urlscan.io logo urlscan.io
SecurityTrails logo

www.firmasec.com Open in urlscan Pro
78.46.163.37  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://firmasec.com/
Effective URL: http://www.firmasec.com/
Submission: On October 10 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 33 HTTP transactions. The main IP is 78.46.163.37, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.firmasec.com.
This is the only time www.firmasec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    78.47.14.235 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.14.47.78.clients.your-server.de
firmasec.com
13    78.46.163.37 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.37.163.46.78.clients.your-server.de
www.firmasec.com
1    2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    2a00:1450:4009:806::2002 (London, United Kingdom)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
www.googletagservices.com
3    78.47.108.9 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.108.47.78.clients.your-server.de
ads.beril.com
2    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
13 www.firmasec.com www.firmasec.com
4 pagead2.googlesyndication.com www.firmasec.com
pagead2.googlesyndication.com
3 ads.beril.com www.firmasec.com
ads.beril.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com 1 redirects www.firmasec.com
2 www.google.com 1 redirects www.firmasec.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.google.de www.firmasec.com
1 stats.g.doubleclick.net 1 redirects
1 fonts.googleapis.com www.firmasec.com
1 firmasec.com 1 redirects
33 15

This site contains links to these domains. Also see Links.

Domain
beril.com
Subject Issuer Validity Valid
www.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://www.firmasec.com/
Frame ID: FAD875038C95F4AD05154DF18554317C
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/zrt_lookup.html
Frame ID: 6782426B8A38FD89DE2D95744E02D2A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5413411280585736&output=html&adk=1812271804&adf=3025194257&lmt=1602354037&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.firmasec.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602354037567&bpp=15&bdt=319&idt=130&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=363505610096&frm=20&pv=2&ga_vid=352260785.1602354038&ga_sid=1602354038&ga_hid=1070326103&ga_fc=1&iag=0&icsg=36488&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067104%2C21067947&oid=3&pvsid=3799971283281546&pem=961&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=155
Frame ID: 6DBED36704D4DC2C520E3C52EA7FAC59
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 97D05FDCC14CCA0F1D0E2CE15A112D3B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://firmasec.com/ HTTP 301
    http://www.firmasec.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

33
Requests

42 %
HTTPS

73 %
IPv6

10
Domains

15
Subdomains

9
IPs

3
Countries

458 kB
Transfer

967 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://firmasec.com/ HTTP 301
    http://www.firmasec.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 21
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=613864158&utmhn=www.firmasec.com&utme=8(Ana%20Sayfa)9(Ana%20Sayfa)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Firma%20se%C3%A7%20%2F%20firmasec.com&utmhid=1070326103&utmr=-&utmp=%2F&utmht=1602354037601&utmac=UA-54841386-1&utmcc=__utma%3D13758880.352260785.1602354038.1602354038.1602354038.1%3B%2B__utmz%3D13758880.1602354038.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1954163372&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=613864158&utmhn=www.firmasec.com&utme=8(Ana%20Sayfa)9(Ana%20Sayfa)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Firma%20se%C3%A7%20%2F%20firmasec.com&utmhid=1070326103&utmr=-&utmp=%2F&utmht=1602354037601&utmac=UA-54841386-1&utmcc=__utma%3D13758880.352260785.1602354038.1602354038.1602354038.1%3B%2B__utmz%3D13758880.1602354038.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1954163372&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54841386-1&cid=352260785.1602354038&jid=1954163372&_v=5.7.2&z=613864158 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=352260785.1602354038&jid=1954163372&_v=5.7.2&z=613864158 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=352260785.1602354038&jid=1954163372&_v=5.7.2&z=613864158&slf_rd=1&random=3867463936

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.firmasec.com/
Redirect Chain
  • http://firmasec.com/
  • http://www.firmasec.com/
39 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.firmasec.com/
Protocol
HTTP/1.1
Server
78.46.163.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.37.163.46.78.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5cbe9e1047617cd63984bda4d9da6f030c245e4aa14a0c7607c085f5a79f5bbf

