eksisozluk.com Open in urlscan Pro
176.53.43.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://eksisozluk.com/virustotal--1675794?p=3
Submission Tags: falconsandbox
Submission: On October 30 via api (October 30th 2020, 9:31:33 pm UTC) from US

Summary HTTP 128 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 34 IPs in 9 countries across 30 domains to perform 128 HTTP transactions. The main IP is 176.53.43.6, located in Turkey and belongs to RADORE, TR. The main domain is eksisozluk.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 26th 2019. Valid for: 2 years.

This is the only time eksisozluk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	176.53.43.6 176.53.43.6	42926 (RADORE) (RADORE)
3	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
11	2606:4700:303... 2606:4700:3034::6812:25c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::681b:8732	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9 18	138.201.212.22 138.201.212.22	24940 (HETZNER-AS) (HETZNER-AS)
3	31.186.26.160 31.186.26.160	199484 (BETAINTER...) (BETAINTERNATIONAL)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
3	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	35.157.10.141 35.157.10.141	16509 (AMAZON-02) (AMAZON-02)
3	176.53.43.14 176.53.43.14	42926 (RADORE) (RADORE)
15	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 4	149.202.204.241 149.202.204.241	16276 (OVH) (OVH)
1 3	2.19.34.195 2.19.34.195	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 6	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1 1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
2 2	52.17.253.7 52.17.253.7	16509 (AMAZON-02) (AMAZON-02)
1 2	3.121.118.243 3.121.118.243	16509 (AMAZON-02) (AMAZON-02)
1 1	18.197.91.241 18.197.91.241	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c01::9b	15169 (GOOGLE) (GOOGLE)
1	149.202.200.33 149.202.200.33	16276 (OVH) (OVH)
7	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
128	34

5 176.53.43.6 (Turkey)

ASN42926 (RADORE, TR)
PTR: server-176.53.43.6.as42926.net

eksisozluk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3034::6812:25c6 (United States)

ASN13335 (CLOUDFLARENET, US)

ekstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seyler.ekstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::681b:8732 (United States)

ASN13335 (CLOUDFLARENET, US)

nativespot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 138.201.212.22 (Germany) 9 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.22.212.201.138.clients.your-server.de

app.networkad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.186.26.160 (Turkey)

ASN199484 (BETAINTERNATIONAL, TR)
PTR: reverse-31-186-26-160.turkticaret.net

app.gelirartisi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.10.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-10-141.eu-central-1.compute.amazonaws.com

serv.nspot.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.53.43.14 (Turkey)

ASN42926 (RADORE, TR)
PTR: server-176.53.43.14.as42926.net

seyler.eksisozluk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 149.202.204.241 (Brétigny-sur-Orge, France) 1 redirects

ASN16276 (OVH, FR)
PTR: lt1n.host.hit.gemius.pl

gatr.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.34.195 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-19-34-195.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 77.243.60.138 (Brønderslev, Denmark) 6 redirects

ASN42697 (NETIC-AS, DK)

uip.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.246 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.253.7 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-253-7.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.118.243 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-118-243.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.91.241 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-91-241.eu-central-1.compute.amazonaws.com

l.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.202.200.33 (Brétigny-sur-Orge, France)

ASN16276 (OVH, FR)
PTR: ovhfr1.host.hit.gemius.pl

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	doubleclick.net 2 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net	146 KB
18	networkad.net 9 redirects app.networkad.net	76 KB
16	googlesyndication.com pagead2.googlesyndication.com 7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com tpc.googlesyndication.com	378 KB
11	ekstat.com ekstat.com seyler.ekstat.com	161 KB
9	gstatic.com fonts.gstatic.com	95 KB
8	criteo.com bidder.criteo.com gum.criteo.com	1008 B
8	eksisozluk.com eksisozluk.com seyler.eksisozluk.com	44 KB
6	adform.net 2 redirects track.adform.net s1.adform.net adx.adform.net	19 KB
6	semasio.net 6 redirects uip.semasio.net uipglob.semasio.net	4 KB
6	google.com 2 redirects www.google.com adservice.google.com	753 B
5	ampproject.org cdn.ampproject.org	106 KB
5	gemius.pl 1 redirects gatr.hit.gemius.pl ls.hit.gemius.pl	12 KB
4	google.de www.google.de adservice.google.de	904 B
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	36 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	criteo.net static.criteo.net	36 KB
3	gelirartisi.com app.gelirartisi.com	65 KB
2	sharethis.com 1 redirects sync.sharethis.com	632 B
2	adsrvr.org 2 redirects match.adsrvr.org	986 B
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagservices.com www.googletagservices.com	45 KB
2	adrecover.com delivery.adrecover.com	12 KB
2	googletagmanager.com www.googletagmanager.com	38 KB
2	googleadservices.com www.googleadservices.com partner.googleadservices.com	12 KB
1	rubiconproject.com fastlane.rubiconproject.com	2 KB
1	creativecdn.com prebid-eu.creativecdn.com	168 B
1	consensu.org 1 redirects l.sharethis.mgr.consensu.org	389 B
1	mathtag.com 1 redirects pixel.mathtag.com	634 B
1	nspot.co serv.nspot.co	264 B
1	nativespot.com nativespot.com	1 KB
128	30

	Domain	Requested by
18	app.networkad.net	9 redirects eksisozluk.com
14	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net eksisozluk.com
9	fonts.gstatic.com	fonts.googleapis.com
8	tpc.googlesyndication.com	eksisozluk.com cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
8	ekstat.com	eksisozluk.com ekstat.com
7	bidder.criteo.com	static.criteo.net app.gelirartisi.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	delivery.adrecover.com pagead2.googlesyndication.com
5	www.google.com	2 redirects eksisozluk.com
5	googleads.g.doubleclick.net	1 redirects www.googleadservices.com pagead2.googlesyndication.com eksisozluk.com
5	eksisozluk.com	eksisozluk.com ekstat.com
4	uipglob.semasio.net	4 redirects
4	gatr.hit.gemius.pl	1 redirects eksisozluk.com gatr.hit.gemius.pl
3	7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	seyler.ekstat.com	seyler.eksisozluk.com
3	track.adform.net	2 redirects
3	sb.scorecardresearch.com	1 redirects eksisozluk.com
3	seyler.eksisozluk.com	ekstat.com seyler.eksisozluk.com
3	www.google.de	eksisozluk.com
3	static.criteo.net	eksisozluk.com
3	app.gelirartisi.com	eksisozluk.com app.networkad.net app.gelirartisi.com
3	fonts.googleapis.com	eksisozluk.com seyler.eksisozluk.com
2	s1.adform.net	app.gelirartisi.com s1.adform.net
2	sync.sharethis.com	1 redirects eksisozluk.com
2	match.adsrvr.org	2 redirects
2	uip.semasio.net	2 redirects
2	www.google-analytics.com	eksisozluk.com
2	www.googletagservices.com	eksisozluk.com pagead2.googlesyndication.com
2	delivery.adrecover.com	eksisozluk.com
2	www.googletagmanager.com	eksisozluk.com
1	adx.adform.net	s1.adform.net
1	gum.criteo.com	static.criteo.net
1	fastlane.rubiconproject.com	app.gelirartisi.com
1	prebid-eu.creativecdn.com	app.gelirartisi.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ls.hit.gemius.pl	gatr.hit.gemius.pl
1	stats.g.doubleclick.net	www.google-analytics.com
1	l.sharethis.mgr.consensu.org	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	pixel.mathtag.com	1 redirects
1	ajax.googleapis.com	delivery.adrecover.com
1	serv.nspot.co	nativespot.com
1	www.googleadservices.com	eksisozluk.com
1	nativespot.com	eksisozluk.com
128	46

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
seyler.eksisozluk.com
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
*.eksisozluk.com Go Daddy Secure Certificate Authority - G2	`2019-10-26` - `2021-12-25`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-30` - `2021-07-30`	a year	crt.sh
*.networkad.net RapidSSL RSA CA 2018	`2019-11-21` - `2020-12-20`	a year	crt.sh
app.gelirartisi.com Let's Encrypt Authority X3	`2020-10-07` - `2021-01-05`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2020-10-09` - `2021-10-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
serv.nspot.co Amazon	`2020-07-01` - `2021-08-02`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh

This page contains 12 frames:

Primary Page: https://eksisozluk.com/virustotal--1675794?p=3
Frame ID: EF70DD26D5645195D44D547BD7D2EF6C
Requests: 92 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WXV2Z47
Frame ID: 3AB19F3E600E85EF5F188B8E984EE7D0
Requests: 1 HTTP requests in this frame

Frame: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white
Frame ID: DE5C86DC84D80E9F6A426F9ACA8E755D
Requests: 12 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 763DB9B6F195196C24F923A5681C5BFA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201027/r20190131/zrt_lookup.html
Frame ID: 2D76F2328F1DE533AF73AA2D896A9851
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3191894791526522&output=html&adk=1812271804&adf=3025194257&lmt=1604093475&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604093475211&bpp=15&bdt=403&idt=61&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7445657063060&frm=20&pv=2&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&ga_fc=0&iag=0&icsg=2251799813726880&dssz=46&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21067654%2C21066705&oid=3&pvsid=1724390901512970&pem=200&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=78
Frame ID: DBAF4DDFA07AC98F567CCA1F860E2876
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Frame ID: 149F0F49B129F0BD228A0AFAE682C801
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=eksisozluk.com
Frame ID: 59DCF0A865DA2860910A3AA0358F78B3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: B5FB8653E7319C49B4FBCF72C3F1E76F
Requests: 1 HTTP requests in this frame

Frame: https://7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 6F2E333863F08A977EFD37C6AC42FFF5
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/banners/scripts/video/outstream/recacheFrame.html?rnd=1604093478453
Frame ID: 514B6613E79339FDF6A976E47709F44B
Requests: 1 HTTP requests in this frame

Frame: https://7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 1B63AD97AFCE2BB79AECB54678C6FD7B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i

Page Statistics

128
Requests

100 %
HTTPS

42 %
IPv6

30
Domains

46
Subdomains

34
IPs

9
Countries

1304 kB
Transfer

3635 kB
Size

14
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/penavideo
Title:

Search URL Search Domain Scan URL

URL: https://seyler.eksisozluk.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Feksisozluk.com%2Fentry%2F92117976&p[title]=virustotal&p[summary]=%0A%20%20%20%20%C3%A7ok%20say%C4%B1da%20antivir%C3%BCs%20yaz%C4%B1l%C4%B1m%C4%B1%20%C3%BCzerinden%20online%20olarak%20tarama%20imkan%C4%B1%20sunan%20harika%20bir%20site.%20tarama%20i%C5%9Flemi%20olduk%C3%A7a%20k%C4%B1sa%20s%C3%BCr%C3%BCyor%20ve%20tamamen%20%C3%BCcretsiz.%0A%20%20&p[images][0]=https://eksisozluk.com/content/img/ilogo_fbv2.png&v=1
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Feksisozluk.com%2Fentry%2F93079403&p[title]=virustotal&p[summary]=%0A%20%20%20%20daha%20iyisi%20i%C3%A7in%3A%20(bkz%3A%20hybrid%20analysis)%0A%20%20&p[images][0]=https://eksisozluk.com/content/img/ilogo_fbv2.png&v=1
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Feksisozluk.com%2Fentry%2F105999791&p[title]=virustotal&p[summary]=%0A%20%20%20%20%C3%A7ok%20%C3%B6v%C3%BClm%C3%BC%C5%9F%20ama%20gizlilik%20polikas%C4%B1ndan%20s%C3%B6z%20eden%20olmam%C4%B1%C5%9F.%20korkun%C3%A7tur.%20kamuya%20a%C3%A7%C4%B1k%20olmayan%20hi%C3%A7bir%20%C5%9Feyi%20bu%20siteye%20g%C3%B6ndermeyin%2C%20bu%20siteyi%20kullanarak%20taratmay%C4%B1n.%0A%20%20&p[images][0]=https://eksisozluk.com/content/img/ilogo_fbv2.png&v=1
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sozluk
Title: instagram

Search URL Search Domain Scan URL

URL: http://twitter.com/sozluk
Title: twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/eksisozluk
Title: facebook

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://app.networkad.net/netasync.js?zid=314&hbid=1 HTTP 302
https://app.networkad.net/netasync.js?isAvailable=1&zid=314&hbid=1

Request Chain 4

https://app.networkad.net/netasync.js?zid=313&hbid=1 HTTP 302
https://app.networkad.net/netasync.js?isAvailable=1&zid=313&hbid=1

Request Chain 5

https://app.networkad.net/netasync.js?zid=317&hbid=1 HTTP 302
https://app.networkad.net/netasync.js?isAvailable=1&zid=317&hbid=1

