www.hurriyet.com.tr Open in urlscan Pro
89.187.169.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://emobilformdoldurunuzvakif.xyz/
Effective URL:
https://www.hurriyet.com.tr/haberleri/pandemi-destek
Submission: On November 08 via manual (November 8th 2021, 2:50:33 pm UTC) from TR — Scanned from DE

Summary HTTP 276 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 52 IPs in 5 countries across 35 domains to perform 276 HTTP transactions. The main IP is 89.187.169.122, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is www.hurriyet.com.tr.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 8th 2020. Valid for: 2 years.

This is the only time www.hurriyet.com.tr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3034::ac43:ba7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	89.187.169.122 89.187.169.122	60068 (CDN77 ^_^) (CDN77 ^_^)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	52.49.225.127 52.49.225.127	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	83.66.162.77 83.66.162.77	12978 (DOGAN-ONLINE) (DOGAN-ONLINE)
9	51.195.89.103 51.195.89.103	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	83.66.162.110 83.66.162.110	12978 (DOGAN-ONLINE) (DOGAN-ONLINE)
1 1	2606:4700:303... 2606:4700:3039::6815:c077	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	151.101.1.181 151.101.1.181	54113 (FASTLY) (FASTLY)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
1	104.111.228.137 104.111.228.137	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
41	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
5	23.21.247.176 23.21.247.176	14618 (AMAZON-AES) (AMAZON-AES)
24	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
15 20	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
10 20	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
10 15	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
25	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
10	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2.18.233.67 2.18.233.67	16625 (AKAMAI-AS) (AKAMAI-AS)
3	54.198.67.185 54.198.67.185	14618 (AMAZON-AES) (AMAZON-AES)
2	136.243.15.236 136.243.15.236	24940 (HETZNER-AS) (HETZNER-AS)
2	136.243.33.13 136.243.33.13	24940 (HETZNER-AS) (HETZNER-AS)
5	78.46.71.232 78.46.71.232	24940 (HETZNER-AS) (HETZNER-AS)
5	176.9.43.172 176.9.43.172	24940 (HETZNER-AS) (HETZNER-AS)
3 3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:3d::8	15169 (GOOGLE) (GOOGLE)
1	52.222.206.78 52.222.206.78	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:12::9	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
276	52

2 2606:4700:3034::ac43:ba7a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

emobilformdoldurunuzvakif.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 89.187.169.122 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-122.cdn77.com

www.hurriyet.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.hurriyet.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.225.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-225-127.eu-west-1.compute.amazonaws.com

clicks.hurriyet.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 83.66.162.77 (Istanbul, Turkey)

ASN12978 (DOGAN-ONLINE, TR)

hurpass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 51.195.89.103 (France)

ASN16276 (OVH, FR)
PTR: ns3183877.ip-51-195-89.eu

i4.hurimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.medyanetads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.medyanetads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.66.162.110 (Istanbul, Turkey)

ASN12978 (DOGAN-ONLINE, TR)

api.hurpass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c077 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medyanet-com-tr.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.181 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-137.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.21.247.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-247-176.compute-1.amazonaws.com

services.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 216.58.212.162 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2.18.234.21 (Frankfurt am Main, Germany) 10 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.252.173.62 (Frankfurt am Main, Germany) 10 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-67.deploy.static.akamaitechnologies.com

s248.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.198.67.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-67-185.compute-1.amazonaws.com

messaging.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.15.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h339.meetrics.de

stat.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.33.13 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h385.meetrics.de

s248.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 78.46.71.232 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h297.meetrics.de

b48.s248.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 176.9.43.172 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h429.meetrics.de

b54.s248.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:3d::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5ednz7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-78.fra56.r.cloudfront.net

d38k2esv5oh9bn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:12::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5lzne6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com pagead2.googlesyndication.com 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com tpc.googlesyndication.com	538 KB
50	doubleclick.net 15 redirects securepubads.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	359 KB
31	2mdn.net 3 redirects s0.2mdn.net gcdn.2mdn.net r3---sn-4g5ednz7.c.2mdn.net r4---sn-4g5lzne6.c.2mdn.net Failed	3 MB
29	hurriyet.com.tr www.hurriyet.com.tr s.hurriyet.com.tr clicks.hurriyet.com.tr	479 KB
20	casalemedia.com 10 redirects dsum-sec.casalemedia.com	19 KB
15	adnxs.com 10 redirects ib.adnxs.com	14 KB
14	meetrics.net stat.meetrics.net s248.meetrics.net b48.s248.meetrics.net b54.s248.meetrics.net	4 KB
11	insurads.com cdn.insurads.com services.insurads.com messaging.insurads.com	48 KB
11	google.com fundingchoicesmessages.google.com adservice.google.com www.google.com	105 KB
6	medyanetads.com ad.medyanetads.com cdn.medyanetads.com	124 KB
6	cookielaw.org cdn.cookielaw.org	133 KB
5	googletagservices.com www.googletagservices.com	185 KB
4	taboola.com cdn.taboola.com c2.taboola.com	180 KB
3	criteo.com 1 redirects gum.criteo.com mug.criteo.com	6 KB
3	criteo.net static.criteo.net	39 KB
3	google.de adservice.google.de	1 KB
3	gstatic.com fonts.gstatic.com	189 KB
3	hurimg.com i4.hurimg.com	74 KB
3	hurpass.com hurpass.com api.hurpass.com	16 KB
2	mxcdn.net s248.mxcdn.net	117 KB
2	bluekai.com tags.bluekai.com stags.bluekai.com	2 KB
2	perfectmarket.com widget.perfectmarket.com	32 KB
2	btloader.com btloader.com api.btloader.com	5 KB
2	emobilformdoldurunuzvakif.xyz 1 redirects emobilformdoldurunuzvakif.xyz	2 KB
1	cloudfront.net d38k2esv5oh9bn.cloudfront.net	1 MB
1	googleadservices.com partner.googleadservices.com	410 B
1	ad-delivery.net ad-delivery.net	1007 B
1	pghub.io pghub.io	4 KB
1	bkrtx.com tags.bkrtx.com	16 KB
1	ip-api.com pro.ip-api.com	268 B
1	videoplayerhub.com 1 redirects medyanet-com-tr.videoplayerhub.com	541 B
1	googleusercontent.com lh3.googleusercontent.com	3 KB
1	googleapis.com fonts.googleapis.com	4 KB
1	onetrust.com geolocation.onetrust.com	374 B
1	googletagmanager.com www.googletagmanager.com	60 KB
276	35

	Domain	Requested by
41	pagead2.googlesyndication.com	ad.medyanetads.com pagead2.googlesyndication.com www.hurriyet.com.tr 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com securepubads.g.doubleclick.net
25	s0.2mdn.net	emobilformdoldurunuzvakif.xyz s0.2mdn.net 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
25	s.hurriyet.com.tr	www.hurriyet.com.tr s.hurriyet.com.tr
24	tpc.googlesyndication.com	6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
20	dsum-sec.casalemedia.com	10 redirects googleads.g.doubleclick.net
20	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net
15	ib.adnxs.com	10 redirects googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com emobilformdoldurunuzvakif.xyz
10	googleads4.g.doubleclick.net	emobilformdoldurunuzvakif.xyz
7	6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	securepubads.g.doubleclick.net	s.hurriyet.com.tr securepubads.g.doubleclick.net www.hurriyet.com.tr
6	cdn.cookielaw.org	www.hurriyet.com.tr cdn.cookielaw.org
5	b54.s248.meetrics.net	6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
5	b48.s248.meetrics.net	6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
5	www.googletagservices.com	6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
5	services.insurads.com	cdn.insurads.com
5	ad.medyanetads.com	s.hurriyet.com.tr ad.medyanetads.com
4	www.google.com	6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com tpc.googlesyndication.com
4	fundingchoicesmessages.google.com	www.hurriyet.com.tr
3	static.criteo.net	s.hurriyet.com.tr
3	gcdn.2mdn.net	3 redirects
3	messaging.insurads.com	cdn.insurads.com
3	cdn.insurads.com	securepubads.g.doubleclick.net services.insurads.com
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	cdn.taboola.com	s.hurriyet.com.tr cdn.taboola.com
3	fonts.gstatic.com	fonts.googleapis.com
3	i4.hurimg.com	www.hurriyet.com.tr
3	clicks.hurriyet.com.tr	www.hurriyet.com.tr clicks.hurriyet.com.tr
2	gum.criteo.com	1 redirects static.criteo.net
2	r3---sn-4g5ednz7.c.2mdn.net	s0.2mdn.net
2	s248.meetrics.net	s248.mxcdn.net
2	stat.meetrics.net	s248.mxcdn.net
2	s248.mxcdn.net	s0.2mdn.net
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	hurpass.com	s.hurriyet.com.tr hurpass.com
2	emobilformdoldurunuzvakif.xyz	1 redirects
1	mug.criteo.com
1	d38k2esv5oh9bn.cloudfront.net	s0.2mdn.net
1	r4---sn-4g5lzne6.c.2mdn.net	s0.2mdn.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stags.bluekai.com	tags.bkrtx.com
1	api.btloader.com	medyanet-com-tr.videoplayerhub.com
1	ad-delivery.net	www.hurriyet.com.tr
1	ad.doubleclick.net	www.hurriyet.com.tr
1	cdn.medyanetads.com	ad.medyanetads.com cdn.medyanetads.com
1	pghub.io	ad.medyanetads.com
1	tags.bluekai.com	ad.medyanetads.com
1	tags.bkrtx.com	ad.medyanetads.com
1	pro.ip-api.com	ad.medyanetads.com
1	c2.taboola.com	s.hurriyet.com.tr
1	btloader.com	www.hurriyet.com.tr
1	medyanet-com-tr.videoplayerhub.com	1 redirects
1	api.hurpass.com	hurpass.com
1	lh3.googleusercontent.com	www.hurriyet.com.tr
1	fonts.googleapis.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.googletagmanager.com	www.hurriyet.com.tr
1	www.hurriyet.com.tr	emobilformdoldurunuzvakif.xyz
276	59

This site contains links to these domains. Also see Links.