Request headers

Host
www.firmasec.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sat, 10 Oct 2020 18:20:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
HrtFrb1573110=+%23+10-10-2020+21%3A20%3A37; expires=Tue, 13-Oct-2020 18:20:37 GMT; Max-Age=259200; path=/ HrtFrb1573111=%2F+%23+10-10-2020+21%3A20%3A37; expires=Tue, 13-Oct-2020 18:20:37 GMT; Max-Age=259200; path=/ PHPSESSID=6lonmro597vj0tajg5l4cbmecv; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sat, 10 Oct 2020 18:20:37 GMT
Content-Type
text/html
Content-Length
194
Connection
keep-alive
Location
http://www.firmasec.com/
css.css
www.firmasec.com/ 		69 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.firmasec.com/css.css?ver=2823515997
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/
Protocol
HTTP/1.1
Server
78.46.163.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.37.163.46.78.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
86e5da45742814212cb0c062e149d03c1e07e0bd47cc370e30b8e810dc0e3274

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Sat, 10 Oct 2020 18:20:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Oct 2020 10:28:06 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5f803b36-11219"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000, public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 09 Nov 2020 18:20:37 GMT
css
fonts.googleapis.com/ 		807 B
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Fjalla+One&subset=latin,latin-ext
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf345d1c6e88181388e85967651f4e837a012642758665fe0e2a4248f0522839
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 10 Oct 2020 18:20:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 10 Oct 2020 18:20:37 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Sat, 10 Oct 2020 18:20:37 GMT
js.js
www.firmasec.com/ 		34 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.firmasec.com/js.js?cd=1308141217
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/
Protocol
HTTP/1.1
Server
78.46.163.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.37.163.46.78.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1856451d1fe1b444227290b168688d4d8b16ccf6110ad681133f2f2dcc3aba45

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Sat, 10 Oct 2020 18:20:37 GMT
Last-Modified
Sat, 03 Oct 2020 18:17:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f78c021-896b"
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35179
Expires
Mon, 09 Nov 2020 18:20:37 GMT
ads.js
www.google.com/adsense/search/ 		184 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4e06b4750f82e0d6afcecac0f24a4854754bc0ab326d8b1ea863bd15c94eb71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 18:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"2384798976340182550"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=3600
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 10 Oct 2020 18:20:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		131 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:806::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1825b9553f829d9e056b9930feef63761b8d7de8458c84b9e020af2841ae1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 18:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45810
x-xss-protection
0
server
cafe
etag
4194128766866836437
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 10 Oct 2020 18:20:37 GMT
test-server.png
www.firmasec.com/_res/banner/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.firmasec.com/_res/banner/test-server.png
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/
Protocol
HTTP/1.1
Server
78.46.163.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.37.163.46.78.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f6efd4c6c2483176495ad56d60b0af220f9703c50579748015a540af087adfeb

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Sat, 10 Oct 2020 18:20:37 GMT
Last-Modified
Thu, 06 Aug 2020 20:44:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f2c6b95-585"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1413
Expires
Mon, 09 Nov 2020 18:20:37 GMT
test-browser.png
www.firmasec.com/_res/banner/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.firmasec.com/_res/banner/test-browser.png
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/
Protocol
HTTP/1.1
Server
78.46.163.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.37.163.46.78.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c4dcfbf150abb3297a3c8d96a9740709737585e753feb3bf5505c927c26c7074

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Sat, 10 Oct 2020 18:20:37 GMT
Last-Modified
Thu, 06 Aug 2020 20:44:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f2c6b95-6b6"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1718
Expires
Mon, 09 Nov 2020 18:20:37 GMT
ssl-pulse.png
www.firmasec.com/_res/banner/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.firmasec.com/_res/banner/ssl-pulse.png
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/
Protocol
HTTP/1.1
Server
78.46.163.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.37.163.46.78.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
94df9d31c591e260b02bf7cf49a123f2b2e5a8b18eef2f7693bf82c7e8eed018

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Sat, 10 Oct 2020 18:20:37 GMT
Last-Modified
Thu, 06 Aug 2020 20:44:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f2c6b95-3fa"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1018
Expires
Mon, 09 Nov 2020 18:20:37 GMT
best-practices.png
www.firmasec.com/_res/banner/ 		906 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.firmasec.com/_res/banner/best-practices.png
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/
Protocol
HTTP/1.1
Server
78.46.163.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.37.163.46.78.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e05fa4c70984fcc308328993b04205bf3390024be6efd470d7d3c7cf0fd249d6

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Sat, 10 Oct 2020 18:20:37 GMT
Last-Modified
Thu, 06 Aug 2020 20:44:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f2c6b95-38a"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
906
Expires
Mon, 09 Nov 2020 18:20:37 GMT
asyncjs.php
ads.beril.com/www/delivery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.beril.com/www/delivery/asyncjs.php
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/
Protocol
HTTP/1.1
Server
78.47.108.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.108.47.78.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
c9b51349692c41316ffbe4c41c84e32255c99543682b3051a42e2d68ff2172a6