Request Chain 6

https://app.networkad.net/netasync.js?zid=318&hbid=1 HTTP 302
https://app.networkad.net/netasync.js?isAvailable=1&zid=318&hbid=1

Request Chain 7

https://app.networkad.net/netasync.js?zid=319&hbid=1 HTTP 302
https://app.networkad.net/netasync.js?isAvailable=1&zid=319&hbid=1

Request Chain 8

https://app.networkad.net/netasync.js?zid=320&hbid=1 HTTP 302
https://app.networkad.net/netasync.js?isAvailable=1&zid=320&hbid=1

Request Chain 9

https://app.networkad.net/netasync.js?zid=321&hbid=1 HTTP 302
https://app.networkad.net/netasync.js?isAvailable=1&zid=321&hbid=1

Request Chain 10

https://app.networkad.net/netasync.js?zid=302&hbid=1 HTTP 302
https://app.networkad.net/netasync.js?isAvailable=1&zid=302&hbid=1

Request Chain 19

https://app.networkad.net/netasync.js?zid=571 HTTP 302
https://app.networkad.net/netasync.js?isAvailable=1&zid=571

Request Chain 21

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/?value=0&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/878852058/?value=0&guid=ON&script=0&is_vtc=1&random=1257956855 HTTP 302
https://www.google.de/pagead/1p-user-list/878852058/?value=0&guid=ON&script=0&is_vtc=1&random=1257956855&ipr=y

Request Chain 46

https://uip.semasio.net/omdtr/1/info?_referrer=https%3A//eksisozluk.com/virustotal--1675794%3Fp%3D3&sType=view&nCampaignId=1&nJs=1&_ignore=35520552497871450 HTTP 302
https://uip.semasio.net/omdtr/1/info2?_referrer=https%3A//eksisozluk.com/virustotal--1675794%3Fp%3D3&sType=view&nCampaignId=1&nJs=1&_ignore=35520552497871450 HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=eee35f9c-8623-4100-a41a-fa2782972441&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://track.adform.net/serving/cookie/match/?party=1008&gdpr=&gdpr_consent= HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=1008&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2947629299208664727&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RkY2MUE3M0Q4QkE4MUJDOA&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKIp3efj3gf48D7Oba0zH1o&sInitiator=internal&google_cver=1&gdpr=&gdpr_consent=&google_cver=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=4b6504f8-1481-493f-af02-4f2135a89f0d HTTP 302
https://sync.sharethis.com/semasio?uid=FF61A73D8BA81BC8&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D HTTP 301
https://l.sharethis.mgr.consensu.org/rd?rurl=https%3A%2F%2Fsync.sharethis.com%2Fsemasio%3Fgdpr%3D1%26gdpr_consent%3D%26rd%3D0%26rurl%3Dhttps%253A%252F%252Fuipglob.semasio.net%252Fsharethis%252F1%252Finfo%253FsType%253Dsync%2526sInitiator%253Dinternal%2526sExtCookieId%253D%26uid%3DFF61A73D8BA81BC8 HTTP 302
https://sync.sharethis.com/semasio?gdpr=1&gdpr_consent=&rd=0&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D&uid=FF61A73D8BA81BC8

Request Chain 55

https://sb.scorecardresearch.com/b?c1=2&c2=19592957&ns__t=1604093475189&ns_c=UTF-8&cv=3.5&c8=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c7=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=19592957&ns__t=1604093475189&ns_c=UTF-8&cv=3.5&c8=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c7=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&c9=&cs_ak_ss=1

Request Chain 63

https://gatr.hit.gemius.pl/_1604093475299/rexdot.js?l=100&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=121&lsdata=I2B893VLW6dIYznK3cxGlFZOT61k9HC0KjudnRgooJr.R7DC9Xfy784vTvRI3gd8pB7m84exWeVwfD3NjksF4VAEmXCj/kX62mU6GS6Xj3/&fpdata=IWqBSsA1wEJ974AN_1CZhw7j9pUe7OEUDHuPx.bWwk3.z7&vis=1 HTTP 301
https://gatr.hit.gemius.pl/__/_1604093475299/rexdot.js?l=100&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=121&lsdata=I2B893VLW6dIYznK3cxGlFZOT61k9HC0KjudnRgooJr.R7DC9Xfy784vTvRI3gd8pB7m84exWeVwfD3NjksF4VAEmXCj/kX62mU6GS6Xj3/&fpdata=IWqBSsA1wEJ974AN_1CZhw7j9pUe7OEUDHuPx.bWwk3.z7&vis=1

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

128 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request virustotal--1675794 Show response
eksisozluk.com/ 52 KB
19 KB 221ms
103ms Document
text/html 176.53.43.6
RADORE

General

Check archive.org

Show headers Download Go to

Full URL

https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

176.53.43.6 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-176.53.43.6.as42926.net

Software

Resource Hash

68401f320aa29dd010f3ef8ddf259cec6ec70002962a0fd1512375b323344817

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: eksisozluk.com
:scheme: https
:path: /virustotal--1675794?p=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 30 Oct 2020 21:31:14 GMT
content-type: text/html; charset=utf-8
content-length: 18403
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: iq=2a44b3ca55394b589d5d6d6e62764cab; expires=Sat, 30-Oct-2021 21:31:14 GMT; path=/ ASP.NET_SessionId=4j0nux4kydbcg34opvgprdlb; path=/; HttpOnly; SameSite=Lax channel-filter-preference-cookie=W3siSWQiOjEsIlByZWYiOnRydWV9LHsiSWQiOjIsIlByZWYiOnRydWV9LHsiSWQiOjQsIlByZWYiOnRydWV9LHsiSWQiOjUsIlByZWYiOnRydWV9LHsiSWQiOjEwLCJQcmVmIjpmYWxzZX0seyJJZCI6MTEsIlByZWYiOmZhbHNlfSx7IklkIjozOSwiUHJlZiI6ZmFsc2V9XQ==; path=/
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aba7e32d0ec931b53513d968dc83cd218665cd114a2a11473b1d1a0dd12d9307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 20:34:00 GMT
server: ESF
date: Fri, 30 Oct 2020 21:31:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Oct 2020 21:31:14 GMT

GET
H2 200 ek$i-36d6db239f17c95b.css
ekstat.com/css/ 144 KB
22 KB 57ms
34ms Stylesheet
text/css 2606:4700:3034::6812:25c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekstat.com/css/ek$i-36d6db239f17c95b.css

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6812:25c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf1d1b1777f474858170e41e9c28e06c36fede73537ccd9edc2881ecdaf3e968

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1293409
status: 200
vary: Accept-Encoding,Accept-Encoding
cf-request-id: 061d0510170000974e871a2000000001
last-modified: Thu, 15 Oct 2020 22:13:42 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"02fd17040a3d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Uay9YlbGkSFPq9VMogXU0pB0zpek0157jqgVJOxB9vO6nJUAkeUGSbBvtgAQe%2Fz1EYKMVD1kJgxLSFqshC6PJ0eaAL9lKddroDbt%2B%2Bl1KRUdxKx9lgUe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
cf-ray: 5ea83df9b8de974e-FRA

GET
H2 200 v1.js Show response
nativespot.com/apijs/ 2 KB
1 KB 36ms
13ms Script
application/javascript 2606:4700:3030::681b:8732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nativespot.com/apijs/v1.js
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:8732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd9db9f3806eeabee74f5e6e5563820b0dad301cae6ef3fa3cd26a3791d8d97

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5938
status: 200
cf-request-id: 061d05105600002bf6030dd000000001
last-modified: Tue, 28 Aug 2018 10:36:00 GMT
server: cloudflare
etag: W/"pe62s01bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cs4v0ITfkHLCg3oeiy8pRwbbOeUMNSWSRp9YqjffWyew697MALihIlXIytGksodzY6Kd64vmI9JqKjuXe4h45V54FL%2BsA2TXO1wtJMX73my%2Bg6eGlKCvHXCnwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5ea83dfa28602bf6-FRA

GET
H2

200

netasync.js Show response
app.networkad.net/
Redirect Chain

https://app.networkad.net/netasync.js?zid=314&hbid=1
https://app.networkad.net/netasync.js?isAvailable=1&zid=314&hbid=1

199 KB
24 KB

1015ms
1015ms

Script
text/javascript

138.201.212.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.networkad.net/netasync.js?isAvailable=1&zid=314&hbid=1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.212.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.212.201.138.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d3679b750dd0a66680fbf9a9c7db618d270ad07b9e0980fa46eab338c15da90c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache
content-type: text/javascript
x-xss-protection: 1; mode=block

Redirect headers

status: 302
date: Fri, 30 Oct 2020 21:31:15 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
x-xss-protection: 1; mode=block
location: //app.networkad.net/netasync.js?isAvailable=1&zid=314&hbid=1
content-type: text/javascript

GET
H2

200

netasync.js Show response
app.networkad.net/
Redirect Chain

https://app.networkad.net/netasync.js?zid=313&hbid=1
https://app.networkad.net/netasync.js?isAvailable=1&zid=313&hbid=1

0
206 B

340ms
340ms

Script
text/javascript

138.201.212.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.networkad.net/netasync.js?isAvailable=1&zid=313&hbid=1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.212.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.212.201.138.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 30 Oct 2020 21:31:15 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
content-type: text/javascript
x-xss-protection: 1; mode=block
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

status: 302
date: Fri, 30 Oct 2020 21:31:15 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
x-xss-protection: 1; mode=block
location: //app.networkad.net/netasync.js?isAvailable=1&zid=313&hbid=1
content-type: text/javascript

GET
H2

200

netasync.js Show response
app.networkad.net/
Redirect Chain

https://app.networkad.net/netasync.js?zid=317&hbid=1
https://app.networkad.net/netasync.js?isAvailable=1&zid=317&hbid=1

0
206 B

827ms
827ms

Script
text/javascript

138.201.212.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.networkad.net/netasync.js?isAvailable=1&zid=317&hbid=1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.212.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.212.201.138.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 30 Oct 2020 21:31:16 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
content-type: text/javascript
x-xss-protection: 1; mode=block
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

status: 302
date: Fri, 30 Oct 2020 21:31:15 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
x-xss-protection: 1; mode=block
location: //app.networkad.net/netasync.js?isAvailable=1&zid=317&hbid=1
content-type: text/javascript

GET
H2

200

netasync.js Show response
app.networkad.net/
Redirect Chain

https://app.networkad.net/netasync.js?zid=318&hbid=1
https://app.networkad.net/netasync.js?isAvailable=1&zid=318&hbid=1

0
206 B

668ms
667ms

Script
text/javascript

138.201.212.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.networkad.net/netasync.js?isAvailable=1&zid=318&hbid=1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.212.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.212.201.138.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 30 Oct 2020 21:31:15 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
content-type: text/javascript
x-xss-protection: 1; mode=block
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

status: 302
date: Fri, 30 Oct 2020 21:31:15 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
x-xss-protection: 1; mode=block
location: //app.networkad.net/netasync.js?isAvailable=1&zid=318&hbid=1
content-type: text/javascript

GET
H2

200

netasync.js Show response
app.networkad.net/
Redirect Chain

https://app.networkad.net/netasync.js?zid=319&hbid=1
https://app.networkad.net/netasync.js?isAvailable=1&zid=319&hbid=1

0
206 B

618ms
618ms

Script
text/javascript

138.201.212.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.networkad.net/netasync.js?isAvailable=1&zid=319&hbid=1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.212.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.212.201.138.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 30 Oct 2020 21:31:16 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
content-type: text/javascript
x-xss-protection: 1; mode=block
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

status: 302
date: Fri, 30 Oct 2020 21:31:15 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
x-xss-protection: 1; mode=block
location: //app.networkad.net/netasync.js?isAvailable=1&zid=319&hbid=1
content-type: text/javascript

GET
H2

200

netasync.js Show response
app.networkad.net/
Redirect Chain

https://app.networkad.net/netasync.js?zid=320&hbid=1
https://app.networkad.net/netasync.js?isAvailable=1&zid=320&hbid=1

199 KB
24 KB

1183ms
1182ms

Script
text/javascript

138.201.212.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.networkad.net/netasync.js?isAvailable=1&zid=320&hbid=1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.212.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.212.201.138.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

8284a514ff1f3be99f0d94e891efc2eb71a3ee8b80c6c1e5ef350cca9d8fe942

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache
content-type: text/javascript
x-xss-protection: 1; mode=block

Redirect headers

status: 302
date: Fri, 30 Oct 2020 21:31:15 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
x-xss-protection: 1; mode=block
location: //app.networkad.net/netasync.js?isAvailable=1&zid=320&hbid=1
content-type: text/javascript

GET
H2

200

netasync.js Show response
app.networkad.net/
Redirect Chain

https://app.networkad.net/netasync.js?zid=321&hbid=1
https://app.networkad.net/netasync.js?isAvailable=1&zid=321&hbid=1

