 07:27:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 05 Nov 2022 10:24:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9481 0
0 96ms
54ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110101&jk=4446504275661157&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 container.html Show response
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 06A5 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 06:50:40 GMT
expires: Sat, 04 Nov 2023 06:50:40 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2660 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3ZP3MTGaf1IbSK-z2QGT17HBL5iqI8TaA0mzkvYZCmC2Pm21OxSIgbj-cdM_REUC8scCV9C57Soge0HccwCQsmxn-snFchdhV8n_JeOp2xP3rRyAIjb2nlFgio5Ltndb65a4ZX2_WC_ps0yxnSo8kU26ydJ6Q90RrEocFZkDo5_b3RXsdDI_T8zaQvGLKvGXzPKmQ2juQ7o16b5ncnPohlktPD6avDdOWyw2VhPK_ijCDQJWjhz9u8-40VummEcGEyYNTYRLXiEhfbpaeYQU9f2d-_j6-w-HvmByYAKyHQDG-FI2xNXZQpxmq8KI_-w7DzW0Uj_YiLek2arxWn65Npdt1q0XjwOM&sai=AMfl-YTzcrv-HrjoLz9cJI4IVKlz9SuW6KUwRgfiDBwkEhZ-JdrxhfettdQWDEmfhtwDC-jUtL88Kv1RZZPkeqTjb9dYEavv_MkJl5pNEGtNPRWTpIqIXgDvQQfJ815qdFVW&sig=Cg0ArKJSzFsQgs7GkBFyEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 11527343736618471068
tpc.googlesyndication.com/simgad/ Frame 2660 37 KB
37 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11527343736618471068?

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33dc01d5af706aa1942b8365a41e0f5d67fe158a7310a868d6725ae476f05cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:24:56 GMT
x-content-type-options: nosniff
age: 167145
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37580
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 06:54:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 08:24:56 GMT

GET
H3 200 container.html
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 2660 6 KB
6 KB 20ms
19ms Image
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2988
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Nov 2023 06:50:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74AB 0
0 56ms
55ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstno_No_R33s33CB-mGtz1ua3cuPYWaEHtEmEM0n106F0OBg1DCSGnRwf2CNj_5XrQmzXlKHqv5GlGCxa_YkXLYt1DybQ9AX-BuOGuf-nLyNvOZG64OQtE5PkuooOaFFKHetga_cRSQvpWZ9w8cO2DxxL69MRHJcLXVEkjdMDWXPabVdIDJlVrCDAGGzjh9oyyoeiA6w9QwGy87X9T7vJgCRDDMzD3Qs9O6NmqWtTIyYMIVvxnuq0DmJQgH07bFuQGyQro4QGO1ITbC2GKNUdQX0QfWMuD_bSvEPB69PvHGxmk6fNOE4ceThjPW8B0Mnde4Z_8mJZ20HbzbDS5RtfJT5y5NPKaWjLNBagyKsg&sai=AMfl-YTk2rbX3Z-DaVX00w-syYrO_f9Cluhhjg7GEUzk8MTr0NAEkwDwCVzBAkLitwHsHYBhEfxpoDYIxZx6KIrU4wxvCe2JnkerPS9rNJXIJx-_gcyNrb8AEQNKnz6Om-Ymlw&sig=Cg0ArKJSzMyI3-geMuU6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 06:50:41 GMT

GET
DATA 200
OK truncated
/ Frame 74AB 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 875c10f84e92eb11a517984191d51aa87dc5f2e5db5bc9d2979b49559d670fb9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 0109 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 06:50:40 GMT
expires: Sat, 04 Nov 2023 06:50:40 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2660 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad4d903d2d44568af2d90bed07feb8a22442e4add6b959f235c183465b36196b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2660 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssQQo_68VRwgc5_zCq4mI8OdI1nswkvP7Zu3WAc__porNP-76h5UYpQmxXL4cC789nKelHgjR705p7_EI8Y-1ZH5RL26Z_hZ8CMOrI23McY6An33MMLg2YAfNBUFEpFDDPQB0-KrEeQmEzre4fSXIewCrR-u8BGj22QU3Ffl_8BvA5RUOIKxIb8_8riE1EYjtuPFs7Obvb0vEPeN7KmWuMdcQvpqZdJfoDSnTC_wOnLurbQLJHyDZpbYLpqzWncqStaIEtlnTLGvccHqul-LomRaiZO8zTFVt257gTET2s7DmDlmc8T4S_YDTm1Ggm9emxAD1BCAI9zG-omceDYkZtCKL-pwNdi63bNg&sai=AMfl-YROOakOTFe_IZmwGj98_0VgqWLNsG0MXWUEgDChb4hYwI80SMmH0CiKFBzGHxhIxk_nCP6LpIQVMQJ2-b9jwp3eFtD5JdOCEvcMdm2UWIuxGHTXwPPW8aZ_g9Jy8ilC&sig=Cg0ArKJSzP1anXytMcjmEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 06:50:41 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/03bec62d/ Frame D748 359 KB
49 KB 63ms
21ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b5aeaf9d1fd6e90788e5238257f2dea0d3d4704476e3fa6f287f9a7a8d0ef70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 285240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49793
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Oct 2023 23:36:41 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/03bec62d/www-embed-player.vflset/ Frame D748 306 KB
95 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6aac4b7c20a6113b3c3c3a57efd343377401ffb7b030af99ed5c75e2cd9bb2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 285240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97445
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Oct 2023 23:36:41 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/ Frame D748 2 MB
573 KB 87ms
46ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52944d263cf68eed6446878915f0abd61bf849583c3bd8f6b9241b68ddf7ebbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 15:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586744
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Nov 2023 15:35:27 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/03bec62d/fetch-polyfill.vflset/ Frame D748 9 KB
3 KB 85ms
44ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Nov 2023 08:49:35 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 06A5 24 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7370
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Nov 2023 08:50:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06A5 153 KB
47 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 06:50:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D748 15 KB
16 KB 70ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:32:01 GMT
x-content-type-options: nosniff
age: 80320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 08:32:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D748 15 KB
15 KB 74ms
25ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 289762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 22:21:19 GMT

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame B628 36 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 11:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 11:38:29 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 0109 24 KB
7 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7370
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Nov 2023 08:50:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0109 153 KB
47 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 06:50:41 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 06A5 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3C-QvGbeG8yAkxX-LvE5xYSHNMtQ3EtR5caXNZN_5oZ5AOZwiEtJ7kxD-P6xmy382NzxDrJbaSZtlwIycfPyj3GhDvqa4jeLHeuMJ1Dqgv5o2GBVNjghY3XR7TNNdZmUelM53GKm7gXgJedS5-3Hj2mn5f84beaMFLWX5fxqJ5cTBW2rl1v5J7fh-yczZbOygyou0wzHHtoHzk_XHxGjkF2P5rHx9RXV83gnNH_5eb8l2vIt8PsMkV5GVAqPE7s8DZdDJg1bOU5jlfE6LfDOPAS45eNbGrYvUP4BVbIG7hkA4Qujct5TEwTS2VvIExBvY0GgioKYhaUMIXZP3qRD4KRI23OJpgniLMiY&sai=AMfl-YSoewyyfFQ7ErZVwm_fYsAaWdlipyjdtSvzNluNotMu9DqK7eQbXWOQiyLLp6pJbm88dpbhhfsxi2M8u5vVj0xkvCwhT_midpvqxw927txnBAo5UpcN571b-TDouCeF5A&sig=Cg0ArKJSzJ6CtsF6T877EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 17541808791646426548
tpc.googlesyndication.com/simgad/ Frame 06A5 25 KB
25 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17541808791646426548?

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93505adfdcdf8f1974953a9ab27a2fb2037dc1d203cd8a7941e61d35a1edd015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:24:01 GMT
x-content-type-options: nosniff
age: 167200
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25854
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 06:40:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 08:24:01 GMT

GET
H3 200 container.html
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 06A5 6 KB
6 KB 21ms
20ms Image
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2988
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Nov 2023 06:50:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0109 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwImFQyVtq5LSi5QX3jbChO2uQGKLMzBWAWL-XPAmddjz2TthQxAcdxVSyDi2HL5D4CQCl7YtFOQ6AV-2c4WpV9CpFbrSWzdwnbGZL8WKpAolo_N1Lf2RPnLlEna0udj6fl4qifxdgwUW9aQmXIgXvZP9i0a9f70RXhBWe1XGZ5BywLry93a6C_OYYcHTxWnMzkBS13mzXfByTPUfIF-ESllTAkAZgv_-DZlVqR-0FYmPMLZxlBC4-hA8KM1TYPW8BNMioCHVDQm2YXYwk1mTzWfRWQ66re3Wr2GBRZt4HXoHSnVfo2QEi9JWJBgS59iVYnjrqoxh1CpBDSN5wmav1eSlJbpeiHKdRSg74-L1J&sai=AMfl-YQmcrhLNUuGgJTKTT06u0esqgTv-K5LbmpMAGLZpaJte8HCKGE-lKxoGTohwaq9IWbLQxro01OWrNDvRj3CG_KHFIvf0ANfP9zOlMfFpc1FjS-LnEL64ggzEypl7K0Org&sig=Cg0ArKJSzKEITEkPyxPmEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 2.png
image5.sahibinden.com/cms/files/banners/populer_urunler/2017_08/ Frame 0109 45 KB
45 KB 238ms
61ms Image
image/png 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image5.sahibinden.com/cms/files/banners/populer_urunler/2017_08/2.png
Requested by: Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: f851eb2b8cd1a31aefffa6c4a5d6dc1518fbd5da79466093b7ba0b01ef55eb39

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 32,83
date: Sun, 23 Oct 2022 04:30:32 GMT
x-vdebug: processed_images_nginx 113700182 1835013
last-modified: Thu, 03 Aug 2017 14:31:09 GMT
etag: "598333ad-b3da"
x-isdebug: t=pu01p
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 46042
expires: Tue, 22 Nov 2022 04:30:32 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 58B6 9 KB
4 KB 26ms
26ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstL0WRW1dLveMTI8zZovVzUXuK3ndTMhzkxn0y7f-qOJblkPzi29OYPYSEwjEGbML-WeXY4TVc5L2t0gF_pw5s1vEJPE17pdLsEmVMTbGY7Q-Ma6aQf1wSWFCfN9fD8lKRDJwtPA52Qrk2hzqd0dFL--BQTKGbIP5ZUqLib0C2gxyeX13u1OlEsraodyPrej9m76zVtbWttS2Fvk_fI8KinCMlLLa4K-KShvOFKTaf1rT8cnBQoAhH6OaEDCEbFUdjJSE-nBBOPVkQz-7K6JXCYECzgrZpUm7EqZpJNg18ItoLR37VFa-OxVZuALXF4OSRjsRZ7kEvQxJhPGgMo4hRmEKP2_J8&sai=AMfl-YSFq9S9FUiZREfmeOYKMQbUtEn0WMwODfmbSfpzXXZp7Qe77nxrTw6OC1zVTEErKNj1VIO3sYEcXK3MBPqXfWgt0wgAWyn5h_HJvy1kiRUKoMWIdCXwEU5VNr0dXIME5Q&sig=Cg0ArKJSzGlIpu8ZkmfXEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=117736586;js=1;adfxid=1x;1091;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fsecureg3sahibindenparamguvende.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ebafe4ee64e2e6c1ab41ec3bb45ca028cec155774784afa608604d60eeac0e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstL0WRW1dLveMTI8zZovVzUXuK3ndTMhzkxn0y7f-qOJblkPzi29OYPYSEwjEGbML-WeXY4TVc5L2t0gF_pw5s1vEJPE17pdLsEmVMTbGY7Q-Ma6aQf1wSWFCfN9fD8lKRDJwtPA52Qrk2hzqd0dFL--BQTKGbIP5ZUqLib0C2gxyeX13u1OlEsraodyPrej9m76zVtbWttS2Fvk_fI8KinCMlLLa4K-KShvOFKTaf1rT8cnBQoAhH6OaEDCEbFUdjJSE-nBBOPVkQz-7K6JXCYECzgrZpUm7EqZpJNg18ItoLR37VFa-OxVZuALXF4OSRjsRZ7kEvQxJhPGgMo4hRmEKP2_J8&sai=AMfl-YSFq9S9FUiZREfmeOYKMQbUtEn0WMwODfmbSfpzXXZp7Qe77nxrTw6OC1zVTEErKNj1VIO3sYEcXK3MBPqXfWgt0wgAWyn5h_HJvy1kiRUKoMWIdCXwEU5VNr0dXIME5Q&sig=Cg0ArKJSzGlIpu8ZkmfXEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=117736586
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3968
expires: -1

GET
DATA 200
OK truncated
/ Frame 06A5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9eb46e4f4994fff31fc170dd73c451444ce334eba3b99f8d483fe9fe030ddb51