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 10 Oct 2020 18:20:37 GMT
Server
nginx/1.14.2
ETag
acfdb73e29613a39d2acbbc320f79218
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=3600
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Expire
Sat, 10 Oct 2020 19:20:37 GMT
thumbloading.gif
www.firmasec.com/_res/ 		571 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.firmasec.com/_res/thumbloading.gif
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/
Protocol
HTTP/1.1
Server
78.46.163.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.37.163.46.78.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fa4f00af0dd254bd589f33142412e19da3b91fb9f1d58e21703489dc480a7a

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Sat, 10 Oct 2020 18:20:37 GMT
Last-Modified
Wed, 30 Oct 2019 18:10:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5db9d204-23b"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
571
Expires
Mon, 09 Nov 2020 18:20:37 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
1193
date
Sat, 10 Oct 2020 18:00:44 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 10 Oct 2020 20:00:44 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
retina-logo.png
www.firmasec.com/_res/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.firmasec.com/_res/retina-logo.png
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/css.css?ver=2823515997
Protocol
HTTP/1.1
Server
78.46.163.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.37.163.46.78.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e4754f0ce9422293448a3c1238c6743f190c3289f65ff66ae5db74547daa4975

Request headers

Referer
http://www.firmasec.com/css.css?ver=2823515997
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Sat, 10 Oct 2020 18:20:37 GMT
Last-Modified
Thu, 06 Aug 2020 20:44:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f2c6b95-2810"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10256
Expires
Mon, 09 Nov 2020 18:20:37 GMT
searchicon.png
www.firmasec.com/_res/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.firmasec.com/_res/searchicon.png
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/css.css?ver=2823515997
Protocol
HTTP/1.1
Server
78.46.163.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.37.163.46.78.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4a7c4f32c36143bb123918262af36df41ecee9244b5e911c474c21cfa78e8a63

Request headers

Referer
http://www.firmasec.com/css.css?ver=2823515997
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Sat, 10 Oct 2020 18:20:37 GMT
Last-Modified
Thu, 06 Aug 2020 20:44:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f2c6b95-2311"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8977
Expires
Mon, 09 Nov 2020 18:20:37 GMT
main-background.jpg
www.firmasec.com/_res/banner/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.firmasec.com/_res/banner/main-background.jpg
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/css.css?ver=2823515997
Protocol
HTTP/1.1
Server
78.46.163.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.37.163.46.78.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
639a6fca075551d11cd1697587d7aa570c8080c1a2287eb74769af944c4eecfa

Request headers

Referer
http://www.firmasec.com/css.css?ver=2823515997
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Sat, 10 Oct 2020 18:20:37 GMT
Last-Modified
Thu, 06 Aug 2020 20:44:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f2c6b95-ef49"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61257
Expires
Mon, 09 Nov 2020 18:20:37 GMT
black40.png
www.firmasec.com/_res/banner/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.firmasec.com/_res/banner/black40.png
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/css.css?ver=2823515997
Protocol
HTTP/1.1
Server
78.46.163.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.37.163.46.78.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cbc782de068b53a2a9ddb5833015a648042cedf71e7c6f56b5787afbe52ebcba

Request headers

Referer
http://www.firmasec.com/css.css?ver=2823515997
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 10 Oct 2020 18:20:37 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5f61c7e6-4def"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
site-bg.png
www.firmasec.com/_res/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.firmasec.com/_res/site-bg.png
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/css.css?ver=2823515997
Protocol
HTTP/1.1
Server
78.46.163.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.37.163.46.78.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
aa64dec63a57473629115712ffd898c71afa902a6825991122bb8d48f53af1e9