0
206 B

473ms
471ms

Script
text/javascript

138.201.212.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.networkad.net/netasync.js?isAvailable=1&zid=321&hbid=1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.212.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.212.201.138.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 30 Oct 2020 21:31:15 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
content-type: text/javascript
x-xss-protection: 1; mode=block
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

status: 302
date: Fri, 30 Oct 2020 21:31:15 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
x-xss-protection: 1; mode=block
location: //app.networkad.net/netasync.js?isAvailable=1&zid=321&hbid=1
content-type: text/javascript

GET
H2

200

netasync.js Show response
app.networkad.net/
Redirect Chain

https://app.networkad.net/netasync.js?zid=302&hbid=1
https://app.networkad.net/netasync.js?isAvailable=1&zid=302&hbid=1

0
206 B

388ms
387ms

Script
text/javascript

138.201.212.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.networkad.net/netasync.js?isAvailable=1&zid=302&hbid=1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.212.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.212.201.138.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 30 Oct 2020 21:31:15 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
content-type: text/javascript
x-xss-protection: 1; mode=block
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

status: 302
date: Fri, 30 Oct 2020 21:31:15 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
x-xss-protection: 1; mode=block
location: //app.networkad.net/netasync.js?isAvailable=1&zid=302&hbid=1
content-type: text/javascript

GET
H/1.1 200
OK withdfp.js Show response
app.gelirartisi.com/ 18 B
327 B 264ms
142ms Script
text/html 31.186.26.160
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gelirartisi.com/withdfp.js?sid=6

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

31.186.26.160 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),

Reverse DNS

reverse-31-186-26-160.turkticaret.net

Software

Resource Hash

25d2dd552e478fc445ef10d481020f13a4dc463325a4e4afd41823e5a85a20e2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 21:31:15 GMT
Cache-Control: no-store, no-cache
X-XSS-Protection: 1; mode=block
Connection: keep-alive
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 107 KB
35 KB 54ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 586f76dc6bb5b23638b5952b115013e6cde86c5d0b18d071fc7a5b2a21787ff7

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:20:45 GMT
server: nginx
etag: W/"5f8eabed-1ada9"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 31 Oct 2020 21:31:14 GMT

GET
H2 200 jquery-combo.js Show response
ekstat.com/js/ 142 KB
47 KB 50ms
27ms Script
text/javascript 2606:4700:3034::6812:25c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekstat.com/js/jquery-combo.js?v=1HQ2Lf6r65_MGnhsGY-0qcsBKewq1syzqFHSpd4GfOY1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6812:25c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9fa12248fa0ce1c3cfc9b222fc921d864b178cb28bfc70672086176c97af344

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3585340
status: 200
vary: User-Agent,Accept-Encoding,Accept-Encoding
cf-request-id: 061d0510180000974e871a3000000001
last-modified: Sat, 19 Sep 2020 09:35:34 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i623vKZONuxr1m47JtxObiXSwqJf6GMRWhTcl4bUVVh8iS9SQl22v6dr9MMb7ZRJK6W3WZChsjf%2BSTrjapHb%2BV%2BA%2BeK9WzYxAGHK57K575gfIVRcHP%2B9"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=14400, no-cache="Set-Cookie"
cf-ray: 5ea83df9b8df974e-FRA
expires: Sun, 19 Sep 2021 09:35:34 GMT

GET
H2 200 ek$i-combo.js Show response
ekstat.com/js/ 64 KB
18 KB 45ms
22ms Script
text/javascript 2606:4700:3034::6812:25c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekstat.com/js/ek$i-combo.js?v=MNabZEbwcjA8SS-5bXD3BklAw4_y8IZXso7q8kmF-Vg1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6812:25c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6918ecad44d1dfa8f718cc08ae8235567e594ae5611757af5422a3ba3b07eee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3585341
status: 200
vary: User-Agent,Accept-Encoding,Accept-Encoding
cf-request-id: 061d0510170000974e97bea000000001
last-modified: Sat, 19 Sep 2020 09:35:33 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zfpaxh%2F4BpbZ4Fzf2mKT5kwNwZACE%2Bd6SzIhpAIf9n6qb4BRmmT2yrjKC2B3AlbHASIHxSesonzrsCl%2FckpYz%2FlJqq55%2F8YBP8HloodjXNdq%2BwVdiZrj"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=14400, no-cache="Set-Cookie"
cf-ray: 5ea83df9b8e0974e-FRA
expires: Sun, 19 Sep 2021 09:35:33 GMT

GET
H2 200 lib-defer.js Show response
ekstat.com/js/ 66 KB
20 KB 18ms
16ms Script
text/javascript 2606:4700:3034::6812:25c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekstat.com/js/lib-defer.js?v=Jz3pu7VX1X0sYKy81oygjzxN1E0jJ1dx-iK00TIqiBo1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6812:25c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4221073bf9ba1e838313b18d950426bf6163db92969e234e502c6a168e2bd297

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3585339
status: 200
vary: User-Agent,Accept-Encoding,Accept-Encoding
cf-request-id: 061d0510540000974e8aa95000000001
last-modified: Sat, 19 Sep 2020 09:35:35 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bxni%2Fwr%2BGm1H5cxCrNu5o3%2BQhA9PQidM5TtTiV7oEwzM7T8AjUm0yphbXAKMVCabZwA62Uz1OPcfd7BA5FU21wQzTAgzUkrDHtLCUXNcEZkPjs7RjRoa"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=14400, no-cache="Set-Cookie"
cf-ray: 5ea83dfa291d974e-FRA
expires: Sun, 19 Sep 2021 09:35:35 GMT

GET
H2 200 ek$i-defer.js Show response
ekstat.com/js/ 27 KB
9 KB 16ms
14ms Script
text/javascript 2606:4700:3034::6812:25c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekstat.com/js/ek$i-defer.js?v=5RAuxxHQnXm8Sz8adRknq0Gr33XJg1DeuOAX76KVeao1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6812:25c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f25294f5d08cd1f0ee1f374743e95857cc0be1300f22197afc4efda6f6dad6c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3220917
status: 200
vary: User-Agent,Accept-Encoding,Accept-Encoding
cf-request-id: 061d0510550000974e66af9000000001
last-modified: Wed, 23 Sep 2020 14:49:17 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8eJqW9xx2EizplnBjTmjizIs%2FVmks2oKAzeHRkwxWrShRRYjxRv3FTJHCaD6E0Wpo77mfryOO5bb%2BUzrLHDH9Z7QyH8SAUAJXi7EskJMdtY16huaRbtk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=14400, no-cache="Set-Cookie"
cf-ray: 5ea83dfa291e974e-FRA
expires: Thu, 23 Sep 2021 14:49:17 GMT

GET
H2 200 pena-logo.svg
eksisozluk.com/Content/img/new-logos/ 1 KB
849 B 59ms
57ms Image
image/svg+xml 176.53.43.6
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eksisozluk.com/Content/img/new-logos/pena-logo.svg

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

176.53.43.6 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-176.53.43.6.as42926.net

Software

Resource Hash

de7fd28be2467ce52eb95b7ff15f6d6dbad53191e84737923352b511a63e0fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Sep 2018 21:02:55 GMT
etag: W/"abd8604d2551d41:0"
x-frame-options: DENY
content-type: image/svg+xml
status: 200
cache-control: public,max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 eksiseyler-logo.svg
eksisozluk.com/Content/img/new-logos/ 19 KB
14 KB 65ms
63ms Image
image/svg+xml 176.53.43.6
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eksisozluk.com/Content/img/new-logos/eksiseyler-logo.svg

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

176.53.43.6 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-176.53.43.6.as42926.net

Software

Resource Hash

29dc5392c761c2c8305b2063fadd14b1c41fb030879fd4cbaa1d7020189392aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Sep 2018 21:02:55 GMT
etag: W/"abd8604d2551d41:0"
x-frame-options: DENY
content-type: image/svg+xml
status: 200
cache-control: public,max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2

200

netasync.js Show response
app.networkad.net/
Redirect Chain

https://app.networkad.net/netasync.js?zid=571
https://app.networkad.net/netasync.js?isAvailable=1&zid=571

202 KB
24 KB

1280ms
1278ms

Script
text/javascript

138.201.212.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.networkad.net/netasync.js?isAvailable=1&zid=571

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.212.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.212.201.138.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e43d265064f7aecae6ca57314a87e2f284af29f8c7cfd085849dfcf5a8dffe30

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache
content-type: text/javascript
x-xss-protection: 1; mode=block

Redirect headers

status: 302
date: Fri, 30 Oct 2020 21:31:15 GMT
cache-control: no-store, no-cache
server: nginx/1.18.0 (Ubuntu)
x-xss-protection: 1; mode=block
location: //app.networkad.net/netasync.js?isAvailable=1&zid=571
content-type: text/javascript

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 93ms
35ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

fa7c2cd8fa0196bca6e808ed4259571ad5ff7372f37de837a16fd90aaca7e51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11440
x-xss-protection: 0
server: cafe
etag: 2885770095241673848
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Oct 2020 21:31:14 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/878852058/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/?value=0&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/878852058/?value=0&guid=ON&script=0&is_vtc=1&random=1257956855
https://www.google.de/pagead/1p-user-list/878852058/?value=0&guid=ON&script=0&is_vtc=1&random=1257956855&ipr=y

42 B
153 B

20ms
18ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/878852058/?value=0&guid=ON&script=0&is_vtc=1&random=1257956855&ipr=y

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/878852058/?value=0&guid=ON&script=0&is_vtc=1&random=1257956855&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 123 KB
38 KB 47ms
29ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXV2Z47

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81f9d62ed3e048833ed7dba3265becbd60bda40f5c4355c09d71ee46e617a35a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38885
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Oct 2020 21:31:15 GMT

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/41209/ 31 KB
11 KB 53ms
16ms Script
application/x-javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/41209/adRecover.js
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: f42341817d99dec29d6694f80852e95f3b150104a3896fd9eeb0ff9b3aa09cad

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
x-cf3: M
cf4ttl: 31536000.000
x-cf1: 27741:fB.cdg1:cf:cacheB.cdg1-01:H
status: 200
content-length: 11066
x-cf-tsc: 1601454924
x-cf2: H
last-modified: Wed, 30 Sep 2020 08:28:31 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding
content-type: application/x-javascript
x-cfhash: "3dc0ca8aba9e344b3890b59382a3a96c"
cache-control: max-age=3600
cf4age: 0
accept-ranges: bytes
expires: Fri, 30 Oct 2020 22:31:15 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 53 KB
18 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37b710eb5f4a569d16befb37015a683e8fb4e5cd9e4ce77ad67a27078e43a470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "679 / 340 of 1000 / last-modified: 1604087733"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17880
x-xss-protection: 0
expires: Fri, 30 Oct 2020 21:31:14 GMT

GET
H2 200 eksisozluk_logo.svg
ekstat.com/img/new-design/ 4 KB
2 KB 13ms
12ms Image
image/svg+xml 2606:4700:3034::6812:25c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ekstat.com/img/new-design/eksisozluk_logo.svg

Requested by

Host: ekstat.com
URL: https://ekstat.com/css/ek$i-36d6db239f17c95b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6812:25c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2894995626c7b1d7b61783a2123a862c0bdb6f9d4a48d36fc319363d44def4fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ekstat.com/css/ek$i-36d6db239f17c95b.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11726281
status: 200
vary: Accept-Encoding
cf-request-id: 061d05105e0000974e871a7000000001
last-modified: Sun, 07 Feb 2016 22:58:24 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"2a52c6cfb61d11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L2SOw23n31k3r9%2FoA59e%2FvDp32HQQsj7msSvxEgN6cM%2BIft%2BtFuAuaAny2nQSD%2F8DOeIArm03w5KolJMaeFd4CvTUDb%2BjwIG4svl8wJxzqDM5dvFDu2N"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
cf-ray: 5ea83dfa2924974e-FRA

GET
H2 200 pena-text-logo@2x.png
ekstat.com/img/new-logos/ 2 KB
2 KB 22ms
22ms Image
image/png 2606:4700:3034::6812:25c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ekstat.com/img/new-logos/pena-text-logo@2x.png

Requested by

Host: ekstat.com
URL: https://ekstat.com/css/ek$i-36d6db239f17c95b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6812:25c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31bd1fcc22fb57e99cb0a49ab2e715ac4dbaa20d50c3fdca0fb670ba08dcb006

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ekstat.com/css/ek$i-36d6db239f17c95b.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11726281
status: 200
vary: Accept-Encoding
content-length: 2116
cf-request-id: 061d05105f0000974e72922000000001
last-modified: Fri, 21 Sep 2018 22:11:23 GMT
server: cloudflare
x-frame-options: DENY
etag: "b9906e8f851d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q%2F2KXOIEl2iqSbO7kl9%2B2Bt2WPKAhBqPyCWgdrD1fl1FmKMmyoERXrdjB7Iy9rHD%2FQvxldaXXzonGji%2FJmoG%2F%2BZUi6eHF4J7C%2FhsaYQ%2F9R1Qx75NWp8m"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5ea83dfa3926974e-FRA