Domain
bigpara.hurriyet.com.tr
hesabim.hurriyet.com.tr
uyelikyonetim.hurriyet.com.tr
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
satis.hurriyet.com.tr
e-gazete.hurriyet.com.tr
seriilan.hurriyet.com.tr
reklamver.hurriyet.com.tr
www.hurriyetkurumsal.com
onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-08` - `2022-11-07`	a year	crt.sh
*.hurriyet.com.tr AlphaSSL CA - SHA256 - G2	`2020-07-08` - `2022-07-09`	2 years	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.hurpass.com AlphaSSL CA - SHA256 - G2	`2021-09-16` - `2022-10-18`	a year	crt.sh
*.hurimg.com AlphaSSL CA - SHA256 - G2	`2021-06-02` - `2022-07-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.medyanetads.com AlphaSSL CA - SHA256 - G2	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-07`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2021-02-09` - `2022-02-16`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.insurads.com Go Daddy Secure Certificate Authority - G2	`2021-04-05` - `2022-05-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2021-10-16` - `2022-10-18`	a year	crt.sh
meetrics.net R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh

This page contains 37 frames:

Primary Page: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Frame ID: C3766730B680540E7F5FC317817FDE17
Requests: 102 HTTP requests in this frame

Frame: https://hurpass.com/iframe/frm_index?appkey=506d9e3dfbd268e6b6630e57&secret=506d9e3dfbd268e6b6630e58&domain=hurriyet.com.tr&callback_url=https://www.hurriyet.com.tr/haberleri/pandemi-destek&referer=www.hurriyet.com.tr&user_page=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&is_mobile=0&session_timeout=0&is_vative=0
Frame ID: AC70539E7A2A54D00779B7CE4827DFA6
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/34182?ret=html&phint=PageType%3Dhaberleri&phint=cd6%3Dlinux&phint=cd7%3D4g&phint=cd3%3DFrankfurt%20am%20Main&phint=cd4%3DDE&phint=cd5%3DClouvider&phint=hour%3D14&phint=weekday%3D1&phint=date%3D8&phint=month%3D11&phint=__bk_t%3DPandemi%20Destek%20Haberleri%20-%20Son%20Dakika%20Pandemi%20Destek%20Hakk%C4%B1nda%20G%C3%BCncel%20Haber%20ve%20Bilgiler&phint=__bk_k%3DPandemi%20Destek%2C%20Pandemi%20Destek%20haberleri%2C%20Pandemi%20Destek%20geli%C5%9Fmeleri&phint=__bk_pr%3Dhttps%3A%2F%2Femobilformdoldurunuzvakif.xyz%2F&phint=__bk_l%3Dhttps%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&phint=__bk_v%3D3.1.10&limit=1&r=34303319
Frame ID: D8B335492744EE36D643ED3B720A238C
Requests: 1 HTTP requests in this frame

Frame: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BA70F0EBB2D8A013A9FFD170F8473504
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Frame ID: 361C7999B1E60814D373BFBBADA37D73
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4133813641255581&output=html&adk=1812271804&adf=3025194257&lmt=1636383028&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636383028493&bpp=2&bdt=762&idt=364&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1091037249168&frm=20&pv=2&ga_vid=1198651847.1636383028&ga_sid=1636383028&ga_hid=973641647&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C31063413%2C31063182&oid=2&pvsid=1363868726308546&pem=308&ref=https%3A%2F%2Femobilformdoldurunuzvakif.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=10&uci=a!a&fsb=1&dtd=381
Frame ID: 7ABB4F49DF84A61C0C9E636B4FC2CA8D
Requests: 1 HTTP requests in this frame

Frame: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A6C61F19BE8302BE1EE032EE51EEB629
Requests: 23 HTTP requests in this frame

Frame: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9FB9C3E50C4958C8EECF9047DA0F6265
Requests: 15 HTTP requests in this frame

Frame: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8A54A9F5172C8F4025A80DAC8B66C1A3
Requests: 22 HTTP requests in this frame

Frame: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 687A48AD1E69A449FEDC0BA9616E167B
Requests: 13 HTTP requests in this frame

Frame: https://cdn.insurads.com/bootstrap/CTOHUVRM.js
Frame ID: B8BEC51D725ACCE1743DE8B0816E68A0
Requests: 3 HTTP requests in this frame

Frame: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1C4774D7ED229A15201220B6D96E0B4D
Requests: 15 HTTP requests in this frame

Frame: data://truncated
Frame ID: EBF57BFAD9060CD65275A79AAF9A93E9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRD4v_SDAhjsqtu2ATAB&v=APEucNUtV-iDMxWbxzhldsArFBqp610WURrLlnUfxMhv4rGWla-hJISqN6tOCF-VNX4WuFFzKAA3JteeTHYoaEaBlt0kkTN5A4axZfFTpoV2Ugb_2AX7kMm1bQQzrHvIARAxmCrSpwFnTjYNnLDD5F_xp5_7HYH0xSMiVflEmKm_ZrWL1qGjvKwxujB9D6Qxex-fmHhzjq-OsuHXkukiqNzPTDA-_oHbRQ
Frame ID: D278D15B5DD8F6B3DCBB985B92310677
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPK0wEQmJDhlwIYmczZpgEwAQ&v=APEucNUNQXbkO2VSLWrdNef6Xw97V2as6v-4Jp3yKx0IctlZjUjbnph4PYCvFYidN77ajEbVVABOyGtg3cnW_tiuB9bxbiNWhgvjQ1eUFvRGkyzhHOyXwtQ4MWQGHSYgXeM0tqANvH2eboYc5yk2VjAGyRjMJnveZckiDma8GM88yk52ASfFiY9Lf83IyvkRff8FlH8uQxMvAR3B0Ov72lJj5xTtlUjs5w
Frame ID: 45DFDDC5743936C6D38BE0184D60FAAE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLiTLhCUmNKVAhjO7MW2ATAB&v=APEucNXgz6KsgursZ2CTWFHmxkHdVybY_LjwRHtNJvw6FklDWbz6naoNCoU1rLQsL9DV8SEA-u9Ku6gJl9u9dd8jIoTB_ZBS4t2TLLcgpLeF6MpBzL6H5estBxs8gSdWW1CDYE1baFBXLLdl6fvL5xMUwmaxSh0-Fon1ZZOdKTNsp7l3W19VpgeTrqPR7CoISeYdLTffOzMTGrzWeg3rfJCUsPZxqkWwKw
Frame ID: 4E215453F21B164BE3D0398D0E9812FE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLiTLhCUmNKVAhiW64W2ATAB&v=APEucNUyYHAQuzAg63xPdRQyYj7-ZdR8vybFubhNdISHv6LVVsGyYMXRGW0n_9-QC0r-SrQHYk3MNDMimh8_WlkeM6XpwhE8yK6WZEarl9ICENiQfGNzMpv3c1BuaLM3jhaJvSoRt5nxOyzc5hEjqsEQ1snHcLeUrtn5hmkL9ctIfWAUdNqwLcqgaV4CMZKBT4vecYxANRJkou23JSnttaSoUP5dDug_1g
Frame ID: 44788449C1999BFAB3E171AEDA028758
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRD4v_SDAhjsqtu2ATAB&v=APEucNW5it3YMk0vYxgNL5PLpFb47GmArPNlN2jb-CS8eP8JAi7lgu1VfBHETuZ7lRLLOrbwBu1bthmAiQjrVza8HajSU0wRh1LUXFcBsQ6KVMY8tkZ5HyhqXeVoI-7A9f4PtvS9CmKE0G46eMK3yRwrBFVOBAWr3Mij-0WbrQs-p3sLtLY3tfrMlVP150tlCxmrrdFfESZNrpkgT2WIIdXK2cZXzdbTgg
Frame ID: B3989613AFBD6CDC6C267628BEC5E02B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E0DE1364C85E892A7E8A0AEFD1FCCDDB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10388772/1619617590834/index.html
Frame ID: F14B8E6608CCBB0A6DD62EA79AAD3917
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61925064/20211004022009764/sujet_chicken_300x250_google_studio/index.html?e=69&leftOffset=0&topOffset=0&c=iBL35WyrKS&t=1&renderingType=2
Frame ID: E38325EBE6E5E39EE2535F6D98FEA066
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/10274800/1633445426523/index.html
Frame ID: 66B10DE4EBD20CD8B950D03232B72F11
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/10274800/1633445426523/index.html
Frame ID: 38A9F6840A37A79A1D1EFB2A459CBDBE
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7B21F0C6B998F0EF341D4688B26D4F9F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61903792/20210929024754596/300x250_google_studio/index.html?e=69&leftOffset=0&topOffset=0&c=JYQoAC6Uzr&t=1&renderingType=2
Frame ID: 5369503CD51650386E7F1308CAC46EB0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DEFB9E2FF4AD7569051E35C8143C5B65
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 49755BFCB130E292B2708287ACA8131B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 11DCE2063C2AC8CEFF4C3A3487B5ACCE
Requests: 3 HTTP requests in this frame