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 06A5 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso3gFckBGF9ovUYUjIdUodmffsNwjkvOH58e_Q62RzY7voxcy_zK2yKvvZ4HeUDpZJcRnIU_pgken08WVmtI_CaSkyhL-wvIqybb_sijq672kphSXu7eL85_Y0VmQj4nZNeCjWTqjB7CafcXffgh6Rg2bacUbMn-7waj1biv758JHy5TOAgjrvGgedtC0sfUt9gw5E6xrwzx7DhTT-HZBTnroi8s_88h1E86C4kYNhcVOCLUGmjEbmHNdoZuUyXFNqgrvZrJ0Wlye2WBFQTrXq04D44OGj_MzZqFqYGjWnKq_6FNpmuhKZT8n8mYfWIb78VSMiBCeD0p_tEG85AwpQdMP079a25tvBrF80pw&sai=AMfl-YSmi2RArEbnvJVo4XLamzFJ-leARL9kTOJiCtRntbkf9-ijpt81TJYhz12P0wT-cy-XUmNsRxkjNeHwNdpWvs3q3f0CjkTO9yj3-GfcWvo-taCIPkozL6xYmB7W6I4l0w&sig=Cg0ArKJSzBr3xwkTjooAEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 06:50:41 GMT

GET
DATA 200
OK truncated
/ Frame 0109 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a94ce2f369ba8e14c323413d49d056dacea04111c2356c9bc063e0d632a6c46

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B628 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZKHAHA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 58B6 90 KB
39 KB 35ms
35ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 532a8e65348794f09d3decd5b7aae67a0acdea25b0ad787c604edc4d02f29709

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 07:27:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 05 Nov 2022 10:24:40 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame D748 113 B
159 B 28ms
27ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa31cedf1bbf858284606133dacbc2b8831d1ae70a97bbbcdf87e819ceeb96a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D748 29 B
587 B 68ms
20ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:07 GMT
x-content-type-options: nosniff
age: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 07:05:07 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 78ms
28ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 04 Nov 2022 06:50:41 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D748 66 KB
30 KB 81ms
38ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bd4837c46645010477fc86981ebe2753ea0ab85fb47c688090f295e401831b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30804
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/ Frame D748 118 KB
36 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c10a2de8f1b0221a6c9262b05e6875250bba9e8306491b57d87b733464fb3897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 02:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 276019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37046
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 01 Nov 2023 02:10:22 GMT

GET
H3 200 gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js Show response
www.google.com/js/th/ Frame D748 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80cb07f384d0ba20c455faf5042b46e7171d37bddbe1d5411e99c6a8d1e76a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 05:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14294
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 05:05:40 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/ Frame D748 26 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a61f4764ca0397c54a0a909f8893f4869823a99384675feb591c58a802c5b9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 02:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8226
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 01 Nov 2023 02:22:35 GMT

GET
DATA 200
OK truncated
/ Frame D748 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-wEql_-B1VJR1CY9XI0Pga5Kxuk6yb6JyM9v_7kg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D748 2 KB
3 KB 71ms
21ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-wEql_-B1VJR1CY9XI0Pga5Kxuk6yb6JyM9v_7kg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dca4e2b9ca423c6056ca5ac711c2f8e7c2011407c5d71363a734eb1d7e7434a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 05:26:34 GMT
x-content-type-options: nosniff
age: 5047
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2519
x-xss-protection: 0
server: fife
etag: "v15ff"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 31 Jul 2022 17:39:33 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/QASJggonHWE/ Frame D748 35 KB
36 KB 71ms
21ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/QASJggonHWE/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bd34adb4c54a974e22f0b91b0bd32e9dd27db57dcfadff0fc36cd1a83e084f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:34 GMT
x-content-type-options: nosniff
age: 7
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36227
x-xss-protection: 0
server: sffe
etag: "1667384900"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 04 Nov 2022 06:55:34 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 58B6 35 B
469 B 28ms
27ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59236495&csi=ahNV3Uj17tqU-gW1G6RdVcBNmzF9QTJ_Eb2cpc1cczXrygPkIxxfk6X2bGT2pToYBdig6QLXth1EbvaFvWQNN96vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstL0WRW1dLveMTI8zZovVzUXuK3ndTMhzkxn0y7f-qOJblkPzi29OYPYSEwjEGbML-WeXY4TVc5L2t0gF_pw5s1vEJPE17pdLsEmVMTbGY7Q-Ma6aQf1wSWFCfN9fD8lKRDJwtPA52Qrk2hzqd0dFL--BQTKGbIP5ZUqLib0C2gxyeX13u1OlEsraodyPrej9m76zVtbWttS2Fvk_fI8KinCMlLLa4K-KShvOFKTaf1rT8cnBQoAhH6OaEDCEbFUdjJSE-nBBOPVkQz-7K6JXCYECzgrZpUm7EqZpJNg18ItoLR37VFa-OxVZuALXF4OSRjsRZ7kEvQxJhPGgMo4hRmEKP2_J8&sai=AMfl-YSFq9S9FUiZREfmeOYKMQbUtEn0WMwODfmbSfpzXXZp7Qe77nxrTw6OC1zVTEErKNj1VIO3sYEcXK3MBPqXfWgt0wgAWyn5h_HJvy1kiRUKoMWIdCXwEU5VNr0dXIME5Q&sig=Cg0ArKJSzGlIpu8ZkmfXEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=117736586
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://track.adform.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 11959692.js Show response
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/ Frame 17A0 43 KB
10 KB 27ms
27ms Script
application/x-javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/11959692.js?ADFassetID=11959692&bv=769
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6d38e3f42d2b996c9444d172a20ee8fa651485cbf0127f7cc79d3b47fa465229

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx00000fec6ad1fd00942b8-0063642c5c-329373d4-default
etag: W/"07cd4163c5546e6fdb796fd41649a4ac"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 204 generate_204
www.youtube.com/ Frame D748 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?qaDLiA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D748 4 KB
3 KB 80ms
31ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 06:50:41 GMT

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 17A0 30 KB
14 KB 29ms
28ms Script
application/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx00000626a5c1adfe1dc59-00635ba244-329354d9-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Katman%201.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame 17A0 142 KB
143 KB 32ms
31ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/Katman%201.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 265bc2d568a11169494c5557bc88f41354ad39e0b83f418bb48c712bf884c2aa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx0000091b3fcc23860b712-0063642c5c-3293aae9-default
etag: "cfacc0ceaaa88b812c2b9e57426ef449"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 145610

GET
H2 200 GERC%CC%A7EK%20O%CC%88ZGU%CC%88RLU%CC%88K%20%20SEC%CC%A7EBI%CC%87LMEKTI%CC%87R_.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame 17A0 128 KB
129 KB 59ms
57ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/GERC%CC%A7EK%20O%CC%88ZGU%CC%88RLU%CC%88K%20%20SEC%CC%A7EBI%CC%87LMEKTI%CC%87R_.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 396ef3726154d303c78693108cfe0f640bfcc10a005f28b82347ed4cf334f967

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx000003fa19e7318cdac74-0063642c5c-32940f80-default
etag: "aeb66985b729890b9ea6cddbc321dbb0"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 131434

GET
H2 200 ehs-8.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame 17A0 64 KB
64 KB 59ms
57ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ehs-8.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 042454f86604ac81ea995584a9665f9592fcd689fc09ee8c31468cc11fc4b1e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx00000952834b9309c8ea9-0063642c5c-329354d9-default
etag: "d4fbb8b7087bdd390da7b6944124e64f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 65134

GET
H2 200 hs-5.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame 17A0 54 KB
54 KB 59ms
57ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/hs-5.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99ea21b21247429f160b378fa513d25d14773cf72fc7611d91495d9ee5264409

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx0000037fb834962e34c77-0063642c5c-3293868f-default
etag: "60f5e85507ab2d364cc5bf80e791bfba"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 54995

GET
H2 200 BLUE%20VALUE%20copy.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame 17A0 20 KB
20 KB 59ms
58ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/BLUE%20VALUE%20copy.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 571b79cb68dbd4d1fbbb4c374ce65a7980c598feb5268c4efbe2ecbfb3bb160c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx00000bf076cfd04ee0aea-0063642c5c-32941e2b-default
etag: "9ab7d3abeff0dc11bc167359a7337b60"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20434

GET
H2 200 euroNCap.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame 17A0 10 KB
11 KB 59ms
58ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/euroNCap.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: caa61e49abaf63b68255edae4087c5835add9a5906c7d35ee1479e980847ab51

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx00000d92a3bca62d15747-0063642c5c-3293868f-default
etag: "54646cedc740a2368fa01e019c909fbb"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10627

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame 17A0 11 KB
12 KB 59ms
58ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/logo.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 145490dd8e1c98afc1f98b9b89a1ee9479f00bab1a20d140ee4ec9e6d8db3573

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx00000deac870ba6fda25d-0063642c5d-3293aae9-default
etag: "ffe435639bdea3d57d3e87d35b2ea503"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11456

GET
H2 200 7yil_logo.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame 17A0 14 KB
15 KB 59ms
58ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/7yil_logo.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b4068760bb1fca2dca6b86a1e164686918609ebe02bc23b6264156d53a5ae3aa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx0000076f298980637a630-0063642c5d-32941e2b-default
etag: "4708de9cddd0559c49e041fe2fb8ab61"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14793

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0109 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwq0SywSW2kBNSaqVORqwbMJbv5BSJWNA2Quvyj5tQlSdQlbitUujC4c4TyOP2eRkE-9Tf1_edulAhy70NsDs0Bd7JKyXrbJ5v4djeeycYXHSodip4VnXe_tC6o3hGWOpqAhcr_jarwwD2GBSPu4S7zXxb71tHztrDAkfEEaveO9S3TVfuJAuyTmuH_bAjfeeRYicdBBgUVK8Bc1ipb906K7CQCG1QKrEKLLtzUxKiamFwkC8grNq6CbTCvZp0CHDnFc0sJ5xj22jHQMBpwPG-mBEy1ILoLUselV_Il5R6iIWklbTdGF_jo40P2ELp0EbrRh54-WuUtvYoG-to5miXtSjbQTJUSdZls04TZkCOrGE&sai=AMfl-YTSOd3yvsFQjO4hqXt0CikCswzjG5Cc2jFZtn6fUaQf0q1XnZ5LRRV3X_PijO3J3MxUpZ7t6g2hEeJkPVBDwzXqWzFgA82DO7Nb4hZnsRNp1rUQUD-_YvNm_ksgAt-QUw&sig=Cg0ArKJSzKjXs4tsxdQdEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 06:50:41 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D748 90 B
134 B 32ms
32ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7adf32abad9d52805b4e7f1416115c610906dcae0812ec33315ae85a9f115440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
28ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 04 Nov 2022 06:50:41 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 Adform.VideoPlayer.js Show response
s1.adform.net/banners/scripts/components/ Frame 17A0 21 KB
9 KB 26ms
26ms Script
application/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/components/Adform.VideoPlayer.js?bv=769
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: be6c756d6018f907ac9b8ff853e1ddcd59922a725db6130313c02f52629691de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 12:02:42 GMT
server: nginx
x-amz-request-id: tx00000c90cbe86a3314517-00635ba244-3293868f-default
etag: W/"e99d09670d9371704074217e7d095e8d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame D748 52 KB
15 KB 84ms
20ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 17:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 04 Nov 2022 17:54:31 GMT

GET
H2 206 MG_FILM_V2_REV_2_3.mp4
s1.adform.net/Banners/Stream/2114179/lqdxvilsjzn/ Frame 17A0 3 MB
0 26ms
25ms Media
video/mp4 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Stream/2114179/lqdxvilsjzn/MG_FILM_V2_REV_2_3.mp4
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstL0WRW1dLveMTI8zZovVzUXuK3ndTMhzkxn0y7f-qOJblkPzi29OYPYSEwjEGbML-WeXY4TVc5L2t0gF_pw5s1vEJPE17pdLsEmVMTbGY7Q-Ma6aQf1wSWFCfN9fD8lKRDJwtPA52Qrk2hzqd0dFL--BQTKGbIP5ZUqLib0C2gxyeX13u1OlEsraodyPrej9m76zVtbWttS2Fvk_fI8KinCMlLLa4K-KShvOFKTaf1rT8cnBQoAhH6OaEDCEbFUdjJSE-nBBOPVkQz-7K6JXCYECzgrZpUm7EqZpJNg18ItoLR37VFa-OxVZuALXF4OSRjsRZ7kEvQxJhPGgMo4hRmEKP2_J8&sai=AMfl-YSFq9S9FUiZREfmeOYKMQbUtEn0WMwODfmbSfpzXXZp7Qe77nxrTw6OC1zVTEErKNj1VIO3sYEcXK3MBPqXfWgt0wgAWyn5h_HJvy1kiRUKoMWIdCXwEU5VNr0dXIME5Q&sig=Cg0ArKJSzGlIpu8ZkmfXEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=117736586
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://track.adform.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx00000e7d0e5ece80e7d6d-0063642c5d-32941e2b-default
etag: "394e33ae68d011d9829a124489a6c1f9"
x-cache-status: STALE
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-3859243/3859244
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
Content-Length: 3859244