GET
H2 200 eksiseyler-text-logo@2x.png
ekstat.com/img/new-logos/ 3 KB
4 KB 12ms
12ms Image
image/png 2606:4700:3034::6812:25c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ekstat.com/img/new-logos/eksiseyler-text-logo@2x.png

Requested by

Host: ekstat.com
URL: https://ekstat.com/css/ek$i-36d6db239f17c95b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6812:25c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cef32ce5655498707172fb601cdd61261638ad57703e5c2ce031f0478eeb76b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ekstat.com/css/ek$i-36d6db239f17c95b.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11597749
status: 200
vary: Accept-Encoding
content-length: 3534
cf-request-id: 061d05105f0000974e8c259000000001
last-modified: Fri, 21 Sep 2018 22:11:23 GMT
server: cloudflare
x-frame-options: DENY
etag: "b9906e8f851d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GYT3zF153uUGBPM01Y09jEE%2FL%2BdYWCQcs%2FJqCpjBbYFI6bWuO63hEeuGgos42ybrV9lnzZ%2B1Bdq2qo%2BhFLTZedjAhJYczbGcm855Ds8MHtjZeCaxFlih"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5ea83dfa3928974e-FRA

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 09:05:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 44745
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Sat, 30 Oct 2021 09:05:29 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 09:05:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
age: 44745
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12976
x-xss-protection: 0
expires: Sat, 30 Oct 2021 09:05:29 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 09:05:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:16 GMT
server: sffe
age: 44745
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13108
x-xss-protection: 0
expires: Sat, 30 Oct 2021 09:05:29 GMT

GET
H2 200 ns.html
www.googletagmanager.com/ Frame 3AB1 0
0 20ms
15ms Document
text/html 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-WXV2Z47

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.googletagmanager.com
:scheme: https
:path: /ns.html?id=GTM-WXV2Z47
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eksisozluk.com/virustotal--1675794?p=3
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eksisozluk.com/virustotal--1675794?p=3

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-encoding: br
vary: *
date: Fri, 30 Oct 2020 21:31:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lujVj9_mf.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 12 KB
12 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lujVj9_mf.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4c9d4f6fbcbe3b591646b902e33b914083d983374cf38cefcd6054ccc5dd3b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 21:23:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:20 GMT
server: sffe
age: 86845
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12352
x-xss-protection: 0
expires: Fri, 29 Oct 2021 21:23:49 GMT

GET
H3-Q050 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRdu3cOWxy40.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 12 KB
12 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRdu3cOWxy40.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

534105573bbd0f55a1dae664ce0662c1462b5b1e501da90035001bb2ea79015d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 06:13:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:54 GMT
server: sffe
age: 400676
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12160
x-xss-protection: 0
expires: Tue, 26 Oct 2021 06:13:18 GMT

GET
H/1.1 200
OK 10924 Show response
serv.nspot.co/unit/ 20 B
264 B 156ms
30ms XHR
application/json 35.157.10.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.nspot.co/unit/10924?t=1604093474992
Requested by: Host: nativespot.com
URL: https://nativespot.com/apijs/v1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.10.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-10-141.eu-central-1.compute.amazonaws.com
Software: nativespot-ad-server /
Resource Hash: a38040847e432da96f7c228e4f801473f495f9f9df8bb84f7c7b3489daa39f0f

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Oct 2020 21:31:14 GMT
Server: nativespot-ad-server
Connection: keep-alive
Content-Length: 20
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/ 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/?random=1604093474995&cv=9&fst=1604093474995&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&tiba=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5264de518eabd510c8abb7c6950b9c502460cf474201ff893ca8178e2bce655f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1024
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1675794 Show response
eksisozluk.com/alakali-basliklar/ 1 KB
923 B 62ms
62ms XHR
text/html 176.53.43.6
RADORE

General

Check archive.org

Show headers Download Go to

Full URL

https://eksisozluk.com/alakali-basliklar/1675794?_=1604093474887

Requested by

Host: ekstat.com
URL: https://ekstat.com/js/jquery-combo.js?v=1HQ2Lf6r65_MGnhsGY-0qcsBKewq1syzqFHSpd4GfOY1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

176.53.43.6 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-176.53.43.6.as42926.net

Software

Resource Hash

37ddf26ba9e420ad61600e0d05c4227e376d3b9767d4a6637368fe763f9cacd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://eksisozluk.com/virustotal--1675794?p=3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/html; charset=utf-8
status: 200
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
content-length: 666
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 1675794 Show response
seyler.eksisozluk.com/sozluk/baslik/ Frame DE5C 5 KB
2 KB 333ms
200ms Document
text/html 176.53.43.14
RADORE

General

Check archive.org

Show headers Download Go to

Full URL

https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white

Requested by

Host: ekstat.com
URL: https://ekstat.com/js/jquery-combo.js?v=1HQ2Lf6r65_MGnhsGY-0qcsBKewq1syzqFHSpd4GfOY1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

176.53.43.14 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-176.53.43.14.as42926.net

Software

Resource Hash

795cb52c549cd19d20b47ffbe4438476b4978901fa1ef914ef8846a1b1ac0791

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

:method: GET
:authority: seyler.eksisozluk.com
:scheme: https
:path: /sozluk/baslik/1675794?style=white
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eksisozluk.com/virustotal--1675794?p=3
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eksisozluk.com/virustotal--1675794?p=3

Response headers

status: 200
date: Fri, 30 Oct 2020 21:31:15 GMT
content-type: text/html; charset=utf-8
content-length: 1412
set-cookie: sey_id=5111aef1e5aa1994d41758fb403edcd5; expires=Fri, 30-Oct-20 22:31:15 GMT; max-age=3600; domain=seyler.eksisozluk.com; path=/
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains

GET
H2 200 topicmattersummary Show response
eksisozluk.com/matterindex/ 242 B
520 B 563ms
562ms XHR
text/html 176.53.43.6
RADORE

General

Check archive.org

Show headers Download Go to

Full URL

https://eksisozluk.com/matterindex/topicmattersummary?slug=virustotal&topicid=1675794&_=1604093474888

Requested by

Host: ekstat.com
URL: https://ekstat.com/js/jquery-combo.js?v=1HQ2Lf6r65_MGnhsGY-0qcsBKewq1syzqFHSpd4GfOY1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

176.53.43.6 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-176.53.43.6.as42926.net

Software

Resource Hash

fda05a10ec6c13051fae0527485ef66cbca97ecec17e3124dad8a6a7224a22e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://eksisozluk.com/virustotal--1675794?p=3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/html; charset=utf-8
status: 200
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
content-length: 263
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 pubads_impl_2020102601.js Show response
securepubads.g.doubleclick.net/gpt/ 273 KB
96 KB 118ms
60ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

3dc07588699fb0adc2702b0e8734bfabdbe45c1838e4fb2884511264bb9ef0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Oct 2020 08:41:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98213
x-xss-protection: 0
expires: Fri, 30 Oct 2020 21:31:15 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/878852058/ 42 B
320 B 22ms
21ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/878852058/?random=1604093474995&cv=9&fst=1604091600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&tiba=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&fmt=3&is_vtc=1&random=2027319086&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/878852058/ 42 B
519 B 52ms
37ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/878852058/?random=1604093474995&cv=9&fst=1604091600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&tiba=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&fmt=3&is_vtc=1&random=2027319086&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/41209/adRecover.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 14:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27036
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Oct 2021 14:00:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6110
date: Fri, 30 Oct 2020 19:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 30 Oct 2020 21:49:25 GMT

GET
H2 200 xgemius.js Show response
gatr.hit.gemius.pl/ 40 KB
11 KB 82ms
26ms Script
application/x-javascript 149.202.204.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gatr.hit.gemius.pl/xgemius.js
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.204.241 Brétigny-sur-Orge, France, ASN16276 (OVH, FR),
Reverse DNS: lt1n.host.hit.gemius.pl
Software: GHC /
Resource Hash: 40aa39f97affadb78c48cccb42baa7e711ddb25df90008648a29f4463ec9fc98

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
last-modified: Mon, 19 Oct 2020 07:18:40 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: max-age=43200
accept-ranges: none
content-type: application/x-javascript
content-length: 10922
expires: Sat, 31 Oct 2020 09:31:15 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 76ms
24ms Script
application/x-javascript 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 21:31:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 31 Oct 2020 21:31:15 GMT

GET
H/1.1

200
OK

semasio
sync.sharethis.com/
Redirect Chain

https://uip.semasio.net/omdtr/1/info?_referrer=https%3A//eksisozluk.com/virustotal--1675794%3Fp%3D3&sType=view&nCampaignId=1&nJs=1&_ignore=35520552497871450
https://uip.semasio.net/omdtr/1/info2?_referrer=https%3A//eksisozluk.com/virustotal--1675794%3Fp%3D3&sType=view&nCampaignId=1&nJs=1&_ignore=35520552497871450
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=eee35f9c-8623-4100-a41a-fa2782972441&sInitiator=internal&gdpr=&gdpr_consent=
https://track.adform.net/serving/cookie/match/?party=1008&gdpr=&gdpr_consent=
https://track.adform.net/serving/cookie/match/?CC=1&party=1008&gdpr=&gdpr_consent=
https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2947629299208664727&sInitiator=internal&gdpr=&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RkY2MUE3M0Q4QkE4MUJDOA&gdpr=&gdpr_consent=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKIp3efj3gf48D7Oba0zH1o&sInitiator=internal&google_cver=1&gdpr=&gdpr_consent=&google_cver=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=4b6504f8-1481-493f-af02-4f2135a89f0d
https://sync.sharethis.com/semasio?uid=FF61A73D8BA81BC8&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D
https://l.sharethis.mgr.consensu.org/rd?rurl=https%3A%2F%2Fsync.sharethis.com%2Fsemasio%3Fgdpr%3D1%26gdpr_consent%3D%26rd%3D0%26rurl%3Dhttps%253A%252F%252Fuipglob.semasio.net%252Fsharethis%252F1%25...
https://sync.sharethis.com/semasio?gdpr=1&gdpr_consent=&rd=0&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D&uid=FF61A73D8BA81BC8

42 B
167 B

33ms
33ms

Image
image/gif

3.121.118.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.sharethis.com/semasio?gdpr=1&gdpr_consent=&rd=0&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D&uid=FF61A73D8BA81BC8
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.118.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-118-243.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 21:31:16 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/semasio?gdpr=1&gdpr_consent=&rd=0&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D&uid=FF61A73D8BA81BC8
Date: Fri, 30 Oct 2020 21:31:16 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 239
Content-Type: text/html; charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-2362171-2&cid=545121622.1604093475&jid=1735566955&gjid=1511352785&_gid=51008561.1604093475&_u=YGBAgAABAAAAAE~&z=993700620

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 30 Oct 2020 21:31:15 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://eksisozluk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 7ms
7ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1435319533&t=pageview&_s=1&dl=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&ul=en-us&de=UTF-8&dt=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1735566955&gjid=1511352785&cid=545121622.1604093475&tid=UA-2362171-2&_gid=51008561.1604093475&cd1=0&cd2=0&cd8=teknoloji&cd9=&cd10=&cd11=0&cd12=1675794&cd13=detail&cd14=&cd15=&cd16=eksisozluk&cd18=virustotal&cd19=topic&cd20=&z=1862252546

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 04:37:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60843
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-2362171-2&cid=545121622.1604093475&jid=1735566955&_u=YGBAgAABAAAAAE~&z=1774364177

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-2362171-2&cid=545121622.1604093475&jid=1735566955&_u=YGBAgAABAAAAAE~&z=1774364177

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
45 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/41209/adRecover.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69efe16b3397fa4554362b00899ddce508a20f4b75cfa7a4079d9a98253957ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 46088
x-xss-protection: 0
server: cafe
etag: 4417735694028717099
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Oct 2020 21:31:15 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
901 B 17ms
16ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1604093475126
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
x-cf3: M
cf4ttl: 31536000.000
x-cf1: 27741:fB.cdg1:cf:cacheB.cdg1-01:H
status: 200
content-length: 631
x-cf-tsc: 1572978329
x-cf2: H
last-modified: Fri, 22 Jul 2016 20:31:34 GMT
server: CFS 0215
x-cff: B
content-type: image/jpeg
x-cfhash: "706bd34581dd47cb205c9ff4a828e7ca"
cf4age: 0
accept-ranges: bytes
x-cf-rand: 85.687

GET
H2 200 fpdata.js Show response
gatr.hit.gemius.pl/ 272 B
384 B 25ms
25ms Script
application/x-javascript 149.202.204.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gatr.hit.gemius.pl/fpdata.js?href=eksisozluk.com
Requested by: Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.204.241 Brétigny-sur-Orge, France, ASN16276 (OVH, FR),
Reverse DNS: lt1n.host.hit.gemius.pl
Software: GHC /
Resource Hash: d8b2f2f59006d8564134304bbbc9c9815971c82786d28339f0c764ca8166c5f3

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 272
expires: Sun, 29 Nov 2020 21:31:15 GMT

GET
H2 200 lsget.html
ls.hit.gemius.pl/ Frame 763D 0
0 79ms
25ms Document
text/html 149.202.200.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.200.33 Brétigny-sur-Orge, France, ASN16276 (OVH, FR),
Reverse DNS: ovhfr1.host.hit.gemius.pl
Software: GHC /
Resource Hash

Request headers

:method: GET
:authority: ls.hit.gemius.pl
:scheme: https
:path: /lsget.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eksisozluk.com/virustotal--1675794?p=3
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eksisozluk.com/virustotal--1675794?p=3

Response headers

status: 200
date: Fri, 30 Oct 2020 21:31:15 GMT
expires: Sun, 29 Nov 2020 21:31:15 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2723
content-encoding: gzip

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=19592957&ns__t=1604093475189&ns_c=UTF-8&cv=3.5&c8=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c7=https%3A%2F%2Feksisozluk.com%2Fvirustot...
https://sb.scorecardresearch.com/b2?c1=2&c2=19592957&ns__t=1604093475189&ns_c=UTF-8&cv=3.5&c8=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c7=https%3A%2F%2Feksisozluk.com%2Fvirusto...