Request headers

Referer
http://www.firmasec.com/css.css?ver=2823515997
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Sat, 10 Oct 2020 18:20:37 GMT
Last-Modified
Wed, 30 Oct 2019 18:10:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5db9d204-24c1"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9409
Expires
Mon, 09 Nov 2020 18:20:37 GMT
Yq6R-LCAWCX3-6Ky7FAFrO96kjouQb5-6g.woff2
fonts.gstatic.com/s/fjallaone/v8/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/fjallaone/v8/Yq6R-LCAWCX3-6Ky7FAFrO96kjouQb5-6g.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fjalla+One&subset=latin,latin-ext
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a194022c39d806f46cba07133ed656e7db13406394c2e86770b32b843a33e24c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.firmasec.com
Referer
http://fonts.googleapis.com/css?family=Fjalla+One&subset=latin,latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 05 Oct 2020 04:36:23 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 10 Sep 2020 17:05:44 GMT
Server
sffe
Age
481454
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
2952
X-XSS-Protection
0
Expires
Tue, 05 Oct 2021 04:36:23 GMT
Yq6R-LCAWCX3-6Ky7FAFrOF6kjouQb4.woff2
fonts.gstatic.com/s/fjallaone/v8/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/fjallaone/v8/Yq6R-LCAWCX3-6Ky7FAFrOF6kjouQb4.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fjalla+One&subset=latin,latin-ext
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
529e77ee17cf48e9ccbb5a64a0e59a1bbda0d9c011ee061f40b1aa189e8fabb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.firmasec.com
Referer
http://fonts.googleapis.com/css?family=Fjalla+One&subset=latin,latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 05 Oct 2020 15:06:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 10 Sep 2020 17:03:50 GMT
Server
sffe
Age
443620
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11668
X-XSS-Protection
0
Expires
Tue, 05 Oct 2021 15:06:57 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/ 		230 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:806::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f36a0659b60462ae7cd1f37cda1dd4d32a9cbe1a6817428fc9ae220f601bd01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 18:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88664
x-xss-protection
0
server
cafe
etag
2239360983930794775
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Oct 2020 18:20:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/ Frame 6782 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:806::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201007/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.firmasec.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.firmasec.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Fri, 09 Oct 2020 22:44:28 GMT
expires
Fri, 23 Oct 2020 22:44:28 GMT
content-type
text/html; charset=UTF-8
etag
7382719332125555894
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4731
x-xss-protection
0
age
70569
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=613864158&utmhn=www.firmasec.com&utme=8(Ana%20Sayfa)9(Ana%20Sayfa)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=613864158&utmhn=www.firmasec.com&utme=8(Ana%20Sayfa)9(Ana%20Sayfa)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmu...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54841386-1&cid=352260785.1602354038&jid=1954163372&_v=5.7.2&z=613864158
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=352260785.1602354038&jid=1954163372&_v=5.7.2&z=613864158
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=352260785.1602354038&jid=1954163372&_v=5.7.2&z=613864158&slf_rd=1&random=3867463936
42 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=352260785.1602354038&jid=1954163372&_v=5.7.2&z=613864158&slf_rd=1&random=3867463936
Requested by
Host: www.firmasec.com
URL: http://www.firmasec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Oct 2020 18:20:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Oct 2020 18:20:37 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=352260785.1602354038&jid=1954163372&_v=5.7.2&z=613864158&slf_rd=1&random=3867463936
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.firmasec.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:806::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Oct 2020 18:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.firmasec.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:806::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Oct 2020 18:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6DBE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5413411280585736&output=html&adk=1812271804&adf=3025194257&lmt=1602354037&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.firmasec.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602354037567&bpp=15&bdt=319&idt=130&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=363505610096&frm=20&pv=2&ga_vid=352260785.1602354038&ga_sid=1602354038&ga_hid=1070326103&ga_fc=1&iag=0&icsg=36488&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067104%2C21067947&oid=3&pvsid=3799971283281546&pem=961&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=155
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:806::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5413411280585736&output=html&adk=1812271804&adf=3025194257&lmt=1602354037&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.firmasec.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602354037567&bpp=15&bdt=319&idt=130&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=363505610096&frm=20&pv=2&ga_vid=352260785.1602354038&ga_sid=1602354038&ga_hid=1070326103&ga_fc=1&iag=0&icsg=36488&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067104%2C21067947&oid=3&pvsid=3799971283281546&pem=961&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=155
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.firmasec.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.firmasec.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 10 Oct 2020 18:20:37 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 10-Oct-2020 18:35:37 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 10 Oct 2020 18:20:37 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:806::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccdeedcf8cca02b7e1b7f00ce971eec441bab4d56867e97a74ea8f1a09f9fb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 18:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602243746703548"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27594
x-xss-protection
0
expires
Sat, 10 Oct 2020 18:20:37 GMT
asyncspc.php
ads.beril.com/www/delivery/ 		395 B
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ads.beril.com/www/delivery/asyncspc.php?zones=8&prefix=revive-0-&loc=http%3A%2F%2Fwww.firmasec.com%2F
Requested by
Host: ads.beril.com
URL: http://ads.beril.com/www/delivery/asyncjs.php
Protocol
HTTP/1.1
Server
78.47.108.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.108.47.78.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
6387764452fcf7c3a842afd73de0b3ec1d255c0346db643c0c55c96634db8d89