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 73ms
30ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=secureg3sahibindenparamguvende.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 71ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=secureg3sahibindenparamguvende.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 110 KB
18 KB 271ms
271ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4446504275661157&correlator=2676592292968558&eid=31068458%2C31069354%2C31069925%2C31069563&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&npa=1&iu_parts=32607536%2Cmainpage_masthead%2Cmainpage_masthead_floating%2Canasayfa728x90%2Cmainpage_populer_urunler%2Cmainpage_midcenter_w%2Cmainpage_midright&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=970x25%7C970x250%2C1x1%2C728x90%2C835x150%2C522x250%2C300x250&ifi=7&adks=2365433215%2C3427112602%2C3281038005%2C1812325220%2C4131813785%2C1680882054&sfv=1-0-39&ris=1~1~1~1~1~1&rcs=1%2C1%2C1%2C1%2C1%2C1&ists=16&eri=1&cust_params=language%3Dtr&sc=1&cookie=ID%3Dab1b75918a118e9a%3AT%3D1667544640%3AS%3DALNI_Ma1Wg7dUoiEYIbYGH3GOz6KTNjjhg&gpic=UID%3D00000b7c7f0eab53%3AT%3D1667544640%3ART%3D1667544640%3AS%3DALNI_MZXlDQ8izHh8RWaJ5-bG1jVxxxdiw&abxe=1&dt=1667544641945&lmt=1667544641&dlt=1667544639640&idt=1127&adxs=315%2C243%2C575%2C521%2C520%2C1058&adys=74%2C340%2C1261%2C2053%2C2203%2C2203&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C5%7C6%7C7%7C8&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&frm=20&vis=1&psz=1115x250%7C1115x250%7C838x90%7C838x185%7C838x2609%7C838x2609&msz=970x250%7C0x-1%7C728x-1%7C835x150%7C522x250%7C300x250&fws=0%2C128%2C0%2C4%2C4%2C4&ohw=0%2C0%2C0%2C838%2C522%2C300&ga_vid=1741527180.1667544641&ga_sid=1667544641&ga_hid=1226131067&ga_fc=true

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87c94551a4f861bcb53fdef23fc14191.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

890c08d98572b201dfe4af28ba26243edcd20178de96473f182c8c586d1d556c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17889
x-xss-protection: 0
google-lineitem-id: 6149331356,-2,5916612141,1007309776,5916612141,5916612141
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138411120212,-2,138410684408,138207794464,138410799270,138410688470
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://secureg3sahibindenparamguvende.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 58B6 35 B
469 B 26ms
25ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=59236495&event=180&time=1&baid=56160073&name=Viewable%20at%200%25&imprid=2847335109634873351&icid=2462998629043309735&eData=ahNV3Uj17tpJSbjghB_d3g-UOkQpSQHk4fn4X_ACi5jTd-NiTxqoZyQVKbn4ND0eD7dhnM54zp5o4kOyoBiwbg2&rnd=914907813

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstL0WRW1dLveMTI8zZovVzUXuK3ndTMhzkxn0y7f-qOJblkPzi29OYPYSEwjEGbML-WeXY4TVc5L2t0gF_pw5s1vEJPE17pdLsEmVMTbGY7Q-Ma6aQf1wSWFCfN9fD8lKRDJwtPA52Qrk2hzqd0dFL--BQTKGbIP5ZUqLib0C2gxyeX13u1OlEsraodyPrej9m76zVtbWttS2Fvk_fI8KinCMlLLa4K-KShvOFKTaf1rT8cnBQoAhH6OaEDCEbFUdjJSE-nBBOPVkQz-7K6JXCYECzgrZpUm7EqZpJNg18ItoLR37VFa-OxVZuALXF4OSRjsRZ7kEvQxJhPGgMo4hRmEKP2_J8&sai=AMfl-YSFq9S9FUiZREfmeOYKMQbUtEn0WMwODfmbSfpzXXZp7Qe77nxrTw6OC1zVTEErKNj1VIO3sYEcXK3MBPqXfWgt0wgAWyn5h_HJvy1kiRUKoMWIdCXwEU5VNr0dXIME5Q&sig=Cg0ArKJSzGlIpu8ZkmfXEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=117736586
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://track.adform.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 58B6 35 B
469 B 26ms
26ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=59236495&event=25&time=1&baid=56160073&asid=11959692&name=Video%20Play%20Start&imprid=2847335109634873351&icid=2462998629043309735&eData=ahNV3Uj17tpJSbjghB_d3g-UOkQpSQHk4fn4X_ACi5jTd-NiTxqoZyQVKbn4ND0eD7dhnM54zp5o4kOyoBiwbg2&rnd=988658732

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstL0WRW1dLveMTI8zZovVzUXuK3ndTMhzkxn0y7f-qOJblkPzi29OYPYSEwjEGbML-WeXY4TVc5L2t0gF_pw5s1vEJPE17pdLsEmVMTbGY7Q-Ma6aQf1wSWFCfN9fD8lKRDJwtPA52Qrk2hzqd0dFL--BQTKGbIP5ZUqLib0C2gxyeX13u1OlEsraodyPrej9m76zVtbWttS2Fvk_fI8KinCMlLLa4K-KShvOFKTaf1rT8cnBQoAhH6OaEDCEbFUdjJSE-nBBOPVkQz-7K6JXCYECzgrZpUm7EqZpJNg18ItoLR37VFa-OxVZuALXF4OSRjsRZ7kEvQxJhPGgMo4hRmEKP2_J8&sai=AMfl-YSFq9S9FUiZREfmeOYKMQbUtEn0WMwODfmbSfpzXXZp7Qe77nxrTw6OC1zVTEErKNj1VIO3sYEcXK3MBPqXfWgt0wgAWyn5h_HJvy1kiRUKoMWIdCXwEU5VNr0dXIME5Q&sig=Cg0ArKJSzGlIpu8ZkmfXEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=117736586
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://track.adform.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 71ms
71ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110101&jk=4446504275661157&bg=!dXaldjLNAAZPh4lnb4c7ACkAdvg8Wum2ZAL9D-EHXsZqtfSxs_1vRA8pQ-jlWlVNmiwazoScviOCjgIAAACUUgAAAAJoAQeZAq01byD3sI1TULPHyKYCTtIz41TseGZkRZUetVmHst27792coCX7CyFcfTQvsq1V4mgfmtNuBaKcDWTNff6V5umQfMrJtjEiw77c2yMMkMYdfbocajbHUatZNotzP2B4sx1JQ6zkZhT1oxKjhonm0UC8AqZ0lLMSlFMOHxZj7PPL7cBmEj3WvhZAtfNhZmCWuCrAyRYT8pQGK7GBLYO9JIF0d_cPUMq2_jnDOroVpd7c2BSUHE9ioPwSb9w3j71Nl1b_4QqG7FOQFg5NGgJHPjFeA__RJ3EuqREpS6aP3hfzDDhVxWPXttoiWg1MmMewr9LeMDFsp1qk8xHpIzJzveCf1kAtn4o0Gw8jDSiGdVUYEUxevCmNP85WjCSbYFqtQfJQTdxQxTcQ-4as7L5LOjMlaeJ-TjFm52GVaVhId9sgDoF8P0XIVPMikj0Cmb2hPzzSRsBda0OqZDRGjFvjVUmNGZaVws20sTWjHSOQdSwaA-t0iCKjcNfHmY7O8zPHrKkOJJ5GDh3KWCl1mAdeorlEFNjKT-ZGHAKfxJvYNsUcZGKPpPQ731o0UDQT2RuznJwWFq88r5ngVpDh7Z1OoK0H-BtRoBr90gdmm6Qrn6pEo32uSh--Up3TMLb6ynaNw7OCj03VfqvEXHvOD4O5mpM74pJGwXn2lPYZ31Y9UN0czBPmxmBRLcDWbAGQ93I57oT-fbmuq5V2AucZz2tKtJGHRXsfDf-HfeUmg3dAOuk1NPis08tB3qKF_ZYBF3q0qTyWTyeXFYnuyRAtgGOiz_oRJfSz0DlrozU_nFvKrkfTfqh8zktnsocdIY2Z-roQgEGlBM2QDqFVpMQSl5evHvXnHPGkvxL1FalHdDdOxu9uTsWnBuZZHcMwZwYrqwJlTfDTRtmQU69JINyPpCXn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 74AB 0
0

POST /
track.adform.net/serving/unload/ Frame 58B6 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 2660 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6853 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIE4-W-JpWuEdijSmggLVSUJdZ-b-Z-jvxnWws-hq2KQg6uqGbWTa-MQ-qc_ZkvqtnGii1JoqDINMCkvtgeuFDBQOULUtdDwyAZ5Ud9On5F2O1wHhbUsSDGKuRJkf0rwtbAMhNzwm2AzJjXidD02ATAHhh8K-h6IKAZhlNAFbck2lRPEU52FCmxisPE_0-u0UNt-2oAUhb8E2MRWS3wKkkxLmKVqbybCLNC9wUYuOusfklJrRTleNqh_MAMc0Dz5eJ7tzRWWZ6yz9ejQJMBjqvxCjBs_wsCN0SJyWEjH9bmULY9EocnVUTGAwPG_QQQU_VNdaluycoodTp9twI65g5t57nCQ4rsyLGGII&sai=AMfl-YSR-uB3U7W4mgKgqQHMwJFQGLLttCurTF0TDuQT36yVoiYIb44sawQSpaDOrDMEbCruKl-3YtInlMDtnaC0NlZ-OVxepUbsa6sXtoM-hu25tvtnrN8f1VSQwJrzXRyRwg&sig=Cg0ArKJSzO2ih3WfDebWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 45FC 2 KB
2 KB 26ms
25ms Document
text/html 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvMCD0PVwywLzZlWVYyMChzvTMIAwPz7_TdMp0eJDSyo_AmErZSv5Q5_4bN7gMYQb0SfXLwfIwUDFU6D_meYvdnoyVtW5sgzTUI-LnX4hh6po3XdrJWtr6NgenNgRw9ksywz6swz9lAKO7FBlt1g8mQ0ubb_uBRgV7apxxmAzjYnVJwReCkWpZ54SxG2V_FbZQNzlkCm8ZAaztUhUaxvfW4ORUPfhP6HhSjG6ynpR9tKpahAL9sJ_XQzSwqE5AzjNQSUGsyQ1u7rTb1XFZOHfkJNrGQjt7_GuuJ09in0joTqFQhLXz6AOlBCUa4mAxwQ6tQkncTHnn8aA--6wmWJitpCxkhI6g&sai=AMfl-YS-Gt-8aSB3Bo5y2fJg5dWnfbOW8B133HB7YIJfiDXBHB6n_yIUpy1FVYWa71z6BrG30HOV7kDqsjazpX8yyzZ-EHfw56Hr-lPg6iGKspMI-_dzL-KBnEV6HImhCR9uyA&sig=Cg0ArKJSzMpV6pW_tVfHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=1884043197

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1d66a4f340dbdfeda8747fc08cbffba2ec22be9668ba98a69145cd7fbdfdbdfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 04 Nov 2022 06:50:42 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6853 153 KB
47 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 06:50:42 GMT

GET
H3 200 container.html Show response
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 5349 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 06:50:40 GMT
expires: Sat, 04 Nov 2023 06:50:40 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 0109 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 5020 0
0

POST atr
www.youtube.com/api/stats/ Frame D748 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 06A5 0
0

GET
H3 200 container.html Show response
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 3830 6 KB
3 KB 23ms
19ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 06:50:40 GMT
expires: Sat, 04 Nov 2023 06:50:40 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame D6F2 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 06:50:40 GMT
expires: Sat, 04 Nov 2023 06:50:40 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 8CBA 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secureg3sahibindenparamguvende.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 06:50:40 GMT
expires: Sat, 04 Nov 2023 06:50:40 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 5349 24 KB
7 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7370
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Nov 2023 08:50:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5349 153 KB
47 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 06:50:42 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 45FC 34 KB
16 KB 27ms
26ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvMCD0PVwywLzZlWVYyMChzvTMIAwPz7_TdMp0eJDSyo_AmErZSv5Q5_4bN7gMYQb0SfXLwfIwUDFU6D_meYvdnoyVtW5sgzTUI-LnX4hh6po3XdrJWtr6NgenNgRw9ksywz6swz9lAKO7FBlt1g8mQ0ubb_uBRgV7apxxmAzjYnVJwReCkWpZ54SxG2V_FbZQNzlkCm8ZAaztUhUaxvfW4ORUPfhP6HhSjG6ynpR9tKpahAL9sJ_XQzSwqE5AzjNQSUGsyQ1u7rTb1XFZOHfkJNrGQjt7_GuuJ09in0joTqFQhLXz6AOlBCUa4mAxwQ6tQkncTHnn8aA--6wmWJitpCxkhI6g&sai=AMfl-YS-Gt-8aSB3Bo5y2fJg5dWnfbOW8B133HB7YIJfiDXBHB6n_yIUpy1FVYWa71z6BrG30HOV7kDqsjazpX8yyzZ-EHfw56Hr-lPg6iGKspMI-_dzL-KBnEV6HImhCR9uyA&sig=Cg0ArKJSzMpV6pW_tVfHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=1884043197
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2bc342ab9f4dea0eb0b244afb0e55862e8f8eadf462e36b16c3bdf6b33c0f87d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 07:27:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 05 Nov 2022 10:24:25 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6853 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoK7uerz0ypUuYfHjLru1bEv3WlaMaSYE0xU1UTw-1nd3VLXoOURnKWscKDzcpq9miJSay6mUTvbwx9mFsN-XyWeMNLmyQyxYz0rQMH8KSFP3_uwquDXmR3Mk_A3sTdRoqIMbYKqLSKfndqG5fQlX1CuoYHbCVK9IjFXHgDz8GE046_oWlW2RLVGq7yMPv_0wcpfwwrvVb6gUYspUoNF331Mlx7JG0_xxfXvCDWEO9Oks6SOskDs9V_bHIZDOWs40EYC67diKwPW2xXv_Kx5c21gdQlRh9ecOzWQcm682sMcBeCrQhw2oWFZPdtOrgb7QJu6ifZVBjAUqz4Igo8Tce6S9fIU8RRXowSDFmmw&sai=AMfl-YSoXaoZ89EuDHW-c4AhkDhugvmMRPsaQD2yUeD9TlSTiMm917sENCZ7NHJ0sFQEJ1udY9cX-mJDGJQv_0NEcMJ268TM3q4nr9rfjvYzm-TFL8-q5SPtsuVqjh42iKKVGg&sig=Cg0ArKJSzCVE_HGxxI7lEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 06:50:42 GMT