Frame: https://services.insurads.com/ad?auid=597666&csz=%5B%5D&sz=%5B%5D&appId=1828&s=1352&dm=1&is=0&ct=%7B%7D&h=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&sid=382E733935A78992&v=1.5.59&ts=1636383031297
Frame ID: 67A256E71637340170339C03F32F090D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js
Frame ID: 87A466A15B691BA45902D0BA35DB87D7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js
Frame ID: 78EE0F9F9B0165720FBF2633DA4C9745
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5A4599B217D4CC45C44F41917C59B563
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ACFFAB3BCBBFA951DA1EA0A854C54E7E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.hurriyet.com.tr
Frame ID: 050DB493A39D8FDCAEA429EF03C76BBA
Requests: 2 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=1828&requests=[{%22eaup%22:%22/9927946/hurriyet/diger/sidebar_300x250_1%22,%22w%22:300,%22h%22:250,%22isda%22:true,%22eId%22:%22main_hurriyet_diger_sidebar_300x250_1_0%22},{%22eaup%22:%22/9927946/hurriyet/diger/body_728x90_1%22,%22w%22:300,%22h%22:250,%22isda%22:true,%22eId%22:%22main_hurriyet_diger_body_728x90_1_0%22},{%22eaup%22:%22/9927946/hurriyet/diger/sag_120x600%22,%22w%22:300,%22h%22:600,%22isda%22:true,%22eId%22:%22main_hurriyet_diger_sag_120x600_0%22},{%22eaup%22:%22/9927946/hurriyet/diger/pageskin_sol_120x600%22,%22w%22:300,%22h%22:600,%22isda%22:true,%22eId%22:%22main_hurriyet_diger_pageskin_sol_120x600_0%22},{%22eaup%22:%22/9927946/hurriyet/diger/header_728x90%22,%22w%22:728,%22h%22:90,%22isda%22:true,%22eId%22:%22main_hurriyet_diger_header_728x90_0%22}]&h=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek
Frame ID: 624D995AE06C655CC0508BDA90A19CD5
Requests: 1 HTTP requests in this frame

Frame: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 03D2302C6361F114D2C5FC23EA639399
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLiTLhCUmNKVAhiW64W2ATAB&v=APEucNWnsn1bTGY0FZ4_Wgp83KfKuriCoKFSj3iPEMP_RZL-l3dY1uQ4REd3ip_HcQyW1Wwn896mQ0wxIuEb8mHxMQKe3epXe0-YLaX7CO8H8Y2U-vWMW5UCk7aOFDogGzgUnDCIwpkUbcTmVACrbvyx81qBgK6_DE0xq5rXQgtBxx3FEnQLRbYF59SkVAS2jFxHouRWepcQ4T0N24n0JRCLr64WN_B_tg
Frame ID: 3BEC7CBDB337DF3104BD036808EF692A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pandemi Destek Haberleri - Son Dakika Pandemi Destek Hakkında Güncel Haber ve Bilgiler Back ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://emobilformdoldurunuzvakif.xyz/ HTTP 301
https://emobilformdoldurunuzvakif.xyz/ Page URL
https://www.hurriyet.com.tr/haberleri/pandemi-destek Page URL

Page Statistics

276
Requests

89 %
HTTPS

45 %
IPv6

35
Domains

59
Subdomains

52
IPs

5
Countries

7314 kB
Transfer

13987 kB
Size

27
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://bigpara.hurriyet.com.tr/
Title: ANASAYFA

Search URL Search Domain Scan URL

URL: https://bigpara.hurriyet.com.tr/borsa/canli-borsa/
Title: BORSA

Search URL Search Domain Scan URL

URL: https://bigpara.hurriyet.com.tr/doviz/
Title: DÖVİZ

Search URL Search Domain Scan URL

URL: https://bigpara.hurriyet.com.tr/altin/
Title: ALTIN

Search URL Search Domain Scan URL

URL: https://bigpara.hurriyet.com.tr/viop-varant/
Title: VİOP&VARANT

Search URL Search Domain Scan URL

URL: https://bigpara.hurriyet.com.tr/analiz/
Title: ANALİZ

Search URL Search Domain Scan URL

URL: https://bigpara.hurriyet.com.tr/kobi/
Title: KOBİ

Search URL Search Domain Scan URL

URL: https://bigpara.hurriyet.com.tr/kripto-paralar/
Title: KRİPTO PARALAR

Search URL Search Domain Scan URL

URL: https://hesabim.hurriyet.com.tr/#/ekstra
Title: Üye Ol

Search URL Search Domain Scan URL

URL: https://uyelikyonetim.hurriyet.com.tr/
Title: E-bültenler

Search URL Search Domain Scan URL

URL: https://hesabim.hurriyet.com.tr/#/e-gazete
Title: Günlük Egazete

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hurriyet/

Search URL Search Domain Scan URL

URL: https://twitter.com/Hurriyet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hurriyet/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/hurriyettvcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hurriyetcomtr/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tr/app/h%C3%BCrriyet-son-dakika-haberler/id307878588?l=tr

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=hurriyet.mobil.android&gl=TR

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/hurriyet

Search URL Search Domain Scan URL

URL: http://bigpara.hurriyet.com.tr/borsa/canli-borsa/
Title: Canlı Borsa

Search URL Search Domain Scan URL

URL: https://bigpara.hurriyet.com.tr/doviz/euro/
Title: Euro TL

Search URL Search Domain Scan URL

URL: https://satis.hurriyet.com.tr/Default.aspx
Title: Doğum Günü Gazetesi

Search URL Search Domain Scan URL

URL: https://bigpara.hurriyet.com.tr/kripto/bitcoin-fiyati/
Title: Bitcoin

Search URL Search Domain Scan URL

URL: http://e-gazete.hurriyet.com.tr/
Title: E-Gazete

Search URL Search Domain Scan URL

URL: http://bigpara.hurriyet.com.tr/altin/22-ayar-bilezik-fiyati/
Title: Bilezik Fiyatları

Search URL Search Domain Scan URL

URL: https://seriilan.hurriyet.com.tr/emlak.aspx
Title: Seri İlanlar

Search URL Search Domain Scan URL

URL: http://bigpara.hurriyet.com.tr/doviz/dolar/
Title: Dolar Kuru

Search URL Search Domain Scan URL

URL: http://reklamver.hurriyet.com.tr/
Title: Hürriyet'e Reklam Ver

Search URL Search Domain Scan URL

URL: https://www.hurriyetkurumsal.com/
Title: Yatırımcı İlişkileri

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://emobilformdoldurunuzvakif.xyz/ HTTP 301
https://emobilformdoldurunuzvakif.xyz/ Page URL
https://www.hurriyet.com.tr/haberleri/pandemi-destek Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://emobilformdoldurunuzvakif.xyz/ HTTP 301
https://emobilformdoldurunuzvakif.xyz/

Request Chain 51

https://medyanet-com-tr.videoplayerhub.com/galleryloader.js HTTP 301
https://btloader.com/tag?h=medyanet-com-tr&upapi=true

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

Request Chain 135

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYk5NYIH2DeqImZiRwzjhAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

Request Chain 137

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYk5NYIH2DeqImZiRwzjhAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

Request Chain 141

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

Request Chain 143

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYk5NYIH2DeqImZiRwzjhAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

Request Chain 145

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

Request Chain 147

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYk5NYIH2DeqImZiRwzjhAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

Request Chain 149

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

Request Chain 151

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYk5NYIH2DeqImZiRwzjhAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

Request Chain 153

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

Request Chain 231

https://gcdn.2mdn.net/videoplayback/id/a45ace4316c1913b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777356845/sparams/id,itag,source,ratebypass,mime,acao,ip,ipbits,expire/signature/210D90FA74FEAF9EE432F48CFA8946B28199A0DA.15B821799775CD7F565D89F205702DC85F80DC30/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/a45ace4316c1913b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777356845/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/3F83FD15CFC4A1BC8EEB22A0FCD764D86A0D8FCA.40D6BDF3F35E00AD5C3A158453242F19B29FACCE/key/cms1/cms_redirect/yes/mh/0a/mip/2a0f:9441:5:0:ea::1/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1636382168/mv/u/mvi/3/pl/48/file/file.mp4