0
399 B

25ms
25ms

Image
text/plain

2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=19592957&ns__t=1604093475189&ns_c=UTF-8&cv=3.5&c8=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c7=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&c9=&cs_ak_ss=1
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Oct 2020 21:31:15 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=19592957&ns__t=1604093475189&ns_c=UTF-8&cv=3.5&c8=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c7=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 30 Oct 2020 21:31:15 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/ 230 KB
86 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e67e9b1a69aa45e7d0720d75dd9412d8acc5e66b9d32bd5c4f7a81de8c640d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88326
x-xss-protection: 0
server: cafe
etag: 10396176589646350026
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Oct 2020 21:31:15 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201027/r20190131/ Frame 2D76 0
0 7ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201027/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201027/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eksisozluk.com/virustotal--1675794?p=3
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlwNU4REdV2bhJszt4hyC6yNC01VW1NzYr0n36jbOn03B3KPIgEGoiYwQpr
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eksisozluk.com/virustotal--1675794?p=3

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 30 Oct 2020 10:02:22 GMT
expires: Fri, 13 Nov 2020 10:02:22 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 41333
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
263 B 32ms
32ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=eksisozluk.com&callback=_gfp_s_&client=ca-pub-3191894791526522

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7ce69aa67da8b2d2b21a282ae8df60a4d63944bf4de6e0a414c0c5e3fcb8b8e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 17ms
15ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=eksisozluk.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 16ms
14ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eksisozluk.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame DBAF 0
0 92ms
91ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3191894791526522&output=html&adk=1812271804&adf=3025194257&lmt=1604093475&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604093475211&bpp=15&bdt=403&idt=61&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7445657063060&frm=20&pv=2&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&ga_fc=0&iag=0&icsg=2251799813726880&dssz=46&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21067654%2C21066705&oid=3&pvsid=1724390901512970&pem=200&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=78

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3191894791526522&output=html&adk=1812271804&adf=3025194257&lmt=1604093475&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604093475211&bpp=15&bdt=403&idt=61&shv=r20201027&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7445657063060&frm=20&pv=2&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&ga_fc=0&iag=0&icsg=2251799813726880&dssz=46&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21067654%2C21066705&oid=3&pvsid=1724390901512970&pem=200&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=78
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eksisozluk.com/virustotal--1675794?p=3
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlwNU4REdV2bhJszt4hyC6yNC01VW1NzYr0n36jbOn03B3KPIgEGoiYwQpr
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eksisozluk.com/virustotal--1675794?p=3

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Oct 2020 21:31:15 GMT
server: cafe
content-length: 34
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604057784510231"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27555
x-xss-protection: 0
expires: Fri, 30 Oct 2020 21:31:15 GMT

GET
H2

200

rexdot.js Show response
gatr.hit.gemius.pl/__/_1604093475299/
Redirect Chain

https://gatr.hit.gemius.pl/_1604093475299/rexdot.js?l=100&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Feksisozlu...
https://gatr.hit.gemius.pl/__/_1604093475299/rexdot.js?l=100&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Feksiso...

169 B
431 B

25ms
25ms

Script
application/x-javascript

149.202.204.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gatr.hit.gemius.pl/__/_1604093475299/rexdot.js?l=100&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=121&lsdata=I2B893VLW6dIYznK3cxGlFZOT61k9HC0KjudnRgooJr.R7DC9Xfy784vTvRI3gd8pB7m84exWeVwfD3NjksF4VAEmXCj/kX62mU6GS6Xj3/&fpdata=IWqBSsA1wEJ974AN_1CZhw7j9pUe7OEUDHuPx.bWwk3.z7&vis=1
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.204.241 Brétigny-sur-Orge, France, ASN16276 (OVH, FR),
Reverse DNS: lt1n.host.hit.gemius.pl
Software: GHC /
Resource Hash: 4c9e4ffd6c3dbac6116ceb3896d0e727a70a19bfdb9a98b2862660b7e0e1f9d2

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:15 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Thu, 29 Oct 2020 21:31:15 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:15 GMT
server: GHC
status: 301
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1604093475299/rexdot.js?l=100&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=121&lsdata=I2B893VLW6dIYznK3cxGlFZOT61k9HC0KjudnRgooJr.R7DC9Xfy784vTvRI3gd8pB7m84exWeVwfD3NjksF4VAEmXCj/kX62mU6GS6Xj3/&fpdata=IWqBSsA1wEJ974AN_1CZhw7j9pUe7OEUDHuPx.bWwk3.z7&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Thu, 29 Oct 2020 21:31:15 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 51ms
18ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=184&cb=63172054171
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Fri, 30 Oct 2020 21:31:14 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://eksisozluk.com
timing-allow-origin: *
vary: Origin

GET
H2 200 embedable.min.css
seyler.eksisozluk.com/public/stylesheets/css/ Frame DE5C 13 KB
4 KB 71ms
69ms Stylesheet
text/css 176.53.43.14
RADORE

General

Check archive.org

Show headers Download Go to

Full URL

https://seyler.eksisozluk.com/public/stylesheets/css/embedable.min.css?5782b0a2ee1c5b5dcd96afef099b1439

Requested by

Host: seyler.eksisozluk.com
URL: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

176.53.43.14 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-176.53.43.14.as42926.net

Software

Resource Hash

a95d0e00cf358b8439ea4cd936ebc47dea4f8c2ee3cd5ca6f3d68751c830b3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
last-modified: Sat, 05 Sep 2020 11:51:15 GMT
etag: "803bbfdb7a83d61:0"
vary: Accept-Encoding
content-type: text/css
status: 200
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
content-length: 3353

GET
H2 200 d43MmaYa0K11gNHs-637394799781319078.jpg
seyler.ekstat.com/img/230/d/ Frame DE5C 9 KB
10 KB 45ms
34ms Image
image/jpeg 2606:4700:3034::6812:25c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seyler.ekstat.com/img/230/d/d43MmaYa0K11gNHs-637394799781319078.jpg

Requested by

Host: seyler.eksisozluk.com
URL: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6812:25c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bac1e8323c39577c182023ca3d1c0b003161beb63d0d6e370426a2592d38c829

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3186
status: 200
vary: Accept-Encoding
content-length: 9568
cf-request-id: 061d0512380000974e9e896000000001
last-modified: Wed, 28 Oct 2020 08:06:18 GMT
server: cloudflare
etag: "5f99267a-2560"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c1Q%2FVVrboNQzT1elEA0XNv%2Fl4xQ6ZXjC4a%2BIK7kRMart5WmrhRAukH1Gt1FWnPSvP1YlEhRma5zdQyuG9WKnG%2Fb5mtIvJnD6%2FS%2FFYfcYOEyc%2BwGbxDOEMq%2BkCnYOKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ea83dfd2b9b974e-FRA

GET
H2 200 4H9DSlSDzDC6VzJi-637394088593414244.jpg
seyler.ekstat.com/img/230/4/ Frame DE5C 11 KB
11 KB 33ms
22ms Image
image/jpeg 2606:4700:3034::6812:25c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seyler.ekstat.com/img/230/4/4H9DSlSDzDC6VzJi-637394088593414244.jpg

Requested by

Host: seyler.eksisozluk.com
URL: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6812:25c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5c4ae8510c5dbee07f252414f48a27761f82b0303ba359d6e9c3452b2fe850c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1172
status: 200
vary: Accept-Encoding
content-length: 11060
cf-request-id: 061d0512380000974e68abd000000001
last-modified: Tue, 27 Oct 2020 12:20:59 GMT
server: cloudflare
etag: "5f9810ab-2b34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pRci2oWROOORRrx2psDsnt%2BE5Ga6ipsuAYub1g5LM3SZM9OU2BDTxgpbkfuynPfzzDwx3dKg9SKqvTHt3FmcBYhIF2wSnBvPDxPpSW1IJ5xz8eZ8HrVDNpa1VkdFtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ea83dfd2b9a974e-FRA

GET
H2 200 3RLpj9X45HTUdKQa-637394019932400531.jpg
seyler.ekstat.com/img/230/3/ Frame DE5C 16 KB
16 KB 38ms
27ms Image
image/jpeg 2606:4700:3034::6812:25c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seyler.ekstat.com/img/230/3/3RLpj9X45HTUdKQa-637394019932400531.jpg

Requested by

Host: seyler.eksisozluk.com
URL: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6812:25c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5902b209a7fbce48b1281a8241b799f7eaad0bc2ed3425f388a240d10d6d915c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5629
status: 200
vary: Accept-Encoding
content-length: 16479
cf-request-id: 061d0512390000974e6ebfb000000001
last-modified: Tue, 27 Oct 2020 10:26:33 GMT
server: cloudflare
etag: "5f97f5d9-405f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kU3FtzysEQZoqKpwW2HxMF2KmNqq6tfcSk9wd7x6iM4uiZWML5wVg568rcSElqpaxN5%2BKSVFZsrAat%2F%2BYq1VHIQedAbSAkzA4QaOBSNbglw8ptrTjYk4OdgHcI4%2Bbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ea83dfd2b9c974e-FRA

GET
H2 200 eksico.svg
seyler.eksisozluk.com/public/images/icons/ Frame DE5C 8 KB
3 KB 66ms
65ms Other
image/svg+xml 176.53.43.14
RADORE

General

Check archive.org

Show headers Download Go to

Full URL

https://seyler.eksisozluk.com/public/images/icons/eksico.svg

Requested by

Host: seyler.eksisozluk.com
URL: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

176.53.43.14 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-176.53.43.14.as42926.net

Software

Resource Hash

cde9dcd68532838b4f262c50a055acbbb78ed3a8cff28ee790cc776d0c09bd90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 30 Oct 2020 21:31:15 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2016 21:48:32 GMT
etag: W/"7f6986e9675d11:0"
strict-transport-security: max-age=63072000; includeSubDomains
content-type: image/svg+xml

POST
H2 204 csm
bidder.criteo.com/ 0
144 B 15ms
14ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Fri, 30 Oct 2020 21:31:14 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://eksisozluk.com
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 16ms
15ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 25 Oct 2021 21:31:15 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 16ms
16ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:15 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 25 Oct 2021 21:31:15 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame DE5C 3 KB
979 B 45ms
29ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Martel:300,400,700&subset=latin,latin-ext

Requested by

Host: seyler.eksisozluk.com
URL: https://seyler.eksisozluk.com/public/stylesheets/css/embedable.min.css?5782b0a2ee1c5b5dcd96afef099b1439

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd216b4880e34988586831f6b893bfa55a0f502cd0ded6be94eaf3420111afaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://seyler.eksisozluk.com/public/stylesheets/css/embedable.min.css?5782b0a2ee1c5b5dcd96afef099b1439
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 20:45:26 GMT
server: ESF
date: Fri, 30 Oct 2020 21:31:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Oct 2020 21:31:15 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame DE5C 15 KB
986 B 55ms
39ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic,800,800italic&subset=latin,latin-ext

Requested by

Host: seyler.eksisozluk.com
URL: https://seyler.eksisozluk.com/public/stylesheets/css/embedable.min.css?5782b0a2ee1c5b5dcd96afef099b1439