GET
DATA 200
OK truncated
/ Frame 6853 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce246a6e4310173249108dd6bd3cee613d30177877f415626d63270595e7040

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 3830 24 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7370
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Nov 2023 08:50:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3830 153 KB
47 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 06:50:42 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame D6F2 24 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7370
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Nov 2023 08:50:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D6F2 153 KB
47 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 06:50:42 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 8CBA 24 KB
7 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7370
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Nov 2023 08:50:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CBA 153 KB
47 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 06:50:42 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 45FC 9 KB
4 KB 27ms
26ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvMCD0PVwywLzZlWVYyMChzvTMIAwPz7_TdMp0eJDSyo_AmErZSv5Q5_4bN7gMYQb0SfXLwfIwUDFU6D_meYvdnoyVtW5sgzTUI-LnX4hh6po3XdrJWtr6NgenNgRw9ksywz6swz9lAKO7FBlt1g8mQ0ubb_uBRgV7apxxmAzjYnVJwReCkWpZ54SxG2V_FbZQNzlkCm8ZAaztUhUaxvfW4ORUPfhP6HhSjG6ynpR9tKpahAL9sJ_XQzSwqE5AzjNQSUGsyQ1u7rTb1XFZOHfkJNrGQjt7_GuuJ09in0joTqFQhLXz6AOlBCUa4mAxwQ6tQkncTHnn8aA--6wmWJitpCxkhI6g&sai=AMfl-YS-Gt-8aSB3Bo5y2fJg5dWnfbOW8B133HB7YIJfiDXBHB6n_yIUpy1FVYWa71z6BrG30HOV7kDqsjazpX8yyzZ-EHfw56Hr-lPg6iGKspMI-_dzL-KBnEV6HImhCR9uyA&sig=Cg0ArKJSzMpV6pW_tVfHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=1884043197;js=1;adfxid=1x;10031;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fsecureg3sahibindenparamguvende.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

47cab2055b63eb4e005a7761abd4299b3c35fe8613144d9f5fcf0de9e7460c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvMCD0PVwywLzZlWVYyMChzvTMIAwPz7_TdMp0eJDSyo_AmErZSv5Q5_4bN7gMYQb0SfXLwfIwUDFU6D_meYvdnoyVtW5sgzTUI-LnX4hh6po3XdrJWtr6NgenNgRw9ksywz6swz9lAKO7FBlt1g8mQ0ubb_uBRgV7apxxmAzjYnVJwReCkWpZ54SxG2V_FbZQNzlkCm8ZAaztUhUaxvfW4ORUPfhP6HhSjG6ynpR9tKpahAL9sJ_XQzSwqE5AzjNQSUGsyQ1u7rTb1XFZOHfkJNrGQjt7_GuuJ09in0joTqFQhLXz6AOlBCUa4mAxwQ6tQkncTHnn8aA--6wmWJitpCxkhI6g&sai=AMfl-YS-Gt-8aSB3Bo5y2fJg5dWnfbOW8B133HB7YIJfiDXBHB6n_yIUpy1FVYWa71z6BrG30HOV7kDqsjazpX8yyzZ-EHfw56Hr-lPg6iGKspMI-_dzL-KBnEV6HImhCR9uyA&sig=Cg0ArKJSzMpV6pW_tVfHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=1884043197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3964
expires: -1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5349 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyxULCfnaLrjNy34aNQ3AowJwdgOzpaSTKFfZnLrRuj3GUkvFBZdXrGzRbLbRVFY3RhUONpQKySRzXC0teAExyjseGj4iomLiC9cKa4Bt8L24yJPHJLhmnM9ydAt-MpDWb3-8EskSNy5Vdz253oYgd45PdW5MsJ4fNNQOTLXndnFHZTG2OKqprQeK8ZEYfLvWRVK9OuYZKJ3SzM6P3gmu1qZxWNq0LLHTroHNBvY2YKP4ds_ZrikqHdoPo6qqpqA4OTSext4hFE8Q9EV_3P4iYc9GGX58Gn2xa9Y18_VlnRunxLqseUY5neVrpaHFVvTlzitPjMBCXUjdzcjwykalUvIFiisXLeWM&sai=AMfl-YTHszHAfm0wT1QWl49J7dSWtkVZCwgfpwmHkJBSfO2GeXhzFQhSW6iLahe2lYJDKfHpTByLGtySCh_A9HA4_tivNwf_fXpVFyBfPOOg3dqNq1kSWXDLUbRv9BSr-MAViw&sig=Cg0ArKJSzE965Ba6-U_oEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 11527343736618471068
tpc.googlesyndication.com/simgad/ Frame 5349 37 KB
37 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11527343736618471068?

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33dc01d5af706aa1942b8365a41e0f5d67fe158a7310a868d6725ae476f05cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:24:56 GMT
x-content-type-options: nosniff
age: 167146
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37580
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 06:54:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 08:24:56 GMT

GET
H3 200 container.html
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 5349 6 KB
6 KB 20ms
20ms Image
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2988
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Nov 2023 06:50:40 GMT

GET
DATA 200
OK truncated
/ Frame 5349 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e6a8518c3ce19b9bccd495859cb99c795dc6033f3d30a19669ce27aee99e47d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3830 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlsKfpb39JhYTogKNrUbrAMYNn0Xms-ymQb8dWWcu40u6uhJ0JWz2GQG8_svUpa_Vs1JjnI_b8FXYTYZA3BUXyuypDykipRV33fyqApbcPKq07SJ8zUfgij9CTVj7oIolXLZl9ELgRvW_KjHoupjsd2TczpmYONFs473x1SrhBkQ0zrX8KRlbxdpBVvbYKjQgLMEhAe7p9kVPAos2OawHgoK0qa9DG4PS9Ch2dFx5l6lZnWoi3IdhDXaROBPNDkvuF80EeK7wIKKs8-xMwViY769i0eP4uG5DRjlesHOX8HnCQf_SiXkY5ogEwTKd4Yu47llE8OCIR4M-BPRKAdyqRUFA_2u98fvIStYc6nZcd&sai=AMfl-YSIOJ3UNitxdYDCEZOZhDHYbNFlkAsLeRSzgwJWEFbPpBr0VcQHx3GAMw6x5e_j3atFtFZ1SgJJvcbsqRW7w0ktT4nXVSg9a0Mdymy_GQQfFxWdDwHgLEZZDDPeybiz-g&sig=Cg0ArKJSzHzigP1xHck6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D6F2 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGMbdRGl1iWAmp1Db1-osZulEmprlw6CNHzqiPKTNJ5uLbmcW82O1GjO6x5kEQ1l3qZ0qWfo_he0i8fZA_rHb1Bp4ZveIKhCbcaa7yDLybNyIy5889PJnucxgedEDlrhrxtdVvYKKzuMIIPRvXiHPtdGyt4_L-3LNse4IR32gLS8hbsPLmAlLDgspt84w90YKtTdVSNBhQiSBJRm0LdcLg2-SF9VIXA-p0ezgaCdZPPFHJTCUpTKNuHhja1c2w2z5rTrcZE77VX7KslUCGhP1OmKENF68yFHjkGZHqTelqUTQ-PEMcJ7nN0C_sC5Ck5gkBm8gKLXYs4PHZ7cz-JI3m5FULjYptKd8kVnY&sai=AMfl-YTnOyhfEAMnEttKpbjYpIPzOZQKi1BvSwArZB5GtKzKw12ZaM7OfXPsPEwGFyCOL5vuWsQ2ERiJOCsNLFzbD3fwSnHJGbSiPWWClejg7mh2KuOLBtHMnKJrupNOa7aiUA&sig=Cg0ArKJSzEqdiXhZgBlSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 QASJggonHWE Show response
www.youtube.com/embed/ Frame CB20 68 KB
27 KB 62ms
61ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/QASJggonHWE

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79f9290954cd0aaf423f6d12badbd55063b5afe4ad8056d01766964bcb75363d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 04 Nov 2022 06:50:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CBA 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUXUqbDHCWZFW9V_o_KiWsHvgeZKTZIoYk4FMhTZXut_luUrJo3AUBflhjOeiW2vyI0ANkcBA344HgC9rrCOtotcgPeLnDi31ROkzL_3yKkJGR-7tDfMHlG6eD-Zj_566ji24sh9zxgOcFSI68Om13ggzlZuubS-QWyqBC2Kmd6k1zJ1y7UZM5mkeIUImVp798YlCROMPyhhaPVQ0j9kymgbVEM4WR38t7q-dAQfydL-uoi1TT_U2HY5g_I073xKToO6VJirxZnvJ4YWDfl2WqlocacHwPZXXE7yavFmrsxKGDTiBVs2jlfs3w8S8xCBOVfbr3vc3noJlCMq95_MtMG7rYcJf0huYaXxA&sai=AMfl-YRL6t7E9CCoBrXEfzOKI17snnHZf0c__nrlFb_fllbATk9gYS6pM4Evon574VCaG33PEduj0133xQ9ZCLAhPpaW0ZRZMk2fSDwfvNmnsQasU_CN4dUE_6yhwH-inzYnsw&sig=Cg0ArKJSzHJCxi4D-OPWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 2.png
image5.sahibinden.com/cms/files/banners/populer_urunler/2017_08/ Frame 3830 45 KB
45 KB 61ms
59ms Image
image/png 85.153.138.181
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image5.sahibinden.com/cms/files/banners/populer_urunler/2017_08/2.png
Requested by: Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.153.138.181 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: f851eb2b8cd1a31aefffa6c4a5d6dc1518fbd5da79466093b7ba0b01ef55eb39

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-proxy: tmll-217 32,83
date: Sun, 23 Oct 2022 04:30:32 GMT
x-vdebug: processed_images_nginx 114313278 1835013
last-modified: Thu, 03 Aug 2017 14:31:09 GMT
etag: "598333ad-b3da"
x-isdebug: t=pu01p
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 46042
expires: Tue, 22 Nov 2022 04:30:32 GMT

GET
H3 200 17541808791646426548
tpc.googlesyndication.com/simgad/ Frame 8CBA 25 KB
25 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17541808791646426548?

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93505adfdcdf8f1974953a9ab27a2fb2037dc1d203cd8a7941e61d35a1edd015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:24:01 GMT
x-content-type-options: nosniff
age: 167201
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25854
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 06:40:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 08:24:01 GMT

GET
H3 200 container.html
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 8CBA 6 KB
6 KB 22ms
21ms Image
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
URL: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2988
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Nov 2023 06:50:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5349 0
0 62ms
59ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDNGZ8OlqfbXIKYuqRNBgy5X1OLkEq0idy72kdxXdIDCbky0OrnRaIlygUXEM-GuzYTbNgMS8t73wwqgA-5XmDcXLfauo9OvqrRBb-qAGmpZ-M4VEb9wonW5Xo_VWGLyZnv9V9-BimCnjFF3lmWsapEK1UGQ5zzauP-j4IzLqBVbMm3OX_G3G76x97_NVVuAhPvCf6JVh8MMdt__wdVxaCd2U5zwFo_He0EGphVTcQRNxKHbVcuOPiaWMb3aZCoC6a1jmAUqXv9c4pch4N0QbWrl7GWcnXynSwCIz6kx32RerjdCgm5BojMfiXY_YJNmQeaHDQ_vjxEn7jr1EU0Voh_5-atfeK4Solzw&sai=AMfl-YSdMnU37EsIaI8xsNYUU3DqBOtndSNzRW7Qz1IcsN11vCBb5svF8fGgiwEsQEkTzp8iJ1Bdc4eXxJraXuaxgcdOCUAgH0yLmjaKk-F-NkZVEQAhM3RUU5ZguOtYU9AJWQ&sig=Cg0ArKJSzP2uQyyj917IEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 06:50:42 GMT

GET
H2 200 /
track.adform.net/jsmetrics/ Frame 45FC 43 B
208 B 26ms
25ms Image
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?sid=528&rid=3966&cid=1718&adfserve=41&asset=27&deviceType=Desktop