Request Chain 232

https://gcdn.2mdn.net/videoplayback/id/d115bac9e432918e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777787185/sparams/id,itag,source,ratebypass,mime,acao,ip,ipbits,expire/signature/5D44495C0ABDB36FE1268334D29149539E297D6D.2AA5BA4F5FD534FFF40A140518BBFB26CEB59ADF/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5lzne6.c.2mdn.net/videoplayback/id/d115bac9e432918e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777787185/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/2A62ED125206836006179373FE2657C5DC3A08A2.3317CFB7DF6A892BCC647356F7F8A16156DE62C6/key/cms1/cms_redirect/yes/mh/rW/mip/2a0f:9441:5:0:ea::1/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1636382168/mv/u/mvi/4/pl/48/file/file.mp4

Request Chain 240

https://gcdn.2mdn.net/videoplayback/id/a45ace4316c1913b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777356845/sparams/id,itag,source,ratebypass,mime,acao,ip,ipbits,expire/signature/210D90FA74FEAF9EE432F48CFA8946B28199A0DA.15B821799775CD7F565D89F205702DC85F80DC30/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/a45ace4316c1913b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777356845/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/81D2E617AD4008A062975996FF450F191BDFD200.0B6CD10EC946D2316AA316CA0326F99F3117D05D/key/cms1/cms_redirect/yes/mh/0a/mip/2a0f:9441:5:0:ea::1/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1636382168/mv/u/mvi/3/pl/48/file/file.mp4

Request Chain 241

https://gcdn.2mdn.net/videoplayback/id/d115bac9e432918e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777787185/sparams/id,itag,source,ratebypass,mime,acao,ip,ipbits,expire/signature/5D44495C0ABDB36FE1268334D29149539E297D6D.2AA5BA4F5FD534FFF40A140518BBFB26CEB59ADF/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5lzne6.c.2mdn.net/videoplayback/id/d115bac9e432918e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777787185/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/4A90D30662A70C4D7844BC4D3BE8650687A539D7.0B4C8018AB5A41C99286E618EBE5B137FC4DABDF/key/cms1/cms_redirect/yes/mh/rW/mip/2a0f:9441:5:0:ea::1/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1636382168/mv/u/mvi/4/pl/48/file/file.mp4

Request Chain 270

https://gum.criteo.com/sid/json?origin=publishertag&domain=hurriyet.com.tr&sn=ChromeSyncframe&so=0&topUrl=www.hurriyet.com.tr&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=pZYoKXxwQmRtM0Vid2xNanF2dGoyMUZPZ0Robm52MzJPM3U2RjFsMHJ5U3BubkJwOHRLaytkdFNvVUlaSyt2ZUFXakJJMW9ldmFpNERWRS9aVEI3VkxZcEwvY0l1V0s5bTJyNHlxUU1UWTBUU2tXUVJHRUVYeTE2R3NVaGZRRUd3UWwvckpLakxrUlJuQzduQTNmYXdFUCt1NG90NG9wZnBpbFk1ZUVENkhIZkRsdnB4TW1KMExkMG9nb1JMY3MrdVlqcnBwbUFCQnRlZE5jcWp4R2hzY1RaTlB2RHQ3Z01manFyVVp2a0NUTkw3RVBNOXpzREhXaCtjcE1SVXBKcnVCQzkzRTBVWGw1Z0dpMHFDMzhzQUhuMDIrQT09fA&cppv=2

276 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
emobilformdoldurunuzvakif.xyz/
Redirect Chain

http://emobilformdoldurunuzvakif.xyz/
https://emobilformdoldurunuzvakif.xyz/

1 KB
1 KB

95ms
73ms

Document
text/html

2606:4700:3034::ac43:ba7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://emobilformdoldurunuzvakif.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ba7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34 PleskLin
Resource Hash: 3be2490680cab012632e70a2fc663db286b10c2e7084561ebbdbcdba9035e52f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34 PleskLin
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKp72SOdDucMcdKpU2DFVK6xGS0fSa4fNkFxZP8U9UrsA1SQf6omcYjPZD7WgHREh9ZZ%2FjCor0T3xZpzTbNL2cmGrRmzywcZp4vloRO41gzMr7KULebJ8wX%2BtV6gdXaIGRBQm8qkzwCyZ6VopVj8%2FwlkvVrzDoji20wZ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6aaf9d226a5b05e4-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Mon, 08 Nov 2021 14:50:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
location: https://emobilformdoldurunuzvakif.xyz/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szf0sIvqNLBIuh6p4ieFMpz86b7hr5snWApeD5xLhLz%2F6WWlu64tnIDy9WDkQnX6ZWxbHNrSFC6wgfe6xQen9EY5JRMRBZG7xk%2FuBmjuX2hxA8%2FsTq9VXy5RBWQqFgxmqtTVjA0f1E7GvuYBi2kKB2mMccWhvuE%2BDB%2B3QA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6aaf9d21ef875c74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 Primary Request pandemi-destek Show response
www.hurriyet.com.tr/haberleri/ 194 KB
62 KB 47ms
7ms Document
text/html 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hurriyet.com.tr/haberleri/pandemi-destek

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-122.cdn77.com

Software

MerlinCDN /

Resource Hash

e972857e6ed4b4a89ec5fc59e5b1268919f11ae3eb1d1c1f72b46a4978915c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://emobilformdoldurunuzvakif.xyz/

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
content-type: text/html; charset=utf-8
request-context: appId=cid-v1:7c7c3814-bd83-46e6-985b-239a97f839b4
access-control-expose-headers: Request-Context
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
release: 20.179.0.1428
device: Desktop
vary: Accept-Encoding
age: 0
x-cache: HIT-01
x-cache-hits: 2
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-midtier: de-fra-dp-s01
x-mcache: EXPIRED
x-ecache: STALE
via: HTTP/2.0 Merlin CDN
x-edge: de-fra-dp-s02
server: MerlinCDN
allow: GET, HEAD, POST
cache-control: max-age=300
content-encoding: gzip

GET
H2 200 HelveticaNeue.woff
s.hurriyet.com.tr/static/fonts/_helvetica-neue/ 125 KB
126 KB 48ms
10ms Font
application/font-woff 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hurriyet.com.tr/static/fonts/_helvetica-neue/HelveticaNeue.woff
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: b6a06d8e3f997dede12bd6ada4d4d8f95622829523c19ffef6a1b1661fffebb2

Request headers

Referer: https://www.hurriyet.com.tr/
Origin: https://www.hurriyet.com.tr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 7197115
x-midtier: tr-izm-nt-s02
x-backend-server: hicmsimgopt02
content-length: 128200
last-modified: Wed, 28 Jul 2021 11:50:54 GMT
server: MerlinCDN
etag: "6101449e-1f4c8"
allow: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
accept-ranges: bytes
x-mcache: MISS

GET
H2 200 HelveticaNeue-Bold.woff
s.hurriyet.com.tr/static/fonts/_helvetica-neue/ 126 KB
126 KB 59ms
22ms Font
application/font-woff 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hurriyet.com.tr/static/fonts/_helvetica-neue/HelveticaNeue-Bold.woff
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 0af8a0ff66cde697e6462cdbafbaf691904dc1f01daba0006197d3d5ea311204

Request headers

Referer: https://www.hurriyet.com.tr/
Origin: https://www.hurriyet.com.tr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 7197115
x-midtier: tr-izm-nt-s02
x-backend-server: hicmsimgopt02
content-length: 128836
last-modified: Wed, 28 Jul 2021 11:50:54 GMT
server: MerlinCDN
etag: "6101449e-1f744"
allow: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
accept-ranges: bytes
x-mcache: HIT

GET
H2 200 Metropolis-Light.woff2
s.hurriyet.com.tr/static/fonts/redesign/metropolis/ 13 KB
13 KB 60ms
22ms Font
application/octet-stream 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hurriyet.com.tr/static/fonts/redesign/metropolis/Metropolis-Light.woff2
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: d06686a85ceb4497a2d3b0f08b9a98598ac84900939163714b46050d23c5df8c

Request headers

Referer: https://www.hurriyet.com.tr/
Origin: https://www.hurriyet.com.tr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4673581
x-midtier: de-fra-dp-s01
x-backend-server: hicmsimgopt06
content-length: 12824
last-modified: Tue, 07 Sep 2021 12:15:00 GMT
server: MerlinCDN
etag: "613757c4-3218"
allow: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
accept-ranges: bytes
x-mcache: MISS

GET
H2 200 Metropolis-Medium.woff2
s.hurriyet.com.tr/static/fonts/redesign/metropolis/ 13 KB
13 KB 60ms
22ms Font
application/octet-stream 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hurriyet.com.tr/static/fonts/redesign/metropolis/Metropolis-Medium.woff2
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: c6d0603a91055bb63195502ecaf914bf872975e62dac934396950e1eaeaf1369

Request headers

Referer: https://www.hurriyet.com.tr/
Origin: https://www.hurriyet.com.tr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4672002
x-midtier: de-fra-dp-s01
x-backend-server: hicmsimgopt06
content-length: 13112
last-modified: Tue, 07 Sep 2021 12:15:00 GMT
server: MerlinCDN
etag: "613757c4-3338"
allow: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
accept-ranges: bytes
x-mcache: HIT