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

171abe6b32ba7e70ee9c9c1b10ba3c848129a91d1d53aca8cd449a1aacff27d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://seyler.eksisozluk.com/public/stylesheets/css/embedable.min.css?5782b0a2ee1c5b5dcd96afef099b1439
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 21:23:10 GMT
server: ESF
date: Fri, 30 Oct 2020 21:31:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Oct 2020 21:31:15 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ Frame DE5C 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic,800,800italic&subset=latin,latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://seyler.eksisozluk.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic,800,800italic&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 09:05:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 44750
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 30 Oct 2021 09:05:25 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ Frame DE5C 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic,800,800italic&subset=latin,latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://seyler.eksisozluk.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic,800,800italic&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 16:29:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 104493
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Fri, 29 Oct 2021 16:29:42 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v18/ Frame DE5C 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic,800,800italic&subset=latin,latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://seyler.eksisozluk.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic,800,800italic&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 25 Oct 2020 10:44:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:25 GMT
server: sffe
age: 470801
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7208
x-xss-protection: 0
expires: Mon, 25 Oct 2021 10:44:34 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ Frame DE5C 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic,800,800italic&subset=latin,latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://seyler.eksisozluk.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic,800,800italic&subset=latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 10:27:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 558196
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7292
x-xss-protection: 0
expires: Sun, 24 Oct 2021 10:27:59 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 419 B
254 B 719ms
687ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1724390901512970&correlator=1639898519552842&output=ldjh&impl=fif&adsid=NT&eid=21068117%2C21068419%2C21068030%2C21067654%2C21066705&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=1024435%2Cdesktop_web_sponsored_title&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie=ID%3D07944f58672a5d61-22a8b40c19b9009c%3AT%3D1604093475%3ART%3D1604093475%3AS%3DALNI_MbiE6L_GkS62vP_4gYjVRuRZtQ29w&bc=31&abxe=1&lmt=1604093476&dt=1604093476087&dlt=1604093474809&idt=498&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=804916931&ucis=1&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&dssz=47&icsg=2251799813726880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&fws=644&ohw=245&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

fed4c5cd99383877c2be24c117b83be3df954c3231497437166458eac4b9111b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eksisozluk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 58ms
13ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 421 B
255 B 431ms
400ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1724390901512970&correlator=1639898519552842&output=ldjh&impl=fif&adsid=NT&eid=21068117%2C21068419%2C21068030%2C21067654%2C21066705&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=1024435%2Cdesktop_web_sponsored_title_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie=ID%3D07944f58672a5d61-22a8b40c19b9009c%3AT%3D1604093475%3ART%3D1604093475%3AS%3DALNI_MbiE6L_GkS62vP_4gYjVRuRZtQ29w&bc=31&abxe=1&lmt=1604093476&dt=1604093476095&dlt=1604093474809&idt=498&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2278761645&ucis=2&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&dssz=47&icsg=2251799813726880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&fws=644&ohw=245&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ac5f308d11c6d55d0f87d3f8234e934aa78d62f733ad45ca0ce49b3408c616c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eksisozluk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 421 B
257 B 247ms
217ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1724390901512970&correlator=1639898519552842&output=ldjh&impl=fif&adsid=NT&eid=21068117%2C21068419%2C21068030%2C21067654%2C21066705&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=1024435%2Cdesktop_web_sponsored_title_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie=ID%3D07944f58672a5d61-22a8b40c19b9009c%3AT%3D1604093475%3ART%3D1604093475%3AS%3DALNI_MbiE6L_GkS62vP_4gYjVRuRZtQ29w&bc=31&abxe=1&lmt=1604093476&dt=1604093476098&dlt=1604093474809&idt=498&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=954013108&ucis=3&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&dssz=47&icsg=2251799813726880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&fws=644&ohw=245&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

37f18e99a917a70f0546981e17b6cffadc801046dd351bceea3f13fd4b0d3ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eksisozluk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 421 B
255 B 384ms
354ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1724390901512970&correlator=1639898519552842&output=ldjh&impl=fif&adsid=NT&eid=21068117%2C21068419%2C21068030%2C21067654%2C21066705&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=1024435%2Cdesktop_web_sponsored_title_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie=ID%3D07944f58672a5d61-22a8b40c19b9009c%3AT%3D1604093475%3ART%3D1604093475%3AS%3DALNI_MbiE6L_GkS62vP_4gYjVRuRZtQ29w&bc=31&abxe=1&lmt=1604093476&dt=1604093476100&dlt=1604093474809&idt=498&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1036604666&ucis=4&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&dssz=47&icsg=2251799813726880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&fws=644&ohw=245&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

af29b4f5393b594b1a8e7166d31bfe5133bbe249e206e012655690f2c2621e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eksisozluk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 447 B
281 B 203ms
173ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1724390901512970&correlator=1639898519552842&output=ldjh&impl=fif&adsid=NT&eid=21068117%2C21068419%2C21068030%2C21067654%2C21066705&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=1024435%2Cdesktop_web_sponsored_title_5&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie=ID%3D07944f58672a5d61-22a8b40c19b9009c%3AT%3D1604093475%3ART%3D1604093475%3AS%3DALNI_MbiE6L_GkS62vP_4gYjVRuRZtQ29w&bc=31&abxe=1&lmt=1604093476&dt=1604093476102&dlt=1604093474809&idt=498&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1385785756&ucis=5&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&dssz=47&icsg=2251799813726880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&fws=644&ohw=245&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

966eb6fe5f1101555a44f0fa41db9e95e632612f81685fdf8288284ba291fcb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eksisozluk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
11 KB 634ms
604ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1724390901512970&correlator=1639898519552842&output=ldjh&impl=fif&adsid=NT&eid=21068117%2C21068419%2C21068030%2C21067654%2C21066705&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=1024435%2Cdesktop_web_masthead_for_nontr&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C728x90%7C970x90&fluid=height&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie=ID%3D07944f58672a5d61-22a8b40c19b9009c%3AT%3D1604093475%3ART%3D1604093475%3AS%3DALNI_MbiE6L_GkS62vP_4gYjVRuRZtQ29w&bc=31&abxe=1&lmt=1604093476&dt=1604093476104&dlt=1604093474809&idt=498&frm=20&biw=1600&bih=1200&oid=3&adxs=450&adys=151&adks=3209717840&ucis=6&ifi=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&dssz=47&icsg=2251799813726880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&fws=4&ohw=970&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d9ade81db32ce19e8ff2e191a6b9535dc44dc61067ff9f4e2b38ec0971555b29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10665
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eksisozluk.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 417 B
252 B 322ms
292ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1724390901512970&correlator=1639898519552842&output=ldjh&impl=fif&adsid=NT&eid=21068117%2C21068419%2C21068030%2C21067654%2C21066705&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=1024435%2Cdesktop_web_affiliate_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie=ID%3D07944f58672a5d61-22a8b40c19b9009c%3AT%3D1604093475%3ART%3D1604093475%3AS%3DALNI_MbiE6L_GkS62vP_4gYjVRuRZtQ29w&bc=31&abxe=1&lmt=1604093476&dt=1604093476106&dlt=1604093474809&idt=498&frm=20&biw=1600&bih=1200&oid=3&adxs=450&adys=497&adks=2799711887&ucis=7&ifi=8&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&dssz=47&icsg=2251799813726880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=645x0&msz=1x1&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&fws=132&ohw=645&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e8b00e4b80971dcd3eb36945382bec8c6310dd751a7b0e04524cbc9f2a998397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eksisozluk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 421 B
828 B 112ms
81ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1724390901512970&correlator=1639898519552842&output=ldjh&impl=fif&adsid=NT&eid=21068117%2C21068419%2C21068030%2C21067654%2C21066705&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=138586269%2Cdesktop_web_sponsored_entry&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie=ID%3D07944f58672a5d61-22a8b40c19b9009c%3AT%3D1604093475%3ART%3D1604093475%3AS%3DALNI_MbiE6L_GkS62vP_4gYjVRuRZtQ29w&bc=31&abxe=1&lmt=1604093476&dt=1604093476109&dlt=1604093474809&idt=498&frm=20&biw=1600&bih=1200&oid=3&adxs=450&adys=517&adks=1065961773&ucis=8&ifi=9&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&dssz=47&icsg=2251799813726880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=645x0&msz=1x1&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&fws=132&ohw=645&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

761640a4cb20449d5f11571d1c282d328dfe274b1f4395c0988e0d7f10769149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eksisozluk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 419 B
249 B 672ms
642ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1724390901512970&correlator=1639898519552842&output=ldjh&impl=fif&adsid=NT&eid=21068117%2C21068419%2C21068030%2C21067654%2C21066705&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=1024435%2Cdesktop_web_affiliate_entry&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie=ID%3D07944f58672a5d61-22a8b40c19b9009c%3AT%3D1604093475%3ART%3D1604093475%3AS%3DALNI_MbiE6L_GkS62vP_4gYjVRuRZtQ29w&bc=31&abxe=1&lmt=1604093476&dt=1604093476113&dlt=1604093474809&idt=498&frm=20&biw=1600&bih=1200&oid=3&adxs=450&adys=739&adks=3690430706&ucis=9&ifi=10&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&dssz=47&icsg=2251799813726880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=645x0&msz=1x1&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&fws=132&ohw=645&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

663919b41080de2cbe5efe27f4f51ab9c22e8773b24f261a14a30cc4a026ae56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eksisozluk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 415 B
253 B 174ms
144ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1724390901512970&correlator=1639898519552842&output=ldjh&impl=fif&adsid=NT&eid=21068117%2C21068419%2C21068030%2C21067654%2C21066705&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=138586269%2Cdesktop_web_countdown&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie=ID%3D07944f58672a5d61-22a8b40c19b9009c%3AT%3D1604093475%3ART%3D1604093475%3AS%3DALNI_MbiE6L_GkS62vP_4gYjVRuRZtQ29w&bc=31&abxe=1&lmt=1604093476&dt=1604093476118&dlt=1604093474809&idt=498&frm=20&biw=1600&bih=1200&oid=3&adxs=1120&adys=441&adks=1327562847&ucis=a&ifi=11&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&dssz=47&icsg=2251799813726880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=1x1&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&fws=132&ohw=300&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e42a862f0837175c626776c36809fdcb8d0ecaff53a89644ba07e285226d8946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 221
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eksisozluk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 77 KB
16 KB 1028ms
999ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1724390901512970&correlator=1639898519552842&output=ldjh&impl=fif&adsid=NT&eid=21068117%2C21068419%2C21068030%2C21067654%2C21066705&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=1024435%2Cdesktop_web_side&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x600%7C250x250%7C200x200%7C120x600%7C300x250%7C160x600&fluid=height&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie=ID%3D07944f58672a5d61-22a8b40c19b9009c%3AT%3D1604093475%3ART%3D1604093475%3AS%3DALNI_MbiE6L_GkS62vP_4gYjVRuRZtQ29w&bc=31&abxe=1&lmt=1604093476&dt=1604093476122&dlt=1604093474809&idt=498&frm=20&biw=1600&bih=1200&oid=3&adxs=1120&adys=461&adks=3270089674&ucis=b&ifi=12&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&dssz=47&icsg=2251799813726880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&fws=4&ohw=300&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ffc7ea008565c2aa54dc729ce4df5742378d1375285da00bb2ad34af666e7b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16494
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eksisozluk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 15ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=184&cb=14928165678
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Fri, 30 Oct 2020 21:31:16 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://eksisozluk.com
timing-allow-origin: *
vary: Origin

POST
H2 204 csm
bidder.criteo.com/ 0
144 B 15ms
14ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Fri, 30 Oct 2020 21:31:15 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://eksisozluk.com
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 16ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=184&cb=3737104548
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Fri, 30 Oct 2020 21:31:15 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://eksisozluk.com
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK async.js Show response
app.gelirartisi.com/ 21 KB
4 KB 63ms
62ms Script
text/javascript 31.186.26.160
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gelirartisi.com/async.js?zid=72

Requested by

Host: app.networkad.net
URL: https://app.networkad.net/netasync.js?zid=571

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

31.186.26.160 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),

Reverse DNS

reverse-31-186-26-160.turkticaret.net

Software

Resource Hash

90c3ebb4ff9039f48e2635059c1c718cc47e0ac516432e251f0c9f9324d0f938

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 21:31:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Type: text/javascript
X-XSS-Protection: 1; mode=block

POST
H2 204 csm
bidder.criteo.com/ 0
144 B 16ms
16ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Fri, 30 Oct 2020 21:31:16 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://eksisozluk.com
timing-allow-origin: *
vary: Origin