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Oct 2020 18:20:37 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://www.firmasec.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201007&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:806::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27d43c90f321423c0ab908a3a830dc3e51406f47da8d82c4f0562c26581af1bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Oct 2020 18:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6418
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 18:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601937181905197"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6302
x-xss-protection
0
expires
Sat, 10 Oct 2020 18:20:37 GMT
lg.php
ads.beril.com/www/delivery/ 		43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ads.beril.com/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=8&loc=http%3A%2F%2Fwww.firmasec.com%2F&cb=6f08c0226d
Protocol
HTTP/1.1
Server
78.47.108.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.108.47.78.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Oct 2020 18:20:37 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 97D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/218/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.firmasec.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.firmasec.com/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Sat, 10 Oct 2020 12:50:24 GMT
expires
Sun, 10 Oct 2021 12:50:24 GMT
last-modified
Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
19814
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201007&jk=3799971283281546&bg=!IiGlIQHNAAWqWepuqlgio524-_XJwAIAAABfUgAAABUKAfqRoK988cjEdIckLip0X4FAvNembAQomw-9Q0YhhHfxsI5T7NIrnpffn7THCdonnHWV0LVQ9k3eHXUlXn2YYIDZBoqwHSBlS0h6fuTtRhDLLZ2CASlY6YYjVCeJjToumiK3ErHHvLub6ghmZSfKu0kPND6S-vE4oEHdJEYXsBRWk_tDKWpByiO1qWeD6yNfqMJIlIbnI5N5NJMauVqq0bKRS_cuTWksgeLkGxsRsY-dSBcod-NW42nuaa71cSA88tkFyl7l-bwD9q_PQVdmPzz8avWzYmaSrlUsMotaGqHjG5vYHdeGpwaZLLrWP1WDWjiE6GWfMJD65wDrE37cxGOr3-ZKo34BlnkN2zoUEpnE4Y9OmicY9Hudv4CrpF5LKdj66R2l1Ss3yXoOoe5DV9_fGbN848D1UTuToCm_OKBOvcsTLoD-J_jTXjlwLmNHG1VPzvVxtT_cT9y93_S8Jn1FmRXLik_hZ30RK1qeymD49lExA9lQV01DF2soPgjhm9CfFKIunsA1Z5OE4496b7Fk1QfkO2CBhqxQ2W9ZIsBFVD60AEcmg_Zs7_PLqK0OJZAIdXa4zPYEY4rb50HBGIKoQ9C5hs7GYKHaJTgCDZ17cTm5FPJqhnLygYjE6EA8iOrGgvELNirGmmYygVqVeRys2HNQcOTpkF336JkBqMyhRtksOPb65RnQ4KeH1d0I2OjebRNeW91_0lSBI6wzYUH_TeewQdgO5RlTyGbitr7JHYi870KIp3qhqDb_u2hVy7Xfqpo9d1gUGigpEobZjbGdaRpHcVH8jTNkNT4i-LI-KZag6vhgue7DqA3Kq5XI6STzANUhI0HgLMeTPpMpSeWXLdXqju99m2VC70wfeJRzzkD1UU6FrMXhB6bdK1GVVLWMMpqmkHVspzWEtON9_I4pBiQg5RV8iMA9Ut-VRvL_HBkfLeBmro4kBuW3DM52aLA__yqb0msMiQIX5_JIyPw-Uv6oWp8ublpE1MfD3XEQqI6eUvPW9kOAnfBITvX0AMs1-2nghzETNz1fTxNb8S9jiViGExcyqDheQwXNEW-UgocFjUzXlp10o8xmYZwo2j2smfidV6ROjFPZMuqOJ8s3NF-Aufi2o1Ae0FoQivGVngHiLj98pWhIzQ325zjqxRGGGj0NdjuStEv7HpXKI6C-J2FQyX1NY5RCpcdiNeftmgHxeO2KuaTERFPZbAWVWwGRz2iuXjYpQIWJ67hYR8CSl8tU4pA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:806::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.firmasec.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Oct 2020 18:20:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| trustedTypes string| siteurl function| newonload function| classname function| classnames function| jspost function| search function| ratingradioset function| addopensearch function| gtranslate function| f_gmap_add_marker function| f_gmap_search function| f_gmap_add function| f_gmap_shows function| f_gmap_show function| f_gmap_show_calcroute function| f_gmap_show_calcroute_getlocation_ra function| f_gmap_show_calcroute_getlocation_sp function| f_gmap_show_calcroute_getlocation_se function| f_gmap_show_calcroute_getlocation function| countdown function| textcounter function| isnum function| isvalidemail function| isvalidurl function| formfijs function| formfyjs function| formfypjs function| formfypsujs function| formiljs function| formfejs function| formhejs object| thumbnailviewer function| autocomplete object| _gaq function| _googCsa function| startlist function| getlistitems function| createlist function| resetlist function| navlist function| navlistItem function| selectlist function| clearlist function| getkeycode number| googleNDT_ string| _googCsaExpIds number| _googCsaAlwaysHttps number| _googEnableCcpa number| _googEnableTcf number| _googEnableQup number| _googTimeoutTurnOffPersonalization number| _googLazyLoadingRootMargin number| _googTcfApiTimeout number| _googUspApiTimeout number| googleAltLoader object| google object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_redemption_status object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| _gat object| gaGlobal object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| picarray object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
.firmasec.com/ Name: __utmb
Value: 13758880.1.10.1602354038
.firmasec.com/ Name: __utmt
Value: 1
.firmasec.com/ Name: __utmz
Value: 13758880.1602354038.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.firmasec.com/ Name: __utmc
Value: 13758880
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.firmasec.com/ Name: PHPSESSID
Value: 6lonmro597vj0tajg5l4cbmecv
www.firmasec.com/ Name: HrtFrb1573111
Value: %2F+%23+10-10-2020+21%3A20%3A37
.firmasec.com/ Name: __utma
Value: 13758880.352260785.1602354038.1602354038.1602354038.1
www.firmasec.com/ Name: HrtFrb1573110
Value: +%23+10-10-2020+21%3A20%3A37