GET
H2 200 Metropolis-Bold.woff2
s.hurriyet.com.tr/static/fonts/redesign/metropolis/ 13 KB
13 KB 60ms
22ms Font
application/octet-stream 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hurriyet.com.tr/static/fonts/redesign/metropolis/Metropolis-Bold.woff2
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: b158aee482b46ed495c6b42e89e5487604cbcaae2a71215edfa8b4417c00e63a

Request headers

Referer: https://www.hurriyet.com.tr/
Origin: https://www.hurriyet.com.tr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4669460
x-midtier: de-fra-dp-s01
x-backend-server: hicmsimgopt02
content-length: 13008
last-modified: Tue, 07 Sep 2021 12:15:00 GMT
server: MerlinCDN
etag: "613757c4-32d0"
allow: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
accept-ranges: bytes
x-mcache: HIT

GET
H2 200 Metropolis-ExtraBold.woff2
s.hurriyet.com.tr/static/fonts/redesign/metropolis/ 13 KB
13 KB 60ms
22ms Font
application/octet-stream 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hurriyet.com.tr/static/fonts/redesign/metropolis/Metropolis-ExtraBold.woff2
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 268f96855fccbcc739279b8c29db9f5bf3531f8de4bcca23c3a52026a278c240

Request headers

Referer: https://www.hurriyet.com.tr/
Origin: https://www.hurriyet.com.tr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4673193
x-midtier: tr-ist-sh-s03
x-backend-server: hicmsimgopt02
content-length: 13036
last-modified: Tue, 07 Sep 2021 12:15:00 GMT
server: MerlinCDN
etag: "613757c4-32ec"
allow: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
accept-ranges: bytes
x-mcache: HIT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 42ms
16ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 14:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OPcq+YIYFFKAyM1Ar0weOg==
age: 881264
vary: Accept-Encoding
content-length: 6350
x-ms-lease-status: unlocked
last-modified: Thu, 14 Oct 2021 05:25:41 GMT
server: cloudflare
etag: 0x8D98ED3103C1468
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f5303d73-101e-000d-116c-c437ea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6aaf9d23ce934ab0-FRA
expires: Tue, 16 Nov 2021 14:50:27 GMT

GET
H2 200 tag.min.css
s.hurriyet.com.tr/static/styles/redesign/ 97 KB
19 KB 27ms
8ms Stylesheet
text/css 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hurriyet.com.tr/static/styles/redesign/tag.min.css?v=octo-20.179.0.1428
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 001933cadc15480b7512749b07f35f05d3955ea0c51185a57e81ddc7ac71b884

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 275259
x-midtier: tr-ist-sh-s03
content-encoding: gzip
x-backend-server: hicmsimgopt06
allow: GET, HEAD
last-modified: Fri, 05 Nov 2021 05:02:54 GMT
server: MerlinCDN
etag: W/"6184bafe-183fb"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 critical.min.js Show response
s.hurriyet.com.tr/static/scripts/redesign/ 24 KB
9 KB 79ms
76ms Script
application/javascript 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hurriyet.com.tr/static/scripts/redesign/critical.min.js?v=octo-20.179.0.1428
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 97669d3f575a85376785d251d9a2c34fa662285227a92625bbedaeccb9b4391d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 276020
x-midtier: de-fra-dp-s01
content-encoding: gzip
x-backend-server: hicmsimgopt06
allow: GET, HEAD
last-modified: Fri, 05 Nov 2021 05:02:20 GMT
server: MerlinCDN
etag: W/"6184badc-60d6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 AGSKWxVE2qX8s7xyykFc1E2iqXLtbXRCJgH0kXDM0XGgTs-DyHzOY6BuZI_wqPkPWZgPbiE9dd2KNcrBR2n0nrbNoNI= Show response
fundingchoicesmessages.google.com/f/ 79 KB
29 KB 74ms
36ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVE2qX8s7xyykFc1E2iqXLtbXRCJgH0kXDM0XGgTs-DyHzOY6BuZI_wqPkPWZgPbiE9dd2KNcrBR2n0nrbNoNI=

Requested by

Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

053c2a29c25620c49da48c4c4398e5ab100b69a5ba4d893855d91ef44f7da4f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0GbmDCdAhFGmxhXR9H1nsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-0GbmDCdAhFGmxhXR9H1nsg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-0GbmDCdAhFGmxhXR9H1nsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-0GbmDCdAhFGmxhXR9H1nsg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hurriyet-logo-white.svg
s.hurriyet.com.tr/static/images/redesign/ 6 KB
3 KB 79ms
77ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/hurriyet-logo-white.svg?v=octo-20.179.0.1428
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: c8af8e93aaf81a1019b9b2a03adfb31c52a5b72e5f5a3fa4aa9ff74e097c5277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4673581
x-midtier: de-fra-dp-s01
content-encoding: gzip
x-backend-server: hicmsimgopt02
last-modified: Wed, 15 Sep 2021 08:09:10 GMT
server: MerlinCDN
etag: W/"6141aa26-167f"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: MISS

GET
H2 200 ic-search.svg
s.hurriyet.com.tr/static/images/redesign/ 433 B
557 B 80ms
78ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/ic-search.svg?v=octo-20.179.0.1428
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: e2fe73b07f191f735e488f38fe3550e8eabc311c738f589b70e5bc878fe9705b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4669071
x-midtier: tr-ist-sh-s03
content-encoding: gzip
x-backend-server: hicmsimgopt02
last-modified: Wed, 15 Sep 2021 08:10:06 GMT
server: MerlinCDN
etag: W/"6141aa5e-1b1"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 hurriyet-logo-red.svg
s.hurriyet.com.tr/static/images/redesign/ 6 KB
3 KB 80ms
78ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/hurriyet-logo-red.svg?v=octo-20.179.0.1428
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: fce1ad6519242753662c5cb109f1602a526af9dd10223d0fadeeb3f3acf47356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4672002
x-midtier: tr-ist-sh-s03
content-encoding: gzip
x-backend-server: hicmsimgopt02
last-modified: Wed, 15 Sep 2021 08:08:22 GMT
server: MerlinCDN
etag: W/"6141a9f6-1672"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 ic-facebook.svg
s.hurriyet.com.tr/static/images/redesign/ 455 B
616 B 81ms
79ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/ic-facebook.svg?v=octo-20.179.0.1428
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 484522d71f483cd3de872e3a28892bba117554bbe7f8b4c07a05aa5474f546d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4673581
x-midtier: tr-ist-ds-s04
content-encoding: gzip
x-backend-server: hicmsimgopt02
last-modified: Wed, 15 Sep 2021 08:10:02 GMT
server: MerlinCDN
etag: W/"6141aa5a-1c7"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 ic-twitter.svg
s.hurriyet.com.tr/static/images/redesign/ 983 B
877 B 81ms
79ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/ic-twitter.svg?v=octo-20.179.0.1428
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 04c8419865cb121be5be8e3e39805f9fffff0528ece1762268efae826229c216

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4673193
x-midtier: tr-ist-ds-s04
content-encoding: gzip
x-backend-server: hicmsimgopt06
last-modified: Wed, 15 Sep 2021 08:10:02 GMT
server: MerlinCDN
etag: W/"6141aa5a-3d7"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 ic-instagram.svg
s.hurriyet.com.tr/static/images/redesign/ 852 B
786 B 81ms
79ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/ic-instagram.svg?v=octo-20.179.0.1428
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 30cf6a6f8c90e55d54a9eb7388053e117afd418c4d84035842ed3b4c6e19f996

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4673581
x-midtier: tr-izm-nt-s05
content-encoding: gzip
x-backend-server: hicmsimgopt06
last-modified: Wed, 15 Sep 2021 08:10:02 GMT
server: MerlinCDN
etag: W/"6141aa5a-354"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 ic-linkedin.svg
s.hurriyet.com.tr/static/images/redesign/ 607 B
668 B 82ms
80ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/ic-linkedin.svg?v=octo-20.179.0.1428
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: a00a7cf1ccfa2650b2af418639c9ed176df892c7275d6efd72ddf46efd12e22b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4662533
x-midtier: de-fra-dp-s01
content-encoding: gzip
x-backend-server: hicmsimgopt06
last-modified: Wed, 15 Sep 2021 08:10:02 GMT
server: MerlinCDN
etag: W/"6141aa5a-25f"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 ic-youtube.svg
s.hurriyet.com.tr/static/images/redesign/ 508 B
656 B 82ms
80ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/ic-youtube.svg?v=octo-20.179.0.1428
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: bc83fe2aaca29fe44eec130782a50025b8382a380797f26998d8baad51e03634