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010200130000/ Frame 149F 204 KB
56 KB 29ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214729
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56832
x-xss-protection: 0
server: sffe
date: Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fc56d6feccb35077"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Oct 2021 09:52:27 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 149F 14 KB
5 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214729
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
server: sffe
date: Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "daa4412bcb5a8fd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Oct 2021 09:52:27 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 149F 96 KB
29 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214729
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29527
x-xss-protection: 0
server: sffe
date: Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f91dfcaf1b61c8c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Oct 2021 09:52:27 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 149F 4 KB
2 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214729
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
server: sffe
date: Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2c1d882225e4ba30"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Oct 2021 09:52:27 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 149F 45 KB
14 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214729
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14145
x-xss-protection: 0
server: sffe
date: Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88dc985411e715a7"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Oct 2021 09:52:27 GMT

GET
DATA 200
OK truncated
/ Frame 149F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 685afb807314345acd896018e3f2ae8061b69e1443ec6f8f0bebc8a8b2426cb5

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 485973749708982978
tpc.googlesyndication.com/simgad/ Frame 149F 113 KB
114 KB 7ms
5ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/485973749708982978?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkeFzeD95EJ6yGJffUD9EL1UHq0Qg

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c9225038a7e709c9356ec384dc133c3031859517d19e6962d1f1347f6b715e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 02:19:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 27 Sep 2020 07:33:21 GMT
server: sffe
age: 69085
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116062
x-xss-protection: 0
expires: Sat, 30 Oct 2021 02:19:51 GMT

GET
H2 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 149F 3 KB
3 KB 13ms
12ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 11:14:19 GMT
x-content-type-options: nosniff
server: cafe
age: 37017
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3057
x-xss-protection: 0
expires: Sat, 31 Oct 2020 11:14:19 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 149F 344 B
465 B 10ms
9ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 35867
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 31 Oct 2020 11:33:29 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 149F 0
0 15ms
14ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSdjRsh8GFflF9SNtSGN0DYm9qfaXv831luEwblW3cI2WK8viY_GepSw8OMYrXjF7moJKj1
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 149F 0
0 38ms
38ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGaygJIacX4LPIaeQ7_UPiaGGuAm8uJX2X7LluoX1C8GEwPz6ARABIO2GtShg-4GAgIgKoAGHg7_3A8gBAuACAKgDAcgDCKoE3gFP0EfC_bbfgAT_12sgiTeYwAUU2RhANkxzySWvNPiDsZmNKiT4I0hR1XqjZHaBkFN4X4P5GbvOMSKDhIJYZMoxR_dqTLrXJ3S89wGYhhhcwgOQrxm6NetQEufyWY_Zik4alW1sPiM2GdxGbLqX3PXscoFFo8MWndk3TJGJVzrBA9cK-wv-EwhmnAUbndN2Pnt420675baKcMdQ825EN5kJSVPOSZ78REGkI9t08MSe6n5LxPsG44wJkLxL88NTLbv4XP1h78t3rM7AD2vfnFjrt9bNTROPRhAfHZED0fXABLKQl5uMA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfk9JeJAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCNmQLSCAkIgOGAcBABGB2ACgPICwGyDBRwdWItNzIwMTAyOTM1MjMwODYxNsIMAggB2BMN&sigh=VOrW7YOeQ-A&tpd=AGWhJmufWRLTc3EnDB-UNpU6HtYB947LgmDSUCmcgxCpy5-OFQ
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK gart.min.js Show response
app.gelirartisi.com/ 190 KB
61 KB 62ms
62ms Script
text/javascript 31.186.26.160
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gelirartisi.com/gart.min.js?v=1.0

Requested by

Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/async.js?zid=72

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

31.186.26.160 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),

Reverse DNS

reverse-31-186-26-160.turkticaret.net

Software

Resource Hash

d1768f597975398436ccf4091d1facc7e323e959e9f0ba3882da6f9046ce24d9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 21:31:16 GMT
Content-Encoding: gzip
Last-Modified: 1604093476000
ETag: 194636-1604093476000
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 149F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

30ms
30ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/virustotal--1675794?p=3
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 30 Oct 2020 21:31:16 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 485973749708982978
tpc.googlesyndication.com/simgad/ Frame 149F 113 KB
113 KB 6ms
5ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/485973749708982978?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkeFzeD95EJ6yGJffUD9EL1UHq0Qg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c9225038a7e709c9356ec384dc133c3031859517d19e6962d1f1347f6b715e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 02:19:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 27 Sep 2020 07:33:21 GMT
server: sffe
age: 69085
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116062
x-xss-protection: 0
expires: Sat, 30 Oct 2021 02:19:51 GMT

GET
H3-Q050 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 149F 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 11:14:19 GMT
x-content-type-options: nosniff
server: cafe
age: 37017
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3057
x-xss-protection: 0
expires: Sat, 31 Oct 2020 11:14:19 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 149F 344 B
438 B 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 35867
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 31 Oct 2020 11:33:29 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
168 B 87ms
30ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.min.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 30 Oct 2020 21:31:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://eksisozluk.com
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 177ms
101ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11252&site_id=222410&zone_id=1363034&size_id=65&p_pos=unknown&rf=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&tk_flint=pbjs_lite_v2.2.0-pre&x_source.tid=adc1941d-7208-4668-b0d9-92834ded72e4&p_screen_res=1600x1200&rp_floor=2&rp_secure=1&slots=1&rand=0.8003910487913577
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.min.js?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9acfe79b3367dbfeea157e2035f17eb98f1001508a8a191c51524cce721441e8

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 30 Oct 2020 21:31:17 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://eksisozluk.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 15ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=16&wv=2.2.0-pre&cb=9735353903
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.min.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 30 Oct 2020 21:31:16 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://eksisozluk.com
timing-allow-origin: *
vary: Origin

GET
H2 200 syncframe
gum.criteo.com/ Frame 59DC 0
0 49ms
16ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=eksisozluk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=eksisozluk.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eksisozluk.com/virustotal--1675794?p=3
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eksisozluk.com/virustotal--1675794?p=3

Response headers

status: 200
cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 501
date: Fri, 30 Oct 2020 21:31:16 GMT
content-length: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201027&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edb9590ff9e217259ed4c56b31d5d0cbd0d5461f7b52982f70a96f37b8049bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Oct 2020 21:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6348
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201027/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 30 Oct 2020 21:31:17 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame B5FB 0
0 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eksisozluk.com/virustotal--1675794?p=3
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eksisozluk.com/virustotal--1675794?p=3

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Fri, 30 Oct 2020 21:05:14 GMT
expires: Sat, 30 Oct 2021 21:05:14 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1563
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
66 B 16ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201027&jk=1724390901512970&bg=!1tWl1fXNAAVp0lmVaVidVHmWeui8pwIAAABAUgAAAA0KAe46uoWbF-mkd2Il01gsBOTxsuwoaUlo3Q5pKAfs5ONOrWw1YnoFzrxhQ6lrMzvDyAc2zAd8FvRg0Hxzh2kQulxmJ46OodMGuKX1XKPuTwe4T6NknUlg3RxhfbRW4-v9hHrHFtILya_RV-x5o1uWTo_rLD3NFrVaI_Pg65AVb1TW7XIALUnyDLkzkgpOZjtA-BInA65V0njNdttOZ5xbey5iWE-tk8wfU1j6ijcu2rTkjUu0XfoGnIFS16jmuiLbaC7xSTrH886nxkjxJAaJYZGuZcVv_N6qoLIEkLMqpCZrkwkf0vonIRT6JCdjSOC1aY0zwnqAXk3YlyBqHvZFhNSI5fJeF3Pw48qIWwyMV_tFY5wMT7PCbCU6GqvTcv0ogvlyR4OQALT5OzqBAHknZOb0UbWJXPpcYz5LEsBrVOt_FyC_JSY9efjLd-pHmqW0s3TG_SmRDYV218aCmdhjuKpmM1gwC8KL1DCwDdJqoipDi1fJIA7nCffoM4fy4K92n7fxqPcHM2KcmLkKJIqxMfRsFeNz6VkDCUAZL12yylpJllbKbaQIf6FQlUBUwiloaBzFNgD-xDPUWVI6LXBXGy84BManvxBZ236JewyHWtEArpSyeL7vfbTH3P0naEnmwrw-b-MMm4tAoHng1y8WvZkBp6WnnZ9JOp5BG-uxl7gSHmAAwgMpAEshfNpVOXKovWHxnIYjJgox8zyQZgtXoaShai9YlVNrn5FlV8zKUqFgu1WFmMZ7kFWRvirQTXHM3cIj2C9ex1xoVBwizFnOkrSNygGky6x1BE_crc1MopuxZ_FWMpv78jNyy4Lje6Edk7G8FOD8GplV55a_zMM79WXxsyoRPcmyMlEyLdc1IlTZiKlWGu9X0sxPt0dKNhax8KB9VnBJf0btm01pP-ebnf5ktPxDdZCrYyYsYqDQBaADc1mhihSTU405xVCgDN-jmhwznO5paXgse9knvvcWZLWspZR7SKdBjwi615DO_b5fK1ViJpTnbMujzDttALDz7JBY69Sz1PwOVk6ZoZVvFlADmdkhvZscUzsRy-IwAhyAQ-klc7tK1aT8xthxm46bfJUHn7DnESp_X2DZIemJfFD57i-cvogh_wBxsgSTAdUmN0Ilozsjsq-tbd_D3lBBeA3znBzdCX36_h01jJDlilMGLZyRqhzGE0k4wAib4nvxsHeuAxAJ-etmKUyw7V1kAlKFT5Ojbm7E3w

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 6F2E 0
0 34ms
21ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eksisozluk.com/virustotal--1675794?p=3
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eksisozluk.com/virustotal--1675794?p=3

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Fri, 30 Oct 2020 21:31:16 GMT
expires: Sat, 30 Oct 2021 21:31:16 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 149F 42 B
209 B 19ms
18ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlGuugCcwDTBvak94CsSNQuL5_soZ2-ZGirT_ji7zdC-sVh9MTntaBXI10Gg6vskxDHLp2EdORQkvIj8DT0MUmkqCQCBZZp_nSR7zp2DFfGjFGOySShf4oWbd74w&sai=AMfl-YT1raMrazCW9oQ4EGBEQEdIfyHSTRbiNokSzH7il63KvGRp05afqO6-_Fgb7dX0NHHF8vNynXL0utgmP5KyIc26ghe-yf7EiWMCmSmueomFT7lOLid5cu9gYLE&sig=Cg0ArKJSzD6hyxuBHL8UEAE&cid=CAASPeRo9MUH1_JSlKJal_uzASXg_EluZBa26tJeNSGuAVCSqJIqpRNYavbXzXxvT35Cnv_ThTwwPeVXMOHFvjc&id=ampim&o=450,151&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=120&tls=1120&g=100&h=100&tt=1120&r=v&avms=ampa&adk=3209717840

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inview.js Show response
s1.adform.net/banners/scripts/video/outstream/ 46 KB
18 KB 114ms
36ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/video/outstream/inview.js
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/async.js?zid=72
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 87abc1f798f1622a50a952046ac2f1d90370a534c351e158f4e9e7304ccc6114

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:18 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 06:12:31 GMT
server: nginx
etag: W/"5f7ab94f-b8e0"
x-cache-status: HIT
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 recacheFrame.html
s1.adform.net/banners/scripts/video/outstream/ Frame 514B 0
0 264ms
264ms Document
text/html 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/video/outstream/recacheFrame.html?rnd=1604093478453
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/video/outstream/inview.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: s1.adform.net
:scheme: https
:path: /banners/scripts/video/outstream/recacheFrame.html?rnd=1604093478453
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eksisozluk.com/virustotal--1675794?p=3
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=2947629299208664727
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eksisozluk.com/virustotal--1675794?p=3

Response headers

status: 200
server: nginx
date: Fri, 30 Oct 2020 21:31:18 GMT
content-type: text/html
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public max-age=604800
content-encoding: gzip
x-cache-status: MISS

GET
H2 200 / Show response
adx.adform.net/adx/ 28 B
556 B 107ms
105ms Script
text/javascript 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&&bWlkPTc4MjAwOSZ0PTI%3D&callback=_adform1604093478606

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/video/outstream/inview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0e70057ed7aae32a8d5866b35b810dcfd3a9823fe93d79f8f78a12ee24fa840b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:18 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 150
expires: -1