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.beril.com
adservice.google.com
adservice.google.de
firmasec.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.firmasec.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
2a00:1450:4001:809::2001
2a00:1450:4001:816::2003
2a00:1450:4001:819::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::200a
2a00:1450:4001:81c::2004
2a00:1450:4009:806::2002
2a00:1450:400c:c00::9d
78.46.163.37
78.47.108.9
78.47.14.235
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1856451d1fe1b444227290b168688d4d8b16ccf6110ad681133f2f2dcc3aba45
27d43c90f321423c0ab908a3a830dc3e51406f47da8d82c4f0562c26581af1bf
42fa4f00af0dd254bd589f33142412e19da3b91fb9f1d58e21703489dc480a7a
4a7c4f32c36143bb123918262af36df41ecee9244b5e911c474c21cfa78e8a63
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
529e77ee17cf48e9ccbb5a64a0e59a1bbda0d9c011ee061f40b1aa189e8fabb8
5cbe9e1047617cd63984bda4d9da6f030c245e4aa14a0c7607c085f5a79f5bbf
6387764452fcf7c3a842afd73de0b3ec1d255c0346db643c0c55c96634db8d89
639a6fca075551d11cd1697587d7aa570c8080c1a2287eb74769af944c4eecfa
86e5da45742814212cb0c062e149d03c1e07e0bd47cc370e30b8e810dc0e3274
94df9d31c591e260b02bf7cf49a123f2b2e5a8b18eef2f7693bf82c7e8eed018
a194022c39d806f46cba07133ed656e7db13406394c2e86770b32b843a33e24c
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
aa64dec63a57473629115712ffd898c71afa902a6825991122bb8d48f53af1e9
c4dcfbf150abb3297a3c8d96a9740709737585e753feb3bf5505c927c26c7074
c9b51349692c41316ffbe4c41c84e32255c99543682b3051a42e2d68ff2172a6
cbc782de068b53a2a9ddb5833015a648042cedf71e7c6f56b5787afbe52ebcba
ccdeedcf8cca02b7e1b7f00ce971eec441bab4d56867e97a74ea8f1a09f9fb8d
cf345d1c6e88181388e85967651f4e837a012642758665fe0e2a4248f0522839
e05fa4c70984fcc308328993b04205bf3390024be6efd470d7d3c7cf0fd249d6
e1825b9553f829d9e056b9930feef63761b8d7de8458c84b9e020af2841ae1b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4754f0ce9422293448a3c1238c6743f190c3289f65ff66ae5db74547daa4975
e4e06b4750f82e0d6afcecac0f24a4854754bc0ab326d8b1ea863bd15c94eb71
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36a0659b60462ae7cd1f37cda1dd4d32a9cbe1a6817428fc9ae220f601bd01d
f6efd4c6c2483176495ad56d60b0af220f9703c50579748015a540af087adfeb