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4667423
x-midtier: de-fra-dp-s01
content-encoding: gzip
x-backend-server: hicmsimgopt06
last-modified: Wed, 15 Sep 2021 08:10:44 GMT
server: MerlinCDN
etag: W/"6141aa84-1fc"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 tag.min.js Show response
s.hurriyet.com.tr/static/scripts/redesign/ 166 KB
63 KB 72ms
70ms Script
application/javascript 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s.hurriyet.com.tr/static/scripts/redesign/tag.min.js?v=?v=octo-20.179.0.1428
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: b1bc17a6e217bfb9879e70fc66eaac2e2a9e313411c3d470a6c38859a4ba3d4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 275788
x-midtier: tr-ist-ds-s04
content-encoding: gzip
x-backend-server: hicmsimgopt02
allow: GET, HEAD
last-modified: Fri, 05 Nov 2021 05:02:20 GMT
server: MerlinCDN
etag: W/"6184badc-299c5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 243 KB
60 KB 39ms
16ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVDWP6

Requested by

Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a84df73f1e3aa5a081405d1e1c4259c52e6b517f01c880bd59112531204fa7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60750
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Nov 2021 14:50:27 GMT

GET
H2 200 ic-user.svg
s.hurriyet.com.tr/static/images/redesign/ 476 B
592 B 8ms
7ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/ic-user.svg
Requested by: Host: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/styles/redesign/tag.min.css?v=octo-20.179.0.1428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 55affca6b14138657baef73a36dbec78f107be34919f6ed464ad838c05d755bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.hurriyet.com.tr/static/styles/redesign/tag.min.css?v=octo-20.179.0.1428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4669071
x-midtier: tr-ist-ds-s04
content-encoding: gzip
x-backend-server: hicmsimgopt06
last-modified: Wed, 15 Sep 2021 08:10:06 GMT
server: MerlinCDN
etag: W/"6141aa5e-1dc"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 ic-email.svg
s.hurriyet.com.tr/static/images/redesign/ 597 B
667 B 8ms
7ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/ic-email.svg
Requested by: Host: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/styles/redesign/tag.min.css?v=octo-20.179.0.1428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: a774a8fc02d2dcf69adefaf339a454d935fdf9475abe78ac5422c82647dab40d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.hurriyet.com.tr/static/styles/redesign/tag.min.css?v=octo-20.179.0.1428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4673579
x-midtier: de-fra-dp-s01
content-encoding: gzip
x-backend-server: hicmsimgopt02
last-modified: Wed, 15 Sep 2021 08:10:00 GMT
server: MerlinCDN
etag: W/"6141aa58-255"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: MISS

GET
H2 200 ic-newsletter.svg
s.hurriyet.com.tr/static/images/redesign/ 2 KB
850 B 8ms
8ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/ic-newsletter.svg
Requested by: Host: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/styles/redesign/tag.min.css?v=octo-20.179.0.1428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 0a87d99716c0b4d3016eefa617456646a690db02febcc99c4cff6df61cd7150b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.hurriyet.com.tr/static/styles/redesign/tag.min.css?v=octo-20.179.0.1428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4669071
x-midtier: de-fra-dp-s01
content-encoding: gzip
x-backend-server: hicmsimgopt02
last-modified: Wed, 15 Sep 2021 08:10:02 GMT
server: MerlinCDN
etag: W/"6141aa5a-731"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 ic-lock.svg
s.hurriyet.com.tr/static/images/redesign/ 1 KB
822 B 9ms
8ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/ic-lock.svg
Requested by: Host: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/styles/redesign/tag.min.css?v=octo-20.179.0.1428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: f64b92f6f7802eace881f0e302fbd7d4b656626fb0f1e9ffe1a5413f383349ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.hurriyet.com.tr/static/styles/redesign/tag.min.css?v=octo-20.179.0.1428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4673579
x-midtier: de-fra-dp-s01
content-encoding: gzip
x-backend-server: hicmsimgopt06
last-modified: Wed, 15 Sep 2021 08:10:02 GMT
server: MerlinCDN
etag: W/"6141aa5a-54d"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 ic-facebook-white.svg
s.hurriyet.com.tr/static/images/redesign/ 467 B
628 B 8ms
8ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/ic-facebook-white.svg
Requested by: Host: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/styles/redesign/tag.min.css?v=octo-20.179.0.1428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: fb73618d3a519b09ddb5b76221975083616f2d852f3906a286f8b0fe91e8eb69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.hurriyet.com.tr/static/styles/redesign/tag.min.css?v=octo-20.179.0.1428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4669071
x-midtier: tr-izm-nt-s05
content-encoding: gzip
x-backend-server: hicmsimgopt06
last-modified: Wed, 15 Sep 2021 09:40:06 GMT
server: MerlinCDN
etag: W/"6141bf76-1d3"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 ic-email-white.svg
s.hurriyet.com.tr/static/images/redesign/ 597 B
665 B 9ms
8ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/ic-email-white.svg
Requested by: Host: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/styles/redesign/tag.min.css?v=octo-20.179.0.1428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: a774a8fc02d2dcf69adefaf339a454d935fdf9475abe78ac5422c82647dab40d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.hurriyet.com.tr/static/styles/redesign/tag.min.css?v=octo-20.179.0.1428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4669071
x-midtier: de-fra-dp-s01
content-encoding: gzip
x-backend-server: hicmsimgopt02
last-modified: Wed, 15 Sep 2021 09:40:04 GMT
server: MerlinCDN
etag: W/"6141bf74-255"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H/1.1 200
OK clicks.js Show response
clicks.hurriyet.com.tr/static/ 18 KB
5 KB 136ms
29ms Script
application/javascript 52.49.225.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clicks.hurriyet.com.tr/static/clicks.js
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.225.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-225-127.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4630deeffc356398e1af684c94cb77804cea1fa198e70d3a4dab8fc9d04bba27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 14:50:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Feb 2020 13:29:22 GMT
Server: nginx/1.16.1
ETag: W/"5e3971b2-47b7"
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 5053

GET
H2 200 5ba8d853-cae6-4972-b167-b14832ad2075.json Show response
cdn.cookielaw.org/consent/5ba8d853-cae6-4972-b167-b14832ad2075/ 3 KB
2 KB 35ms
19ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5ba8d853-cae6-4972-b167-b14832ad2075/5ba8d853-cae6-4972-b167-b14832ad2075.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c17c263f3030b37c34fc39b8180aed1ebefb94b94f2813cb0a1ffa0ca035ada6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 14:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: laNgsDSZraN0ZuSgn6UzmA==
age: 12186
vary: Accept-Encoding
content-length: 1336
x-ms-lease-status: unlocked
last-modified: Tue, 10 Aug 2021 09:46:20 GMT
server: cloudflare
etag: 0x8D95BE3B4E1E945
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d5ef04ea-801e-004c-1563-cc1ff9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6aaf9d243b1d5b44-FRA
expires: Mon, 08 Nov 2021 18:50:27 GMT

POST
H2 204 AGSKWxXVzmwTliqCi7BWjh2fL58tHaXzr01dXmi7ZgNfjVeMXslhXv7FPWYtVY7ZlicvJMIqEDUEcVVhiN078gY_Nk8= Show response
fundingchoicesmessages.google.com/el/ 0
901 B 39ms
19ms XHR
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXVzmwTliqCi7BWjh2fL58tHaXzr01dXmi7ZgNfjVeMXslhXv7FPWYtVY7ZlicvJMIqEDUEcVVhiN078gY_Nk8=?pvid=F9626B2E-EEF8-4197-81A5-9C21EF5B0FD5&anonid=C32231A0-D75C-45C3-B460-8A03CA4B1FCD

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.bC8GQcRRFNg.es5.O/d=1/rs=AJlcJMyP1NfdIsMKk9E5b1MPdcnWw08fZA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iCoZN7JzekGbDyCZyO06Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-iCoZN7JzekGbDyCZyO06Bw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hurriyet.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hurriyet.com.tr
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iCoZN7JzekGbDyCZyO06Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-iCoZN7JzekGbDyCZyO06Bw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxW_0Y0n8LbY1SKl0jBrJP7pLJhPos0DbtUcrVcNVfC-i-tlLu1xvrhYmQrNnz5UGGea5j2waJpDTKHCReQbTyg= Show response
fundingchoicesmessages.google.com/f/ 462 KB
73 KB 74ms
73ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW_0Y0n8LbY1SKl0jBrJP7pLJhPos0DbtUcrVcNVfC-i-tlLu1xvrhYmQrNnz5UGGea5j2waJpDTKHCReQbTyg=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM2MzgzMDI3LDkwMTAwMDAwMF0sIkY5NjI2QjJFLUVFRjgtNDE5Ny04MUE1LTlDMjFFRjVCMEZENSIsIkMzMjIzMUEwLUQ3NUMtNDVDMy1CNDYwLThBMDNDQTRCMUZDRCIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxmYWxzZV0sImh0dHBzOi8vd3d3Lmh1cnJpeWV0LmNvbS50ci9oYWJlcmxlcmkvcGFuZGVtaS1kZXN0ZWsiLG51bGwsW11d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f386632670ee8fd779fe03eedcd42af77427c9544e9f47b18d8b529c70c209b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8F7pNjvVugl5gsFhp0f6mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-8F7pNjvVugl5gsFhp0f6mg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8F7pNjvVugl5gsFhp0f6mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-8F7pNjvVugl5gsFhp0f6mg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 165 B
374 B 98ms
44ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6aaf9d24db712b35-FRA