Requested by

Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvMCD0PVwywLzZlWVYyMChzvTMIAwPz7_TdMp0eJDSyo_AmErZSv5Q5_4bN7gMYQb0SfXLwfIwUDFU6D_meYvdnoyVtW5sgzTUI-LnX4hh6po3XdrJWtr6NgenNgRw9ksywz6swz9lAKO7FBlt1g8mQ0ubb_uBRgV7apxxmAzjYnVJwReCkWpZ54SxG2V_FbZQNzlkCm8ZAaztUhUaxvfW4ORUPfhP6HhSjG6ynpR9tKpahAL9sJ_XQzSwqE5AzjNQSUGsyQ1u7rTb1XFZOHfkJNrGQjt7_GuuJ09in0joTqFQhLXz6AOlBCUa4mAxwQ6tQkncTHnn8aA--6wmWJitpCxkhI6g&sai=AMfl-YS-Gt-8aSB3Bo5y2fJg5dWnfbOW8B133HB7YIJfiDXBHB6n_yIUpy1FVYWa71z6BrG30HOV7kDqsjazpX8yyzZ-EHfw56Hr-lPg6iGKspMI-_dzL-KBnEV6HImhCR9uyA&sig=Cg0ArKJSzMpV6pW_tVfHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=1884043197

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvMCD0PVwywLzZlWVYyMChzvTMIAwPz7_TdMp0eJDSyo_AmErZSv5Q5_4bN7gMYQb0SfXLwfIwUDFU6D_meYvdnoyVtW5sgzTUI-LnX4hh6po3XdrJWtr6NgenNgRw9ksywz6swz9lAKO7FBlt1g8mQ0ubb_uBRgV7apxxmAzjYnVJwReCkWpZ54SxG2V_FbZQNzlkCm8ZAaztUhUaxvfW4ORUPfhP6HhSjG6ynpR9tKpahAL9sJ_XQzSwqE5AzjNQSUGsyQ1u7rTb1XFZOHfkJNrGQjt7_GuuJ09in0joTqFQhLXz6AOlBCUa4mAxwQ6tQkncTHnn8aA--6wmWJitpCxkhI6g&sai=AMfl-YS-Gt-8aSB3Bo5y2fJg5dWnfbOW8B133HB7YIJfiDXBHB6n_yIUpy1FVYWa71z6BrG30HOV7kDqsjazpX8yyzZ-EHfw56Hr-lPg6iGKspMI-_dzL-KBnEV6HImhCR9uyA&sig=Cg0ArKJSzMpV6pW_tVfHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=1884043197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 22 Jul 2016 07:37:00 GMT
server: nginx
etag: "5791cd1c-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
DATA 200
OK truncated
/ Frame 3830 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c692a6766833ecd8faa44a99011f03cfca1a1c819aa5c9edf197115306767d39

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D6F2 0
0 58ms
56ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuloac7MPBHaHhBRDQBT-NbVtt5C4bP2-ReuuEsUd_kSnhB1fa0hG3iUR2I0F5zM6x_YnoRTiSX4GdRoRjHjg4QQIyMl1fHMVG3bWCB-RvDAszYDR3qCZ4Ddo2xcJZmOEi2NuNZeI41azHYSt00vkXY4vjzOu5WC6QBvSA3-kJbOHBVn30TKVPpgqgiGC3BiLgLa1bWsRzeYIc0wayu4GTarzO9RSAYTV3aJZgXbg2JJLzulhI8j75ovCY3tfcRu9MFPk-Ir8ph81xNdH1iC9MCojLpXJr67APhlI02p5L2TpRr7BvN-oQrXOCydjDKNS53MvWiosEi2wtqtnrNjSSkDMi5vvcns2gtkT5vTA&sai=AMfl-YRWHlBLdMKnAOb9dvlEJYIhAer5-4uNmdGMpPay2phjDQOL9CChdyn_vTzxTEAtzqCeyjko6a4SjX7k7DLUrPh0yw9fya5Ol8drazBy9DdJl55deJ-kwY4I0Zl4vLYPbg&sig=Cg0ArKJSzA4eVZ0E2A5VEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 06:50:42 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3830 0
0 61ms
59ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYLI96AEY7KXePzG9wqR-N8vsmAznmwqpCV9zX3fGIZ2WW39z0qcJIQEJPaa2hDK7A6n19wTKK2Yc_Uq7PPS2jgvoazBguKE6YPQiuuV4sw82E5b1qtapw7ljOhqTDV-BxC0EkSaqhWlrjpxbdX7LsGI8pCBGOPCssA9f2iZhXr4u--QWm5-SXGZ2oBa7KURhdj9Bs6PKoiigNnmPr9_3Dzr8apxbcXAYeY6xVyAyLq7_RUqaXdIrP3ysH1OIdeQ1UQqnoygdoPJESvYWioFOiB5EuGe-UrrmsS2TbD6FNb-nEevHXHuMtGa4wq4U7iLlaSSqyMXg7a_MlvLAzY63Xc6tb3H1C-D0IDNY_U0eZFJg&sai=AMfl-YRA_AgYufjGDwybENS-QxJK4nza5n_YFmeUpXegHWCKdr-UZZrM-VVR0S7wwr-Ski-VX0yY9Yp8nfsfxpkpivDnm6h10NtqkNZC0SCsbBkyGy9-WX8tumjlOWmQA84KXg&sig=Cg0ArKJSzIUrZKnUIe75EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 06:50:42 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/03bec62d/ Frame CB20 359 KB
49 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b5aeaf9d1fd6e90788e5238257f2dea0d3d4704476e3fa6f287f9a7a8d0ef70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 285241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49793
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Oct 2023 23:36:41 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/03bec62d/www-embed-player.vflset/ Frame CB20 306 KB
95 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6aac4b7c20a6113b3c3c3a57efd343377401ffb7b030af99ed5c75e2cd9bb2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 285241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97445
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Oct 2023 23:36:41 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/ Frame CB20 2 MB
573 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52944d263cf68eed6446878915f0abd61bf849583c3bd8f6b9241b68ddf7ebbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 15:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586744
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Nov 2023 15:35:27 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/03bec62d/fetch-polyfill.vflset/ Frame CB20 9 KB
3 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 08:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Nov 2023 08:49:35 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 45FC 90 KB
39 KB 365ms
364ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 532a8e65348794f09d3decd5b7aae67a0acdea25b0ad787c604edc4d02f29709

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 07:27:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 05 Nov 2022 10:24:40 GMT

GET
DATA 200
OK truncated
/ Frame D6F2 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c509a5530f8d58bd692204b884e689f2a874631d716c560abb6cbd6940eb4ffb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB20 15 KB
15 KB 94ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:32:01 GMT
x-content-type-options: nosniff
age: 80321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 08:32:01 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB20 15 KB
15 KB 96ms
24ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 289763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 22:21:19 GMT

GET
DATA 200
OK truncated
/ Frame 8CBA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a588300ee9e914f5ac8f7634a3f68e2b78ac36e35e169f211f2e4d513f63caab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CBA 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsub-B5qXal2OhCY9kIpU5-_7vlmR5y0m8XHKRHTIcIE0FuKu2bDxPfg3wJhMTaKB6MahRcKxqLuc7SGGwZXF2hH-xYtR_k7O9R_4xM0LVoiQ7CGY359j0hNMYBF5SQ9Y62Nq3pTFJbQAnO6P41eK8VI6XW1tVCzqnhhoazsKtYUXCn7dZ5xHyC2Sk_JwWMbgo8kw5H5SNqVaC5t2lR8NT4LpZJmQh7zba7L2ZMMc8_k8-HcWeXqtBB-uKnGiuPjc1cDc7OLhcLAJuxdDM9BSWjnUdijkTujlG5VfwLO7xRP8itlz2P4JE-mpuin08i8KwStWTY6FDLiWCcY2bq87XnJ8hJM11nveV9-zYCgHA&sai=AMfl-YRetK2ukNu4ay7HyLy-88ewJ_FUDSHt2L-tqrcdKVnQXdZ2rWuPqde-k2lDrbpYuBnu5Zs2VFK77DTT8BxNGymxMupyOfdCpRNfU1gJhmCt-MWTsI9av3a7e_r7PfpsJw&sig=Cg0ArKJSzAfWGRFNoQxSEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 06:50:42 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame CB20 113 B
159 B 50ms
29ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29f83212b1b151f57e5fc0c3078e9a46bdaf4ab87b8bb5b6f1871fddde7056c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CB20 29 B
54 B 84ms
29ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:07 GMT
x-content-type-options: nosniff
age: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 07:05:07 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 39ms
35ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 04 Nov 2022 06:50:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CB20 66 KB
30 KB 44ms
42ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2d8da716ff2594b4b67fc27ca8f9bab6826ec3706091f59a6678fb05561addb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31050
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/ Frame CB20 118 KB
36 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c10a2de8f1b0221a6c9262b05e6875250bba9e8306491b57d87b733464fb3897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 02:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 276020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37046
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 01 Nov 2023 02:10:22 GMT

GET
H3 200 gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js Show response
www.google.com/js/th/ Frame CB20 36 KB
14 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80cb07f384d0ba20c455faf5042b46e7171d37bddbe1d5411e99c6a8d1e76a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 05:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14294
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 05:05:40 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/ Frame CB20 26 KB
8 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a61f4764ca0397c54a0a909f8893f4869823a99384675feb591c58a802c5b9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 02:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8226
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 01 Nov 2023 02:22:35 GMT

GET
DATA 200
OK truncated
/ Frame CB20 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AMLnZu-wEql_-B1VJR1CY9XI0Pga5Kxuk6yb6JyM9v_7kg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CB20 2 KB
2 KB 114ms
22ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-wEql_-B1VJR1CY9XI0Pga5Kxuk6yb6JyM9v_7kg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dca4e2b9ca423c6056ca5ac711c2f8e7c2011407c5d71363a734eb1d7e7434a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 05:26:34 GMT
x-content-type-options: nosniff
age: 5048
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2519
x-xss-protection: 0
server: fife
etag: "v15ff"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 31 Jul 2022 17:39:33 GMT

GET
H3 200 sddefault.jpg
i.ytimg.com/vi/QASJggonHWE/ Frame CB20 35 KB
35 KB 113ms
23ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/QASJggonHWE/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bd34adb4c54a974e22f0b91b0bd32e9dd27db57dcfadff0fc36cd1a83e084f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:34 GMT
x-content-type-options: nosniff
age: 8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36227
x-xss-protection: 0
server: sffe
etag: "1667384900"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 04 Nov 2022 06:55:34 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame CB20 0
10 B 47ms
27ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?21EedQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/QASJggonHWE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/QASJggonHWE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CB20 90 B
134 B 47ms
45ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

135fbdb5ad240b09bab468cfaa2f1afff62615fe961b638dfce19d68d980e387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 44ms
41ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 04 Nov 2022 06:50:43 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CB20 4 KB
2 KB 38ms
34ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 06:50:43 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 45FC 35 B
469 B 36ms
22ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59236495&csi=HCsF2J9ynZdJDaQvl8I93HYXJn2jQQ3lEb2cpc1cczUJDwKV3Zer3KX2bGT2pToYyWkpGNp7v8rnUs3DgX6XvN6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvMCD0PVwywLzZlWVYyMChzvTMIAwPz7_TdMp0eJDSyo_AmErZSv5Q5_4bN7gMYQb0SfXLwfIwUDFU6D_meYvdnoyVtW5sgzTUI-LnX4hh6po3XdrJWtr6NgenNgRw9ksywz6swz9lAKO7FBlt1g8mQ0ubb_uBRgV7apxxmAzjYnVJwReCkWpZ54SxG2V_FbZQNzlkCm8ZAaztUhUaxvfW4ORUPfhP6HhSjG6ynpR9tKpahAL9sJ_XQzSwqE5AzjNQSUGsyQ1u7rTb1XFZOHfkJNrGQjt7_GuuJ09in0joTqFQhLXz6AOlBCUa4mAxwQ6tQkncTHnn8aA--6wmWJitpCxkhI6g&sai=AMfl-YS-Gt-8aSB3Bo5y2fJg5dWnfbOW8B133HB7YIJfiDXBHB6n_yIUpy1FVYWa71z6BrG30HOV7kDqsjazpX8yyzZ-EHfw56Hr-lPg6iGKspMI-_dzL-KBnEV6HImhCR9uyA&sig=Cg0ArKJSzMpV6pW_tVfHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=1884043197
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://track.adform.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 11959692.js Show response
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/ Frame E6E9 43 KB
10 KB 47ms
35ms Script
application/x-javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/11959692.js?ADFassetID=11959692&bv=769
Requested by: Host: secureg3sahibindenparamguvende.com
URL: https://secureg3sahibindenparamguvende.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6d38e3f42d2b996c9444d172a20ee8fa651485cbf0127f7cc79d3b47fa465229

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
content-encoding: gzip
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx00000fec6ad1fd00942b8-0063642c5c-329373d4-default
etag: W/"07cd4163c5546e6fdb796fd41649a4ac"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame CB20 52 KB
15 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 17:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 04 Nov 2022 17:54:31 GMT

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame E6E9 30 KB
14 KB 61ms
45ms Script
application/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx00000626a5c1adfe1dc59-00635ba244-329354d9-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Katman%201.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame E6E9 142 KB
143 KB 62ms
46ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/Katman%201.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 265bc2d568a11169494c5557bc88f41354ad39e0b83f418bb48c712bf884c2aa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx0000091b3fcc23860b712-0063642c5c-3293aae9-default
etag: "cfacc0ceaaa88b812c2b9e57426ef449"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 145610