GET
H2 200 /
track.adform.net/Serving/TrackPoint/ 35 B
395 B 38ms
37ms Image
image/gif 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=115483&ADFPageName=OutStream%20tracker&ADFdivider=|&itm=%7B%22product%22%3A%22outstream%22%2C%22mid%22%3A%22782009%22%2C%22bn%22%3Anull%2C%22format%22%3A%22inview%22%2C%22skipButtonLabel%22%3A%22%20%22%2C%22pmpId%22%3A%22782009%22%2C%22visibleThreshold%22%3A50%2C%22timeThreshold%22%3A2%2C%22initOnInscreen%22%3A%22true%22%2C%22closeOnComplete%22%3A%22true%22%2C%22aspectRatio%22%3A1.7777777777777777%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Oct 2020 21:31:18 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 81 KB
17 KB 315ms
315ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1724390901512970&correlator=978637025131160&output=ldjh&impl=fif&adsid=NT&eid=21068117%2C21068419%2C21068030%2C21067654%2C21066705&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=143803854%2Ceksisozluk_ad_2020_640x480&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x480&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie=ID%3D07944f58672a5d61%3AT%3D1604093475%3AS%3DALNI_MYJTciP4tVFS-KrVgMDLq5R-iI_KA&bc=31&abxe=1&lmt=1604093478&dt=1604093478720&dlt=1604093474809&idt=498&frm=20&biw=1600&bih=1200&oid=3&adxs=450&adys=739&adks=301512782&ucis=c&ifi=13&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&dssz=67&icsg=2728394752&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=645x0&msz=640x480&ga_vid=545121622.1604093475&ga_sid=1604093475&ga_hid=1435319533&fws=132&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

31142302d3d09be45f533e806febcfb30e570c2eee168e11e751a81c52f45df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eksisozluk.com/virustotal--1675794?p=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17806
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eksisozluk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1B63 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068419

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eksisozluk.com/virustotal--1675794?p=3
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eksisozluk.com/virustotal--1675794?p=3

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Fri, 30 Oct 2020 21:31:16 GMT
expires: Sat, 30 Oct 2021 21:31:16 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.seyler.eksisozluk.com/	1970-01-19 13:34:57	Name: sey_id Value: 5111aef1e5aa1994d41758fb403edcd5
.eksisozluk.com/	1970-01-19 13:36:19	Name: _gid Value: GA1.2.51008561.1604093475
.eksisozluk.com/	1970-01-19 22:56:29	Name: __gads Value: ID=07944f58672a5d61:T=1604093475:S=ALNI_MYJTciP4tVFS-KrVgMDLq5R-iI_KA
.hit.gemius.pl/	1970-01-21 11:31:12	Name: Gdyn Value: KlGUvMMGQMQGx_4mz7gLmKXWssGMXP8c25nSG4-sneLIM5eSP_RmbvgaojQGmsRGxRSWQMhrGGKRysKsXj5GqSRxSG8.
.hit.gemius.pl/	1970-01-21 11:31:12	Name: Gtest Value: KlxCzRXGQMQGx_4mz7gLmKXWssGMXP8c25nSG4-sneLIM5eSP_RmbvoiMG..
.eksisozluk.com/	1970-01-20 13:34:53	Name: __gfp_64b Value: IWqBSsA1wEJ974AN_1CZhw7j9pUe7OEUDHuPx.bWwk3.z7
.eksisozluk.com/	1970-01-19 13:34:53	Name: _gat Value: 1
eksisozluk.com/	1970-01-19 13:34:54	Name: lastnwcrtid_571 Value: {}
.eksisozluk.com/	1970-01-20 07:06:05	Name: _ga Value: GA1.2.545121622.1604093475
.doubleclick.net/	1970-01-19 13:34:57	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 22:56:29	Name: IDE Value: AHWqTUlwNU4REdV2bhJszt4hyC6yNC01VW1NzYr0n36jbOn03B3KPIgEGoiYwQpr
eksisozluk.com/	1969-12-31 23:59:59	Name: channel-filter-preference-cookie Value: W3siSWQiOjEsIlByZWYiOnRydWV9LHsiSWQiOjIsIlByZWYiOnRydWV9LHsiSWQiOjQsIlByZWYiOnRydWV9LHsiSWQiOjUsIlByZWYiOnRydWV9LHsiSWQiOjEwLCJQcmVmIjpmYWxzZX0seyJJZCI6MTEsIlByZWYiOmZhbHNlfSx7IklkIjozOSwiUHJlZiI6ZmFsc2V9XQ==
eksisozluk.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 4j0nux4kydbcg34opvgprdlb
eksisozluk.com/	1970-01-19 22:20:29	Name: iq Value: 2a44b3ca55394b589d5d6d6e62764cab

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010200130000 https://eksisozluk.com/virustotal--1675794?p=3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7cc8f6e1dab47e6aea3a3a5c67023034.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
app.gelirartisi.com
app.networkad.net
bidder.criteo.com
cdn.ampproject.org
cm.g.doubleclick.net
delivery.adrecover.com
eksisozluk.com
ekstat.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gatr.hit.gemius.pl
googleads.g.doubleclick.net
gum.criteo.com
l.sharethis.mgr.consensu.org
ls.hit.gemius.pl
match.adsrvr.org
nativespot.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
prebid-eu.creativecdn.com
s1.adform.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
serv.nspot.co
seyler.eksisozluk.com
seyler.ekstat.com
static.criteo.net
stats.g.doubleclick.net
sync.sharethis.com
tpc.googlesyndication.com
track.adform.net
uip.semasio.net
uipglob.semasio.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
138.201.212.22
149.202.200.33
149.202.204.241
172.217.18.162
172.217.23.162
176.53.43.14
176.53.43.6
178.250.0.165
18.197.91.241
185.184.8.30
2.18.233.201
2.19.34.195
205.234.175.175
216.58.212.162
2606:4700:3030::681b:8732
2606:4700:3034::6812:25c6
2a00:1450:4001:800::2001
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:816::2001
2a00:1450:4001:816::2002
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:4001:81b::200a
2a00:1450:4001:81f::200a
2a00:1450:400c:c01::9b
2a02:2638::1c
2a02:2638::3
3.121.118.243
31.186.26.160
35.157.10.141
37.157.5.71
37.157.6.246
52.17.253.7
69.173.144.141
77.243.60.138
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0e70057ed7aae32a8d5866b35b810dcfd3a9823fe93d79f8f78a12ee24fa840b
171abe6b32ba7e70ee9c9c1b10ba3c848129a91d1d53aca8cd449a1aacff27d5
1cef32ce5655498707172fb601cdd61261638ad57703e5c2ce031f0478eeb76b
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
25d2dd552e478fc445ef10d481020f13a4dc463325a4e4afd41823e5a85a20e2
2894995626c7b1d7b61783a2123a862c0bdb6f9d4a48d36fc319363d44def4fa
29dc5392c761c2c8305b2063fadd14b1c41fb030879fd4cbaa1d7020189392aa
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
31142302d3d09be45f533e806febcfb30e570c2eee168e11e751a81c52f45df3
31bd1fcc22fb57e99cb0a49ab2e715ac4dbaa20d50c3fdca0fb670ba08dcb006
35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a
37b710eb5f4a569d16befb37015a683e8fb4e5cd9e4ce77ad67a27078e43a470
37ddf26ba9e420ad61600e0d05c4227e376d3b9767d4a6637368fe763f9cacd0
37f18e99a917a70f0546981e17b6cffadc801046dd351bceea3f13fd4b0d3ef0
3dc07588699fb0adc2702b0e8734bfabdbe45c1838e4fb2884511264bb9ef0a0
40aa39f97affadb78c48cccb42baa7e711ddb25df90008648a29f4463ec9fc98
4221073bf9ba1e838313b18d950426bf6163db92969e234e502c6a168e2bd297
4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
4c9e4ffd6c3dbac6116ceb3896d0e727a70a19bfdb9a98b2862660b7e0e1f9d2
5264de518eabd510c8abb7c6950b9c502460cf474201ff893ca8178e2bce655f
534105573bbd0f55a1dae664ce0662c1462b5b1e501da90035001bb2ea79015d
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
586f76dc6bb5b23638b5952b115013e6cde86c5d0b18d071fc7a5b2a21787ff7
5902b209a7fbce48b1281a8241b799f7eaad0bc2ed3425f388a240d10d6d915c
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
663919b41080de2cbe5efe27f4f51ab9c22e8773b24f261a14a30cc4a026ae56
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
68401f320aa29dd010f3ef8ddf259cec6ec70002962a0fd1512375b323344817
685afb807314345acd896018e3f2ae8061b69e1443ec6f8f0bebc8a8b2426cb5
6918ecad44d1dfa8f718cc08ae8235567e594ae5611757af5422a3ba3b07eee6
69efe16b3397fa4554362b00899ddce508a20f4b75cfa7a4079d9a98253957ca
6e67e9b1a69aa45e7d0720d75dd9412d8acc5e66b9d32bd5c4f7a81de8c640d8
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
761640a4cb20449d5f11571d1c282d328dfe274b1f4395c0988e0d7f10769149
795cb52c549cd19d20b47ffbe4438476b4978901fa1ef914ef8846a1b1ac0791
7ce69aa67da8b2d2b21a282ae8df60a4d63944bf4de6e0a414c0c5e3fcb8b8e8
7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd
81f9d62ed3e048833ed7dba3265becbd60bda40f5c4355c09d71ee46e617a35a
8284a514ff1f3be99f0d94e891efc2eb71a3ee8b80c6c1e5ef350cca9d8fe942
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87abc1f798f1622a50a952046ac2f1d90370a534c351e158f4e9e7304ccc6114
90c3ebb4ff9039f48e2635059c1c718cc47e0ac516432e251f0c9f9324d0f938
91c9225038a7e709c9356ec384dc133c3031859517d19e6962d1f1347f6b715e
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
966eb6fe5f1101555a44f0fa41db9e95e632612f81685fdf8288284ba291fcb7
9acfe79b3367dbfeea157e2035f17eb98f1001508a8a191c51524cce721441e8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a38040847e432da96f7c228e4f801473f495f9f9df8bb84f7c7b3489daa39f0f
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a95d0e00cf358b8439ea4cd936ebc47dea4f8c2ee3cd5ca6f3d68751c830b3ec
aba7e32d0ec931b53513d968dc83cd218665cd114a2a11473b1d1a0dd12d9307
ac5f308d11c6d55d0f87d3f8234e934aa78d62f733ad45ca0ce49b3408c616c8
af29b4f5393b594b1a8e7166d31bfe5133bbe249e206e012655690f2c2621e51
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bac1e8323c39577c182023ca3d1c0b003161beb63d0d6e370426a2592d38c829
bbd9db9f3806eeabee74f5e6e5563820b0dad301cae6ef3fa3cd26a3791d8d97
c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa
c4c9d4f6fbcbe3b591646b902e33b914083d983374cf38cefcd6054ccc5dd3b3
c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72
cde9dcd68532838b4f262c50a055acbbb78ed3a8cff28ee790cc776d0c09bd90
cf1d1b1777f474858170e41e9c28e06c36fede73537ccd9edc2881ecdaf3e968
d1768f597975398436ccf4091d1facc7e323e959e9f0ba3882da6f9046ce24d9
d3679b750dd0a66680fbf9a9c7db618d270ad07b9e0980fa46eab338c15da90c
d5c4ae8510c5dbee07f252414f48a27761f82b0303ba359d6e9c3452b2fe850c
d8b2f2f59006d8564134304bbbc9c9815971c82786d28339f0c764ca8166c5f3
d9ade81db32ce19e8ff2e191a6b9535dc44dc61067ff9f4e2b38ec0971555b29
de7fd28be2467ce52eb95b7ff15f6d6dbad53191e84737923352b511a63e0fd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a862f0837175c626776c36809fdcb8d0ecaff53a89644ba07e285226d8946
e43d265064f7aecae6ca57314a87e2f284af29f8c7cfd085849dfcf5a8dffe30
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873
e8b00e4b80971dcd3eb36945382bec8c6310dd751a7b0e04524cbc9f2a998397
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
edb9590ff9e217259ed4c56b31d5d0cbd0d5461f7b52982f70a96f37b8049bcd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25294f5d08cd1f0ee1f374743e95857cc0be1300f22197afc4efda6f6dad6c5
f42341817d99dec29d6694f80852e95f3b150104a3896fd9eeb0ff9b3aa09cad
f9fa12248fa0ce1c3cfc9b222fc921d864b178cb28bfc70672086176c97af344
fa7c2cd8fa0196bca6e808ed4259571ad5ff7372f37de837a16fd90aaca7e51d
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
fd216b4880e34988586831f6b893bfa55a0f502cd0ded6be94eaf3420111afaf
fda05a10ec6c13051fae0527485ef66cbca97ecec17e3124dad8a6a7224a22e8
fed4c5cd99383877c2be24c117b83be3df954c3231497437166458eac4b9111b
ffc7ea008565c2aa54dc729ce4df5742378d1375285da00bb2ad34af666e7b52

eksisozluk.com Open in urlscan Pro 176.53.43.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

128 Requests

100 %HTTPS

42 %IPv6

30 Domains

46 Subdomains

34 IPs

9 Countries

1304 kBTransfer

3635 kBSize

14 Cookies

8 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

eksisozluk.com Open in urlscan Pro
176.53.43.6 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

100 %
HTTPS

42 %
IPv6

30
Domains

46
Subdomains

34
IPs

9
Countries

1304 kB
Transfer

3635 kB
Size

14
Cookies

128 HTTP transactions
1 data transactions