GET
H/1.1 200
OK all.js Show response
hurpass.com/static/v4/ 50 KB
12 KB 247ms
46ms Script
application/x-javascript 83.66.162.77
DOGAN-ONLINE

General

Check archive.org

Show headers Download Go to

Full URL: https://hurpass.com/static/v4/all.js?v8a81eb262
Requested by: Host: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/scripts/redesign/critical.min.js?v=octo-20.179.0.1428
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 83.66.162.77 Istanbul, Turkey, ASN12978 (DOGAN-ONLINE, TR),
Reverse DNS
Software: Microsoft-IIS/7.5 /
Resource Hash: 5b2bc437247dde67d9f19c2ae4dd35a1deb0cb86103c00e3db6647967c65c725

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 10:09:51 GMT
Via: (c) www.hurriyet.com.tr
Age: 276038
P3P: CP="This is not a P3P policy!"
Connection: Keep-Alive
Web: V1
Content-Length: 11300
Cteonnt-Length: 51457
Last-Modified: Thu, 04 Nov 2021 21:59:28 GMT
Server: Microsoft-IIS/7.5
ETag: "0e0d43cc7d1d71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: application/x-javascript
Content-Encoding: gzip
Cache-Control: max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-request-hash,x-request-time,Content-Type,Access-Control-Allow-Headers,Authorization,X-Requested-With

GET ic-search-black.svg
s.hurriyet.com.tr/static/images/redesign/ 0
0

GET
H2 200 hurriyet-ekstra-logo.svg
s.hurriyet.com.tr/static/images/redesign/ 7 KB
3 KB 7ms
6ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/hurriyet-ekstra-logo.svg?v=octo-20.179.0.1428
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 77be70d13268deb9da9ec6392d86c7e93913eefdaae3977d914d5bdac1fe9e8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4666527
x-midtier: de-fra-dp-s01
content-encoding: gzip
x-backend-server: hicmsimgopt02
last-modified: Wed, 15 Sep 2021 08:08:16 GMT
server: MerlinCDN
etag: W/"6141a9f0-1bef"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 6102a6d74e3fe0116c56b709.jpg
i4.hurimg.com/i/hurriyet/75/866x494/ 35 KB
35 KB 96ms
30ms Image
image/webp 51.195.89.103
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i4.hurimg.com/i/hurriyet/75/866x494/6102a6d74e3fe0116c56b709.jpg
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.195.89.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3183877.ip-51-195-89.eu
Software: MerlinCDN /
Resource Hash: e6118ad77e5034aee08b361ea25aa0b5546fc1437e0af60385fd4491f2820160

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
via: HTTP/2.0 Merlin CDN
server: MerlinCDN
age: 359517
x-midtier: de-fra-dp-s01
allow: GET, HEAD
content-type: image/webp
x-edge: de-lim-ovc-s01
cache-control: max-age=31536000
x-ecache: HIT
accept-ranges: bytes
content-length: 35452
x-mcache: MISS

GET
H2 200 607d2bd07152d815b4d21b3d.jpeg
i4.hurimg.com/i/hurriyet/75/866x494/ 26 KB
26 KB 106ms
40ms Image
image/webp 51.195.89.103
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i4.hurimg.com/i/hurriyet/75/866x494/607d2bd07152d815b4d21b3d.jpeg
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.195.89.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3183877.ip-51-195-89.eu
Software: MerlinCDN /
Resource Hash: 94001d3d706ebf681736a94ceb55b8b1f513b435ead9e3508a4ba77efe984fe9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
via: HTTP/2.0 Merlin CDN
server: MerlinCDN
age: 359517
x-midtier: tr-ist-sh-s03
allow: GET, HEAD
content-type: image/webp
x-edge: de-lim-ovc-s01
cache-control: max-age=31536000
x-ecache: HIT
accept-ranges: bytes
content-length: 26640
x-mcache: MISS

GET
H2 200 6102a6d74e3fe0116c56b709.jpg
i4.hurimg.com/i/hurriyet/75/438x246/ 13 KB
13 KB 112ms
46ms Image
image/webp 51.195.89.103
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i4.hurimg.com/i/hurriyet/75/438x246/6102a6d74e3fe0116c56b709.jpg
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.195.89.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3183877.ip-51-195-89.eu
Software: MerlinCDN /
Resource Hash: 7495a524b72c718501037efc3b151a039825c1b1177da42b160812ccaa839504

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
via: HTTP/2.0 Merlin CDN
server: MerlinCDN
age: 359517
x-midtier: tr-izm-nt-s05
allow: GET, HEAD
content-type: image/webp
x-edge: de-lim-ovc-s01
cache-control: max-age=31536000
x-ecache: HIT
accept-ranges: bytes
content-length: 13340
x-mcache: MISS

GET
H2 200 ic-search-black.svg
s.hurriyet.com.tr/static/images/redesign/ 444 B
565 B 6ms
6ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.hurriyet.com.tr/static/images/redesign/ic-search-black.svg?v=octo-20.179.0.1428
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 513d8f0331c2f8e4705d47c7ef456c550a9d338822aaeead2b7ae787342250bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:27 GMT
via: HTTP/2.0 Merlin CDN
age: 4673578
x-midtier: de-fra-dp-s01
content-encoding: gzip
x-backend-server: hicmsimgopt02
last-modified: Wed, 15 Sep 2021 08:10:02 GMT
server: MerlinCDN
etag: W/"6141aa5a-1bc"
allow: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-edge: de-fra-dp-s02
cache-control: max-age=31556926
x-ecache: HIT
x-mcache: HIT

GET
H2 200 css
fonts.googleapis.com/ 54 KB
4 KB 47ms
25ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.unb8r9I2CDQ.es5.O/d=1/rs=AJlcJMxLaIDAfEvk-S264W6AG1ig9E9Qvw/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d94be6ff05be0fbb645591bca2a96f3ff991a46a304a40c73c17c798a1ed023

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 14:50:28 GMT
server: ESF
date: Mon, 08 Nov 2021 14:50:28 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 08 Nov 2021 14:50:28 GMT

GET
H2 200 s0gLdkHIAovTbZbILpsnN55cyNttdiKFA3yrJVwT7CM47AQ6NmHp9KK7PnVhzpl5DjeUffgO2An8U1mcS1xzvd6ZzsmZYK329H5awyEdzFqyxRVzIfui=h60
lh3.googleusercontent.com/ 3 KB
3 KB 35ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/s0gLdkHIAovTbZbILpsnN55cyNttdiKFA3yrJVwT7CM47AQ6NmHp9KK7PnVhzpl5DjeUffgO2An8U1mcS1xzvd6ZzsmZYK329H5awyEdzFqyxRVzIfui=h60

Requested by

Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f39aa3ca12d3572fb57f0e9e9b2234e55a2b92157fc277707499d48ea004cceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:11 GMT
x-content-type-options: nosniff
age: 17
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3172
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 09 Nov 2021 14:50:11 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.14.0/ 369 KB
82 KB 21ms
21ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7c129ee5de51a2692632d98e0e18cbc092fb758635921e4ecc404293495fafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bk+c/8JAdlTEAluR1Sm6dw==
age: 1788145
vary: Accept-Encoding
content-length: 83472
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:15 GMT
server: cloudflare
etag: 0x8D8D8E82BC311EE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d0c0a096-001e-0170-416c-c4ed77000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6aaf9d2569904ab0-FRA
expires: Tue, 16 Nov 2021 14:50:28 GMT

POST
H2 204 AGSKWxXjvnIyYP6C71LM6J_vpZnQBj24CGmD4itmOy4FA8j4Y4EgfOEp2y73XxkcDJ1cDG4_eleI_647PH5Wk31mxmisf4EF4EPobck98jKpawY33uQ4p0CVrlVn0RW5cZ9CKbeBDsqoKMP8r5Tl5EOWvYm_BrQuq8H1yl49GaH96ahEHx3z5tD5XSno0-zb Show response
fundingchoicesmessages.google.com/el/ 0
532 B 18ms
18ms XHR
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXjvnIyYP6C71LM6J_vpZnQBj24CGmD4itmOy4FA8j4Y4EgfOEp2y73XxkcDJ1cDG4_eleI_647PH5Wk31mxmisf4EF4EPobck98jKpawY33uQ4p0CVrlVn0RW5cZ9CKbeBDsqoKMP8r5Tl5EOWvYm_BrQuq8H1yl49GaH96ahEHx3z5tD5XSno0-zb?dmid=635cdb6c4605c0d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8szo+qlx3AiJmLXZTsBUxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-8szo+qlx3AiJmLXZTsBUxQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hurriyet.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hurriyet.com.tr
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8szo+qlx3AiJmLXZTsBUxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-8szo+qlx3AiJmLXZTsBUxQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v114/ 114 KB
114 KB 42ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v114/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b819e02fcd718274f1b6ad5e11e5b6330f25f5388b8ceb6213463725e81644af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hurriyet.com.tr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 00:16:05 GMT
x-content-type-options: nosniff
age: 570863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116484
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 00:08:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Nov 2022 00:16:05 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hurriyet.com.tr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 581911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 21:11:57 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 31 KB
31 KB 30ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hurriyet.com.tr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 16:24:17 GMT
x-content-type-options: nosniff
age: 339971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31272
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 16:24:17 GMT