GET
H2 200 GERC%CC%A7EK%20O%CC%88ZGU%CC%88RLU%CC%88K%20%20SEC%CC%A7EBI%CC%87LMEKTI%CC%87R_.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame E6E9 128 KB
129 KB 76ms
60ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/GERC%CC%A7EK%20O%CC%88ZGU%CC%88RLU%CC%88K%20%20SEC%CC%A7EBI%CC%87LMEKTI%CC%87R_.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 396ef3726154d303c78693108cfe0f640bfcc10a005f28b82347ed4cf334f967

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx000003fa19e7318cdac74-0063642c5c-32940f80-default
etag: "aeb66985b729890b9ea6cddbc321dbb0"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 131434

GET
H2 200 ehs-8.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame E6E9 64 KB
64 KB 79ms
67ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ehs-8.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 042454f86604ac81ea995584a9665f9592fcd689fc09ee8c31468cc11fc4b1e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx00000952834b9309c8ea9-0063642c5c-329354d9-default
etag: "d4fbb8b7087bdd390da7b6944124e64f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 65134

GET
H2 200 hs-5.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame E6E9 54 KB
54 KB 79ms
67ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/hs-5.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99ea21b21247429f160b378fa513d25d14773cf72fc7611d91495d9ee5264409

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx0000037fb834962e34c77-0063642c5c-3293868f-default
etag: "60f5e85507ab2d364cc5bf80e791bfba"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 54995

GET
H2 200 BLUE%20VALUE%20copy.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame E6E9 20 KB
20 KB 80ms
68ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/BLUE%20VALUE%20copy.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 571b79cb68dbd4d1fbbb4c374ce65a7980c598feb5268c4efbe2ecbfb3bb160c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx00000bf076cfd04ee0aea-0063642c5c-32941e2b-default
etag: "9ab7d3abeff0dc11bc167359a7337b60"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20434

GET
H2 200 euroNCap.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame E6E9 10 KB
11 KB 79ms
69ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/euroNCap.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: caa61e49abaf63b68255edae4087c5835add9a5906c7d35ee1479e980847ab51

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx00000d92a3bca62d15747-0063642c5c-3293868f-default
etag: "54646cedc740a2368fa01e019c909fbb"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10627

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame E6E9 11 KB
12 KB 79ms
69ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/logo.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 145490dd8e1c98afc1f98b9b89a1ee9479f00bab1a20d140ee4ec9e6d8db3573

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx00000deac870ba6fda25d-0063642c5d-3293aae9-default
etag: "ffe435639bdea3d57d3e87d35b2ea503"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11456

GET
H2 200 7yil_logo.png
s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/ Frame E6E9 14 KB
15 KB 79ms
69ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2114179/11959692/main/bvpath_769/assets/7yil_logo.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b4068760bb1fca2dca6b86a1e164686918609ebe02bc23b6264156d53a5ae3aa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx0000076f298980637a630-0063642c5d-32941e2b-default
etag: "4708de9cddd0559c49e041fe2fb8ab61"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14793

GET
H2 200 Adform.VideoPlayer.js Show response
s1.adform.net/banners/scripts/components/ Frame E6E9 21 KB
9 KB 40ms
26ms Script
application/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/components/Adform.VideoPlayer.js?bv=769
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: be6c756d6018f907ac9b8ff853e1ddcd59922a725db6130313c02f52629691de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 12:02:42 GMT
server: nginx
x-amz-request-id: tx00000c90cbe86a3314517-00635ba244-3293868f-default
etag: W/"e99d09670d9371704074217e7d095e8d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 206 MG_FILM_V2_REV_2_3.mp4
s1.adform.net/Banners/Stream/2114179/lqdxvilsjzn/ Frame E6E9 3 MB
0 33ms
32ms Media
video/mp4 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Stream/2114179/lqdxvilsjzn/MG_FILM_V2_REV_2_3.mp4
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvMCD0PVwywLzZlWVYyMChzvTMIAwPz7_TdMp0eJDSyo_AmErZSv5Q5_4bN7gMYQb0SfXLwfIwUDFU6D_meYvdnoyVtW5sgzTUI-LnX4hh6po3XdrJWtr6NgenNgRw9ksywz6swz9lAKO7FBlt1g8mQ0ubb_uBRgV7apxxmAzjYnVJwReCkWpZ54SxG2V_FbZQNzlkCm8ZAaztUhUaxvfW4ORUPfhP6HhSjG6ynpR9tKpahAL9sJ_XQzSwqE5AzjNQSUGsyQ1u7rTb1XFZOHfkJNrGQjt7_GuuJ09in0joTqFQhLXz6AOlBCUa4mAxwQ6tQkncTHnn8aA--6wmWJitpCxkhI6g&sai=AMfl-YS-Gt-8aSB3Bo5y2fJg5dWnfbOW8B133HB7YIJfiDXBHB6n_yIUpy1FVYWa71z6BrG30HOV7kDqsjazpX8yyzZ-EHfw56Hr-lPg6iGKspMI-_dzL-KBnEV6HImhCR9uyA&sig=Cg0ArKJSzMpV6pW_tVfHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=1884043197
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://track.adform.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
last-modified: Thu, 03 Nov 2022 18:22:43 GMT
server: nginx
x-amz-request-id: tx00000e7d0e5ece80e7d6d-0063642c5d-32941e2b-default
etag: "394e33ae68d011d9829a124489a6c1f9"
x-cache-status: STALE
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-3859243/3859244
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
Content-Length: 3859244

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6853 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWraV4SHznJdwFSX8BgSvbuUyO2vg_1XZklOsUuCwGkEJrO60VyOtzc19bsho4drkFCq-11-rr1JI3Fd6ZAh8YAgL0eSr9eJk9T7m0vbMv_vrOSaWM&sig=Cg0ArKJSzO34DQ5Fda2NEAE&id=lidar2&mcvt=1000&p=74,315,328,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221102&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=2365433215&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667544642261&rpt=132&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secureg3sahibindenparamguvende.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 videoThemeV2.css
s1.adform.net/banners/scripts/components/styles/ Frame E6E9 7 KB
2 KB 183ms
183ms Stylesheet
text/css 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/components/styles/videoThemeV2.css?version=769
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 13685a4cbb636df27dce53ae2c21a3c12c8d3068e7d2cda954befc88476d170e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 12:06:53 GMT
server: nginx
x-amz-request-id: tx000009197b69c384efdf9-00635ba245-329373d4-default
etag: W/"9666862701d4cef94f112fb3a0dc1156"
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 45FC 35 B
469 B 27ms
26ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=59236495&event=25&time=1&baid=56160073&asid=11959692&name=Video%20Play%20Start&imprid=4855110858075915636&icid=2462998629043309735&eData=HCsF2J9ynZdJSbjghB_d3g-UOkQpSQHkYaJU2uM20NnTd-NiTxqoZwXcagVTFqHlOvRd-AO-wVpo4kOyoBiwbg2&rnd=339004842

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvMCD0PVwywLzZlWVYyMChzvTMIAwPz7_TdMp0eJDSyo_AmErZSv5Q5_4bN7gMYQb0SfXLwfIwUDFU6D_meYvdnoyVtW5sgzTUI-LnX4hh6po3XdrJWtr6NgenNgRw9ksywz6swz9lAKO7FBlt1g8mQ0ubb_uBRgV7apxxmAzjYnVJwReCkWpZ54SxG2V_FbZQNzlkCm8ZAaztUhUaxvfW4ORUPfhP6HhSjG6ynpR9tKpahAL9sJ_XQzSwqE5AzjNQSUGsyQ1u7rTb1XFZOHfkJNrGQjt7_GuuJ09in0joTqFQhLXz6AOlBCUa4mAxwQ6tQkncTHnn8aA--6wmWJitpCxkhI6g&sai=AMfl-YS-Gt-8aSB3Bo5y2fJg5dWnfbOW8B133HB7YIJfiDXBHB6n_yIUpy1FVYWa71z6BrG30HOV7kDqsjazpX8yyzZ-EHfw56Hr-lPg6iGKspMI-_dzL-KBnEV6HImhCR9uyA&sig=Cg0ArKJSzMpV6pW_tVfHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=1884043197
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://track.adform.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 pause.svg
s1.adform.net/banners/scripts/components/images/controls/ Frame E6E9 464 B
604 B 27ms
26ms Image
image/svg+xml 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/banners/scripts/components/images/controls/pause.svg?v=2
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/components/styles/videoThemeV2.css?version=769
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e371b155b4265ff5502f8e4ca700b519ed610410447e9b4a2624be3200896c6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s1.adform.net/banners/scripts/components/styles/videoThemeV2.css?version=769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 11:34:17 GMT
server: nginx
x-amz-request-id: tx00000c69b92ee852be0a6-00635ba246-329373d4-default
etag: W/"1821c7cfe08a7423daa8117277f1e3e4"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 sound-off.svg
s1.adform.net/banners/scripts/components/images/controls/ Frame E6E9 636 B
728 B 27ms
27ms Image
image/svg+xml 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/banners/scripts/components/images/controls/sound-off.svg?v=2
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/components/styles/videoThemeV2.css?version=769
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: fb1d4ff22f94ea801b5936e3ec933cb3ead164e6875efc8f3e25c118b179ec5e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s1.adform.net/banners/scripts/components/styles/videoThemeV2.css?version=769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:50:43 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 11:34:17 GMT
server: nginx
x-amz-request-id: tx000006f2856fe462f1b54-00635ba246-32941e2b-default
etag: W/"47412e847407c6436756ec163ba3d0a2"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

POST
H2 200 /
track.adform.net/serving/unload/ Frame 45FC 35 B
469 B 28ms
28ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=2462998629043309735@@59236495,4855110858075915636,100|1099|0|0|0|0|1240|1240|0||139|1|||||1|0|0|NH87Iu05c7vxBx_RTJEBJ631C_TGM-nkQo5cXEEXbn_UxZPXvrLxRvL_QlhaeLlf0||1|11||1099

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/adfscript/?bn=59236495;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvMCD0PVwywLzZlWVYyMChzvTMIAwPz7_TdMp0eJDSyo_AmErZSv5Q5_4bN7gMYQb0SfXLwfIwUDFU6D_meYvdnoyVtW5sgzTUI-LnX4hh6po3XdrJWtr6NgenNgRw9ksywz6swz9lAKO7FBlt1g8mQ0ubb_uBRgV7apxxmAzjYnVJwReCkWpZ54SxG2V_FbZQNzlkCm8ZAaztUhUaxvfW4ORUPfhP6HhSjG6ynpR9tKpahAL9sJ_XQzSwqE5AzjNQSUGsyQ1u7rTb1XFZOHfkJNrGQjt7_GuuJ09in0joTqFQhLXz6AOlBCUa4mAxwQ6tQkncTHnn8aA--6wmWJitpCxkhI6g&sai=AMfl-YS-Gt-8aSB3Bo5y2fJg5dWnfbOW8B133HB7YIJfiDXBHB6n_yIUpy1FVYWa71z6BrG30HOV7kDqsjazpX8yyzZ-EHfw56Hr-lPg6iGKspMI-_dzL-KBnEV6HImhCR9uyA&sig=Cg0ArKJSzMpV6pW_tVfHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;cpjs=2;ord=1884043197
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 06:50:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://track.adform.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CB20 28 B
54 B 34ms
33ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
X-Goog-Request-Time: 1667544645132
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/QASJggonHWE
X-YouTube-Client-Version: 1.20221030.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtQUUY0c2hSWWtYcyjC7JKbBg%3D%3D
X-YouTube-Ad-Signals: dt=1667544642602&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C522%2C250&vis=1&wgl=true&ca_type=image&bid=ANyPxKr4BvJLTByU2NHamYqsV3Z4fpsJVpsrOHcGOiaBs1O8CTUBLKqM_qx9aQqhzVuqT7yKnu5QPwXJMYMLngAubML9THuCSw

Response headers

date: Fri, 04 Nov 2022 06:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 04 Nov 2022 06:50:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: banaozel.sahibinden.com
URL: https://banaozel.sahibinden.com/ajax/login/info

Domain: banaozel.sahibinden.com
URL: https://banaozel.sahibinden.com/ajax/login/info

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/39228?ret=html&phint=geoip_city%3D&phint=geoip_isp%3D&phint=__bk_t%3DSahibinden%20Sat%C4%B1l%C4%B1k%2C%20Kiral%C4%B1k%2C%20Emlak%2C%20Oto%2C%20Al%C4%B1%C5%9Fveri%C5%9F%20%C3%9Cr%C3%BCnleri&phint=__bk_k%3Dsahibinden%2C%20al%C4%B1%C5%9Fveri%C5%9F%2C%20online%20al%C4%B1%C5%9Fveri%C5%9F%2C%20emlak%20fiyatlar%C4%B1%2C%202.el%20oto%2C%20ikinci%20el%20araba%20fiyatlar%C4%B1%2C%20motorsiklet%20fiyatlar%C4%B1%2C%20motor%2C%20kol%20saati%20modelleri%2C%20SLR%20foto%C4%9Fraf%20makinesi%2C%20cep%20telefonu%20fiyatlar%C4%B1%2C%20bayan%20i%C3%A7%20giyim%2C%20bayan%20%C3%A7anta%2C%20bayan%20ayakkab%C4%B1%2C%20gelinlik%20modelleri%2C%20oto%20yedek%20par%C3%A7a%20fiyatlar%C4%B1%2C%20mp3%20playerlar%2C%20%C3%A7ocuk%20oto%20koltu%C4%9Fu%2C%20bilgisayar%20par%C3%A7alar%C4%B1%2C%20klasik%20araba%2C%20tekne%2C%20%C3%BCcretsiz%20ilan%2C%20bedava%20ilan%2C%20%C3%BCcretsiz%20emlak%20ilan%2C%20%C3%BCcretsiz%20oto%20ilan%2C%20seri%20ilan%2C%20%C3%BCcretsiz%20i%C5%9F%20ilan%C4%B1&phint=__bk_l%3Dhttps%3A%2F%2Fsecureg3sahibindenparamguvende.com%2F&phint=__bk_v%3D3.1.10&limit=4&r=39884685

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXMuvjH-aKR4XS789uJMuLjNfpMWahCHe-EY0N3HUPH33tWoL758951535jpxuP4B4DDf-ZwEJAwQvrDgaWJTZZSRStvhM9PBr9A11rEmlLDTtt8nj&sig=Cg0ArKJSzMD8qQ_LV4SUEAE&id=lidartos&mcvt=896&p=74,315,328,1285&mtos=0,896,896,896,896&tos=0,896,0,0,0&v=20221102&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=2365433215&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1667544641159&rpt=147&isd=0&lsd=0&ec=0&met=mue&wmsd=0&pbe=0

Domain: track.adform.net
URL: https://track.adform.net/serving/unload/?version=15&unload=2462998629043309735@@59236495,2847335109634873351,100|0|0|0|0|0|217|217|0||28|1|||||1|0|0|NH87Iu05c7tcPlakbYq96a31C_TGM-nkKpG_ZuS17ukYt4RT_mxfcPL_QlhaeLlf0||1|11||217

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJfaBiG5l5IpgLEyFNL97tuOMt0YJuei30r0JlWsQrlaAqR_--3VbBlPpJQspxBkuFySXC5XD51HpGlqnVgJic-Z_Y-nHISHXCNdlBgpYR9AwTAQEf&sig=Cg0ArKJSzGm-kYWb7IK3EAE&id=lidartos&mcvt=0&p=1261,575,1351,1303&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=19&adk=3281038005&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1667544641147&rpt=200&isd=0&lsd=0&ec=0&met=mue&wmsd=0&pbe=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfPZnWbwBbj7t9z4cQiDhaIGXEfwraOg8ZhcMcUIttLQ_pyuw5ixUMbHFn2jj3M2QwrFt8DjEmrOJMFUEVlguC6kJHAoo91f3PK0kbxHtTKd866L_d&sig=Cg0ArKJSzFgbVQJnZ29EEAE&id=lidartos&mcvt=0&p=2053,521,2203,1356&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=19&adk=1812325220&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1667544641330&rpt=498&isd=0&lsd=0&ec=0&met=mue&wmsd=0&pbe=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQz5mSmqqM4D4ZRjlsjAjGKLdi3LADlovBw75UuOX-bGDhNGHE3hkTc-VfKu83EZ64WrQirJGQY65vtYyZTA7UOw7GDzuLVZ-1_aRH_MX8kZ942HdI&sig=Cg0ArKJSzG7BlzbugtX_EAE&id=lidartos&mcvt=0&p=2203,520,2453,1042&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=19&adk=4131813785&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1667544640988&rpt=239&isd=0&lsd=0&ec=0&met=ie&wmsd=0&pbe=0

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=A2y_iOpeG9o2qL2L&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com%2F&lact=653&cl=484918916&mos=0&volume=100&cbr=Chrome&cbrver=107.0.5304.87&c=WEB_EMBEDDED_PLAYER&cver=1.20221030.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=nl_NL&cr=NL&len=24&fexp=23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24214616%2C24219382%2C24230619%2C24255165%2C24287372%2C24292955%2C24293803%2C24396790%2C24406604%2C24406984%2C24407199%2C24407300%2C24408609%2C24409586%2C39322399&muted=0&docid=QASJggonHWE

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIRaIUGTxe_9t8UaKYwCS91wmP_thws6rLsIb8LVjZI5-weEpNDjiQCwNxXSwDGE5WOXfwtD5FziUuxxw4CdmSuYUNwBOqmBiiR4QruIpzINXgeteL&sig=Cg0ArKJSzNZmQI154WmNEAE&id=lidartos&mcvt=0&p=2203,1058,2453,1358&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=19&adk=1680882054&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1667544641284&rpt=206&isd=0&lsd=0&ec=0&met=mue&wmsd=0&pbe=0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sahibinden (Classifieds)

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sahibinden.com/	1970-01-20 16:48:24	Name: vid Value: 345
.sahibinden.com/	1970-01-20 16:48:24	Name: cdid Value: JKfDLMVniEccLkg26364b640
.sahibinden.com/	1970-01-20 16:48:24	Name: csid Value: sJ9p08OkbQL9eYbsYL25UXDWZxM1IqyNEk2qsJWnLW7+LdR00q/KNPI1L5uvqEzvGLWNFasY9pbWnCsUZRs0vC7c5LVCw7B7Szjyj4QiS6l1inRqmSSDo+bVTTO8Hgzede3Lynir+QZh4iRGO5SFr5dIaPzhwpOUYOmLBGXXy3vVi3zBKg4U9OwTc/Q5QDn/
.sahibinden.com/	1970-01-20 07:12:26	Name: __cf_bm Value: UlDyUJmya6gHeODtAdVzEYir6qoKaKUB.zpQuYtSWys-1667544640-0-AcUCnWFMkDtCne1PR9srGXE+/PPB8vL/m0+A3hW/VmlMCRFEYSJnzFNQsINKfUT2/ihK13lM2z488uSY4WFYyeA=
.secureg3sahibindenparamguvende.com/	1970-01-20 09:22:00	Name: _gcl_au Value: 1.1.1912195257.1667544641
.secureg3sahibindenparamguvende.com/	1970-01-20 09:22:00	Name: _fbp Value: fb.1.1667544640709.1965532359
.secureg3sahibindenparamguvende.com/	1970-01-20 16:48:24	Name: __ssid Value: 6d84a061df385381a5fe526ad44ceb7
.adform.net/	1970-01-20 07:55:36	Name: C Value: 1
.doubleclick.net/	1970-01-20 16:34:00	Name: IDE Value: AHWqTUmLtihmOcmxXrIWgGlRVsGA1yHEsOdAJzJRyo_3Y3QwFYFOM8KUSyAGBH_9zTw
.secureg3sahibindenparamguvende.com/	1970-01-20 16:34:00	Name: __gads Value: ID=ab1b75918a118e9a:T=1667544640:S=ALNI_Ma1Wg7dUoiEYIbYGH3GOz6KTNjjhg
.secureg3sahibindenparamguvende.com/	1970-01-20 16:34:00	Name: __gpi Value: UID=00000b7c7f0eab53:T=1667544640:RT=1667544640:S=ALNI_MZXlDQ8izHh8RWaJ5-bG1jVxxxdiw
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: UQQzNJbX1y8
.youtube.com/	1970-01-20 11:31:36	Name: VISITOR_INFO1_LIVE Value: PQF4shRYkXs
.adform.net/	1970-01-20 08:38:48	Name: uid Value: 2462998629043309735
.adform.net/	1970-01-20 07:22:29	Name: TPC Value: 1667544641482

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i0.shbdn.com/photos/28/71/23/thmb_976287123a6j.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.sahibinden.com/kategori/emlak-projeler/ Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://www.sahibinden.com/kategori/emlak-projeler/ Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i0.shbdn.com/photos/38/70/66/thmb_1013387066ey5.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secureg3sahibindenparamguvende.com/ajax/counter/projects/increment Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://secureg3sahibindenparamguvende.com/ Message: Access to XMLHttpRequest at 'https://banaozel.sahibinden.com/ajax/login/info' from origin 'https://secureg3sahibindenparamguvende.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'null' that is not equal to the supplied origin.
network	error	URL: https://banaozel.sahibinden.com/ajax/login/info Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://secureg3sahibindenparamguvende.com/ Message: Access to XMLHttpRequest at 'https://banaozel.sahibinden.com/ajax/login/info' from origin 'https://secureg3sahibindenparamguvende.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'null' that is not equal to the supplied origin.
network	error	URL: https://banaozel.sahibinden.com/ajax/login/info Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
banaozel.sahibinden.com
cdn-ukwest.onetrust.com
cdn.sift.com
ce6319ad7c43d97d371ebcd1753e2980.safeframe.googlesyndication.com
connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
hexagon-analytics.com
i.ytimg.com
i0.shbdn.com
image5.sahibinden.com
jnn-pa.googleapis.com
pagead2.googlesyndication.com
s0.shbdn.com
s1.adform.net
secureg3sahibindenparamguvende.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.doubleclick.net
static.sahibinden.com
tags.bkrtx.com
tags.bluekai.com
tpc.googlesyndication.com
track.adform.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sahibinden.com
www.youtube.com
yt3.ggpht.com
banaozel.sahibinden.com
pagead2.googlesyndication.com
stags.bluekai.com
track.adform.net
www.youtube.com
104.18.10.173
184.24.6.87
2606:4700:4400::6812:2962
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:806::2001
2a00:1450:4001:808::2016
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.102.232.42
34.96.67.224
37.157.2.237
37.157.6.234
52.233.252.195
69.192.160.219
85.153.138.181
85.153.138.73
029b6281d992711b9f72a33229905734c5f87bbf7d7c0fd154b238a64745fcf0
042454f86604ac81ea995584a9665f9592fcd689fc09ee8c31468cc11fc4b1e7
05b8653a941b989ca3038203a25d699dde554b0c976cd76e01fa8b8055b8b857
0859b5ac6be24f29f4c93380fd4e02fe8a37e840286f55c0d4b4fcfdbdb0d701
089c55a40992eb010120cd2dbc209e75b7eee50db7b91403985d303627541b64
0949334ca6d10831fb16720d631d7d4f3fc24296be714e8a1dc7cf37e5a4cb5d
0a9e8c4bdfe123d1b0b73263cb9c16321b8d147484b3f425d36e8af80b1b7a02
0d69d109cd164771ed1bc277c0657302d389cb463d1d39aa54c73f6bb350f165
0e124860d2af8ff60c41f3acde3aeed89e77ce56a8713f93d3876adc77a05e89
0f8e789439d7c1acb29f96b44d113d2cf782d19f0250559ccda58af8a6400693
132888750f209f4af6f387956528a7b14e4fdd93605b25314feb518b5fae27a3
135d9685d0c8f1d42aeb14355254a03982ec465657c4d900353e8e9835c96313
135fbdb5ad240b09bab468cfaa2f1afff62615fe961b638dfce19d68d980e387
13685a4cbb636df27dce53ae2c21a3c12c8d3068e7d2cda954befc88476d170e
145490dd8e1c98afc1f98b9b89a1ee9479f00bab1a20d140ee4ec9e6d8db3573
16704446839b353bc6f4253d5dd6920457a4bf640d34a1e640aa4ebe89a06829
173981b6b3688a4197d33a6cec94459ba352f9fcde4ee48e59334c7e377a71f9
199785f9eb06ae04bb5a618779db48f1a0069a75083852952044c9e8916e6089
1d66a4f340dbdfeda8747fc08cbffba2ec22be9668ba98a69145cd7fbdfdbdfc
1e1765fdfe102fca2550a34c864e02ec8737336b7127b0a5563d066c10e40bc7
20738a2eb3eac0799cc62a59317a3e6d9427d0bae220790b5676ffb7d1ca40f6
20d073216aa771bb9e87ad7ecc280eaea22a68bc461a48d8b5589079a8cb8eb0
226475e4cf18d1dd01990a6b0d9ca5022e7a8020a8e84dde81513ff3495e7da9
22ff99787c5f2a8427efba2e3ea43abe5d07149d350fa7fabe73287341378656
244470b190d15ddb8725c831ed3c65c2d6560599224880a92be57618a072855d
24dbe47be92dc803180399f3bbede24ef2ac4c73821ab2f3af5a5ac766579680
2587dc90996e1c8e061ba5114c24f3dc5e742e810cf4eb8a468daa7ca79af37f
25a54f0e39f550938dc7d88ecf3ce1fdc0c745eb41c6263456f6db51830eba9e
265bc2d568a11169494c5557bc88f41354ad39e0b83f418bb48c712bf884c2aa
29f83212b1b151f57e5fc0c3078e9a46bdaf4ab87b8bb5b6f1871fddde7056c3
2b5aeaf9d1fd6e90788e5238257f2dea0d3d4704476e3fa6f287f9a7a8d0ef70
2b63ace158af3a33d574702cd0ca8081c2cf4030c00c070d723b1c8b8538f0f3
2bc342ab9f4dea0eb0b244afb0e55862e8f8eadf462e36b16c3bdf6b33c0f87d
2dc10413c3504f5fe304a4f5ee322ab042147251639a2a0fdb6610eb82e882e5
2e6a8518c3ce19b9bccd495859cb99c795dc6033f3d30a19669ce27aee99e47d
300687b9e712f18d6688d417cd5fd7efe34dd2220c9f12eed9a4ca49c0bd025d
32ba12f52a73ca68c527f700a200a0537432791e3ec8bd71b06fc3398fb6ad4c
33dc01d5af706aa1942b8365a41e0f5d67fe158a7310a868d6725ae476f05cc0
353b2feb891c7c62905b13e00a805f1d3fe17c2351ade739493e2f08fbe8c9d3
38ae04895216a5a8a902acd955c5760ec366203299cac6252e7294a98de3dc6b
396ef3726154d303c78693108cfe0f640bfcc10a005f28b82347ed4cf334f967
39caaab55f7e3db03570fc994b879907bd5fa524fa0d733577381143195cdd15
3a29301f8fa867418f936a52e29cdcc2e4db7c6305b264bd49cab60e3d888bc4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4022ddb53fde666a9bb5feabbcd14ac9a8c7d765bb6e9dd4a3b2223c32eb83c8
41a960dd1339b86a493c8de436f5a498931ea48a02b7ea7b7dd447eece7b5c5f
41ff65fb4f9b6f2fa9c9d025c2e9b0c9e09a2aee6f32266d19ee93c8af4dacbf
44d5d435a5aea2acbbf2fd8fe6b8d146ef75494db62115a17090182154580d56
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47cab2055b63eb4e005a7761abd4299b3c35fe8613144d9f5fcf0de9e7460c89
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a0cdb0b55b18dec492034480072cc8c5968cc92a5720244a89bce8de14b93a9
4bd34adb4c54a974e22f0b91b0bd32e9dd27db57dcfadff0fc36cd1a83e084f4
4bd4837c46645010477fc86981ebe2753ea0ab85fb47c688090f295e401831b5
4ce246a6e4310173249108dd6bd3cee613d30177877f415626d63270595e7040
4fcfe8f3df74301ed41f11d4d747edaeae1d3b5d540559aac296f6230c659931
51771b1a6e2a42380d4cda0d660d28656458f909d2e54ad3a7ffc8e4a4618ba1
523ee90d17489bb368ef1474d5fcada7696e8508069c8a81b02e37e899f78ea1
52944d263cf68eed6446878915f0abd61bf849583c3bd8f6b9241b68ddf7ebbf
532a8e65348794f09d3decd5b7aae67a0acdea25b0ad787c604edc4d02f29709
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571b79cb68dbd4d1fbbb4c374ce65a7980c598feb5268c4efbe2ecbfb3bb160c
58eca727604c51ea39ea5226a9e70031e5087a9fcf2ec5f9848f043779ef301e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b08bb1324b4b22f87f3a1a246075158197e9315d1fa830360c0a9807e7ee81b
5da564ff5d717ad8c90f3f70a21020749eb54bcbf777e2b99fae79b16e920a98
5dd689afb1765e844f5aed12487f28fd215ae11cb5b87b6d3567814b879204e0
60dcadd340dd2412ec6bb1c74657bef683e1debeb3ebffcbfefe79149e877359
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625f297db9caaa4dfd8fc4e526b8f87668658aa89b48850baa62dd15b72f45b2
6402c8da7764d9953005be29e32b6ec41880d67e57e98b747146ff6386011efb
6470009192203d51e397ab6e630b9c7793e94f114b8590e66726d0a94dff481b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a2c7bfb36ae8b60a38dc17ce1b36f640243cc9cdb227c43aabff9736f85232f
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
6c4983067c8338ca679076be09bcb927795b486461256446e01a775803e4a3a3
6c8ccf43f3043e7ed7de32b3e55ff3e8da66f79bd5dd3f58a6c108b8445c5a15
6d38e3f42d2b996c9444d172a20ee8fa651485cbf0127f7cc79d3b47fa465229
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
756685b686f2a316114d3cd82e1cd5fb33fe32b7e541aa1bb53f6f6f489de247
758195006caef972efce32f02801b49d6df67f45326767a533aa57169cff9b96
75b5fedfb4183ada888c57b48514b06ebe7166cb649b28a81506b7e593734983
7865f573443123a3a839956b13619680221514563ab784b77e1654b0dc600373
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
79f9290954cd0aaf423f6d12badbd55063b5afe4ad8056d01766964bcb75363d
7a94ce2f369ba8e14c323413d49d056dacea04111c2356c9bc063e0d632a6c46
7adf32abad9d52805b4e7f1416115c610906dcae0812ec33315ae85a9f115440
7c1f66940e22d66301667eefccc248df97e5309985b48dd11e5329dffd9e8a7c
7cdf837975fc10d9ac1d4b14ecbe6b343989c42ba54b8fe2fbb0b074f0459292
800a5ecf1b4eea2da9ba7994f993d266e383792b2173f5d323592f68f5bb90d7
804452fcf1d17cc71e7ba2d286c26f9ef1ec33b1c874e238f174bfaa582c1ff2
809be4e88992dbaed5f252ff30ebcd0d925065a578b7dca32f96306791de84d7
80cb07f384d0ba20c455faf5042b46e7171d37bddbe1d5411e99c6a8d1e76a1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854f8d8d3450e9918bf7492a62c87cee4c27d250ce59c9464a64760fa72f1d68
875c10f84e92eb11a517984191d51aa87dc5f2e5db5bc9d2979b49559d670fb9
8760e9214111895d236fdc98eb7386ca8a5b576b96b25c489c8eec3416e1a9e3
8878d86cde8c46058bd664a86f161a6347df290b9a89acc05e5e1c02003ae921
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
890c08d98572b201dfe4af28ba26243edcd20178de96473f182c8c586d1d556c
89b18a7d4c82e76ede5110c86e82655eea78ccd4bdc6086ee27b715746f96c07
89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5
8e5b3db565036219e63146b381a63e38f4b126f2164753ad42af8a912b399432
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93505adfdcdf8f1974953a9ab27a2fb2037dc1d203cd8a7941e61d35a1edd015
94e286a4a63623b4e64017a3eac0eca0888d298c3a6e6da11ffcf9cfec61c9ff
952fe98642c12debdeed81fe2dfff28284fa855929ff4ad0eaaac249755e2251
99a904573c091f27516a66969b1b1d3df5fb53cc0e6085f566982e9e1d5e0244
99ea21b21247429f160b378fa513d25d14773cf72fc7611d91495d9ee5264409
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
9e69888ea0cb4421ac721fe340efffb88c3e7e6917169949656b7bae92218a53
9eb46e4f4994fff31fc170dd73c451444ce334eba3b99f8d483fe9fe030ddb51
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c21f821670a78f2293d9472e69fdd5254c9f504bb715cc9ecf0cdd366979e7
a56f5476f9eb34977206de87edbac5ede117223eab875426fd6bab021c9b9ae9
a588300ee9e914f5ac8f7634a3f68e2b78ac36e35e169f211f2e4d513f63caab
a61f4764ca0397c54a0a909f8893f4869823a99384675feb591c58a802c5b9a2
a670e6091e74c0ae54446a7bce34f602797e9e6596f95c23a45df26c60e7dfc9
a73f9b6d1e2afcc9bbaa6b2ff012c88ad9976725532c170c7d61ba741a3d578e
aa31cedf1bbf858284606133dacbc2b8831d1ae70a97bbbcdf87e819ceeb96a6
aca5f9dbcbe39a107bc17b9c36065a1c04d3aa1ad1b6550c91a011812c6481b9
ad4d903d2d44568af2d90bed07feb8a22442e4add6b959f235c183465b36196b
af35391336179ac692442637b95488641864cb93122a39e05e7ba18af18ce288
affe37b465da5c8e7605b32ce0f19dd9c4d10a73f9a9c73484c98336bb6af25d
b0c3a8b73a1e8310dbbbb360a2d7179f57a808caa5b3130a4e54f83ca2db799a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d8da716ff2594b4b67fc27ca8f9bab6826ec3706091f59a6678fb05561addb
b39b5e9fefa16c6e90b03a0c616878beb2633594fa26b29c8dac4bb4cfa5ed3a
b4068760bb1fca2dca6b86a1e164686918609ebe02bc23b6264156d53a5ae3aa
b40a6b4901212b611472999a4f3b0c0347813ae58891aa0019c55521ef7b7eab
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b53aa1d969b62760552b9f4bc62677d467ebc008b0d284558c04728ef3be5eba
b6664c4d244eff2c65e85d138b8b92511700f68bb26c58a45e13600f55407155
b8dc0982f0070cb72f613cf3fff323b94e5e5174531bd5c1a649e759a6207d60
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bdc193e685997d86af4a293c2feb6c42389cb08511b867d5ee04c345cd33c64a
be5962e1cec02200366ee90bc16ae755fd4b7354c90e628b2660739db5f9c680
be6c756d6018f907ac9b8ff853e1ddcd59922a725db6130313c02f52629691de
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c10a2de8f1b0221a6c9262b05e6875250bba9e8306491b57d87b733464fb3897
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c509a5530f8d58bd692204b884e689f2a874631d716c560abb6cbd6940eb4ffb
c692a6766833ecd8faa44a99011f03cfca1a1c819aa5c9edf197115306767d39
c6e7abb3cd0bc3ce900ed92137f7827184d23f5d547e7d07be76c4c70d883d70
c831e1ca21a06efa859224ad33e9cb73209290f677a1e1e0033206cf6af733cb
c84e9a9ee67f4576ac555b7f5c543c5f38bd310a52f84ec67fe2ae86d2c32073
c871b6a1cb8370ff1a23ea43d1417cd5a9b1de6bad30de2dbf3a54542d7d2ead
caa61e49abaf63b68255edae4087c5835add9a5906c7d35ee1479e980847ab51
cb9c3de53698737781d648714d0b167f3ffbad9cae453393032d4347933e137d
cde38eccaafc3664abdc68a0b06bf48a9d5d8a822bfb40cc0d03cb0f65412d25
ce331bf5c6c5e330f399d37e697146dd66cbc23038c122adba0b3cd3b1fe2781
cf83ab610a76346516edf7982ea17113793e77ebc32752d8c657b43d33adfd9d
d1022f3a2da27dd7b6d86e5d0e2dc95fbfff13a35b97769f3918a61ea24264df
d250addc678adbf8fae04975dc2fac402336c949bfbdcdb3788add23069202d9
d3c70cf0f97883d616dca300edb9cc26b50cfcf9eecfd53821145b615e4dbc31
d552913a94e926a6e997baf6e1cc6199e49c06f4212ce7a79601003eaad49259
d6aac4b7c20a6113b3c3c3a57efd343377401ffb7b030af99ed5c75e2cd9bb2c
d73c07f849ce47a3cb3df93a3dd26e92dac561b7eac26b04e7ebefca4f83e0cc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d87f584d5d64bb91e43f7947c89bed10d8b40fa8e46150b6217eb89bc8a243c3
d893550b5b7f04e5501eff0ac81633bb5d112b615572b5f6cd90cdb89db82067
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
dca4e2b9ca423c6056ca5ac711c2f8e7c2011407c5d71363a734eb1d7e7434a6
dec176c33b21311a166c1e5d7b3da5c5b0bf52d7f61fad3db5ef454b4c88bb66
e371b155b4265ff5502f8e4ca700b519ed610410447e9b4a2624be3200896c6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e772fc22762855b99fb206191a3beaa4a0994aa30b43da1511ae8c22e24573c5
eb29d3ea12f4427935fa71b98e149344252c134ca7f78c29cc822b0846182c15
ebafe4ee64e2e6c1ab41ec3bb45ca028cec155774784afa608604d60eeac0e92
ebdd45b769d30106a6cab38a7383fd158695fb8f13be53782ed14a16b6b2c374
ed83e2eac41ac51f344f29661ef2fa58c89a93efd1f3999aa204cc292ca272c9
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5f6bdd8c7b8e9421a4a9a192b5964d536f0e6f114a7729d14342024896da804
f851eb2b8cd1a31aefffa6c4a5d6dc1518fbd5da79466093b7ba0b01ef55eb39
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fb1d4ff22f94ea801b5936e3ec933cb3ead164e6875efc8f3e25c118b179ec5e
fb589526ee553a3625c42787485a4dab000ed1c9af6d6a449a17bc7e5299f029
fcbcdc99957ee59c1a3d1a2d8cf4f4ee9b52c0eee8d745461851858838678d84
ffed03a64fdf15a9341bf831a169313677b93bb658e2e8725defa1f0281b19b3

secureg3sahibindenparamguvende.com Open in urlscan Pro 52.233.252.195 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

289 Requests

96 %HTTPS

69 %IPv6

23 Domains

36 Subdomains

33 IPs

6 Countries

5368 kBTransfer

20768 kBSize

15 Cookies

124 Outgoing links

Page URL History

Redirected requests

289 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secureg3sahibindenparamguvende.com Open in urlscan Pro
52.233.252.195 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

289
Requests

96 %
HTTPS

69 %
IPv6

23
Domains

36
Subdomains

33
IPs

6
Countries

5368 kB
Transfer

20768 kB
Size

15
Cookies

289 HTTP transactions
14 data transactions