GET
H2 200 tr.json Show response
cdn.cookielaw.org/consent/5ba8d853-cae6-4972-b167-b14832ad2075/058c7ea9-1b6d-45e2-91ba-08176c2d8b6d/ 141 KB
28 KB 17ms
16ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5ba8d853-cae6-4972-b167-b14832ad2075/058c7ea9-1b6d-45e2-91ba-08176c2d8b6d/tr.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58b1130653266e7cadc5faf9a963af38b0c0402e5e7b32c3583ffa69f440c77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: elfWkT9NnfpsUDN2oIY8mA==
age: 501
vary: Accept-Encoding
content-length: 28660
x-ms-lease-status: unlocked
last-modified: Tue, 10 Aug 2021 09:46:17 GMT
server: cloudflare
etag: 0x8D95BE3B387963E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ecea7d81-101e-0102-3c63-cc9c49000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6aaf9d25de365b44-FRA
expires: Mon, 08 Nov 2021 18:50:28 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.14.0/assets/ 12 KB
3 KB 16ms
15ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

868f2732413f5fcb021d726343ac249b6ca630db5fbd578f6525f279dda5c22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BkZngIV1hzEthgbkouRUbA==
age: 1788135
vary: Accept-Encoding
content-length: 2832
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:04 GMT
server: cloudflare
etag: 0x8D8D8E825563082
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1473ae79-501e-00c6-806c-c4a5da000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6aaf9d261eab5b44-FRA
expires: Tue, 16 Nov 2021 14:50:28 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.14.0/assets/v2/ 47 KB
11 KB 20ms
20ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5de3651c0aa89e6497da505565c8944039fd6480aa161b1f270d1f5953c9d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8jNYupXcL2bcdab+1R7CAg==
age: 929840
vary: Accept-Encoding
content-length: 11511
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:07 GMT
server: cloudflare
etag: 0x8D8D8E827001198
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fb4c89ac-501e-00e4-2b3b-cccbec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6aaf9d261ead5b44-FRA
expires: Tue, 16 Nov 2021 14:50:28 GMT

GET
H/1.1 200
OK CreateCookieSSO_Gb Show response
api.hurpass.com/async/ 704 B
2 KB 196ms
47ms Script
text/javascript 83.66.162.110
DOGAN-ONLINE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.hurpass.com/async/CreateCookieSSO_Gb?_title=Pandemi%20Destek%20Haberleri%20-%20Son%20Dakika%20Pandemi%20Destek%20Hakk%C4%B1nda%20G%C3%BCncel%20Haber%20ve%20Bilgiler&_url=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&_ref=https%3A%2F%2Femobilformdoldurunuzvakif.xyz%2F&_height=1200&_width=1600&_ticks=1636383028223&_hp_domain=hurriyet.com.tr&_is_prb=&c_enb=true&fp_c=
Requested by: Host: hurpass.com
URL: https://hurpass.com/static/v4/all.js?v8a81eb262
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 83.66.162.110 Istanbul, Turkey, ASN12978 (DOGAN-ONLINE, TR),
Reverse DNS
Software: Microsoft-IIS/7.5 /
Resource Hash: db86512460249cd5fb69503511c9d6e9f96876609d713ca3b66d5943e1beefab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:23 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="This is not a P3P policy!"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Api: V1
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Headers: Content-Type
Expires: -1

GET
H/1.1 200
OK frm_index Show response
hurpass.com/iframe/ Frame AC70 1 KB
2 KB 49ms
49ms Document
text/html 83.66.162.77
DOGAN-ONLINE

General

Check archive.org

Show headers Download Go to

Full URL: https://hurpass.com/iframe/frm_index?appkey=506d9e3dfbd268e6b6630e57&secret=506d9e3dfbd268e6b6630e58&domain=hurriyet.com.tr&callback_url=https://www.hurriyet.com.tr/haberleri/pandemi-destek&referer=www.hurriyet.com.tr&user_page=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&is_mobile=0&session_timeout=0&is_vative=0
Requested by: Host: hurpass.com
URL: https://hurpass.com/static/v4/all.js?v8a81eb262
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 83.66.162.77 Istanbul, Turkey, ASN12978 (DOGAN-ONLINE, TR),
Reverse DNS
Software: Microsoft-IIS/7.5 /
Resource Hash: 38df7d760517b4fedf309b3106a57ea2d107aa136b706143ae8eb0d3391c4b30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
P3P: CP="This is not a P3P policy!"
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Web: V1
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: x-request-hash,x-request-time,Content-Type,Access-Control-Allow-Headers,Authorization,X-Requested-With
Date: Mon, 08 Nov 2021 14:50:27 GMT
Content-Length: 698

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://medyanet-com-tr.videoplayerhub.com/galleryloader.js
https://btloader.com/tag?h=medyanet-com-tr&upapi=true

10 KB
5 KB

57ms
22ms

Script
application/javascript

2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=medyanet-com-tr&upapi=true
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b23a5731867af06f8386e07748c6ea1495532160e9b57f501198b11d9a57e87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray: 6aaf9d2729914303-FRA
date: Mon, 08 Nov 2021 14:50:28 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1339
etag: W/"b40ed8ed49fba9ab35a5f09b3eb5c934"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUfO7WIQCrMwjdjVVnLJhpENQfNxMQIL1%2FOgdHZF5zpNn73Cd9qZDlsSN00VXZC%2BLFr8vf5m3E0PbaFght%2FOWhZMCmHAzNTWhlxTOJw5pc6tNoq4AQXJA2EIqXL6o2ddDULhUzJFrlVaMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800, must-revalidate
content-encoding: br

Redirect headers

date: Mon, 08 Nov 2021 14:50:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awum3kRWtFZwY3SDd9EL45QgZ5sQtCwUAIWJeQ56WYFN8HhV4N%2FciCYtwVy6JEoDD3unr7yFwTNIC%2FIKTgQw3Po4YrbCSUlbavK9Svq1bXGO91Hs19zhnkyM%2BSLOAyqFxq4HZ9Uopu802bUMj1LSXPETbNIY8CqyIFkN1hv3WNc%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=medyanet-com-tr&upapi=true
cache-control: max-age=3600
cf-ray: 6aaf9d269c54176a-FRA
expires: Mon, 08 Nov 2021 15:50:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 41ms
19ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/scripts/redesign/critical.min.js?v=octo-20.179.0.1428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

f938698ce41ab018c4da08fc3b5e701ca9c45da450f2d05b8c22cc9208d3d186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1037 / 663 of 1000 / last-modified: 1636373217"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27159
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 08 Nov 2021 14:50:28 GMT

GET
H2 200 adservice.js Show response
ad.medyanetads.com/adservice/ 51 KB
16 KB 76ms
18ms Script
application/javascript 51.195.89.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.medyanetads.com/adservice/adservice.js
Requested by: Host: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/scripts/redesign/critical.min.js?v=octo-20.179.0.1428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.195.89.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3183877.ip-51-195-89.eu
Software: MerlinCDN /
Resource Hash: c8595f2986065b1aa55f54636dd0c22dfeacc7e9b340331d98b64cbaec4e19be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
via: HTTP/2.0 Merlin CDN
dsuid: 18
age: 347285
x-midtier: tr-izm-nt-s05
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 04 Nov 2021 14:22:22 GMT
server: MerlinCDN
etag: W/"6183ec9e-ca0a"
allow: GET, HEAD, POST
content-type: application/javascript
access-control-allow-origin: *
x-edge: de-lim-ovc-s01
cache-control: max-age=60
x-ecache: HIT
x-mcache: HIT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/demiroren-hurriyet/ 566 KB
39 KB 27ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/demiroren-hurriyet/loader.js
Requested by: Host: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/scripts/redesign/critical.min.js?v=octo-20.179.0.1428
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d7401814140210d2efe2659558cb0e625098d873696264cebcafd079cc6567c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: NlBzCHSeryGdlCcTtkZmlf1FHuI80UFm
content-encoding: gzip
etag: "204e26f5ae238552be61944f97175675"
age: 18139
x-cache: HIT
content-length: 39524
x-amz-id-2: DlMU9/13flnBZnz/PMFpKxxmdG4bPPj1bj9PjgmNHknL/eJeAzcE/rMnq7cm/DkdXfFUbmwZi/U=
x-served-by: cache-fra19155-FRA
last-modified: Mon, 08 Nov 2021 09:48:07 GMT
server: AmazonS3
x-timer: S1636383028.251940,VS0,VE0
date: Mon, 08 Nov 2021 14:50:28 GMT
vary: Accept-Encoding
x-amz-request-id: BH1WYH8SQ43HBRVP
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 73
x-cache-hits: 5313

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/demiroren-hurriyet/ 54 KB
16 KB 29ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/demiroren-hurriyet/newsroom.js
Requested by: Host: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/scripts/redesign/critical.min.js?v=octo-20.179.0.1428
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22fae896165dfe232f87b69dbba3e98a4246ad4ba7e8f3c346316190c2e7b25f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "3adbe00e1805b12e61c3ac504fee2ed1"
age: 24
x-cache: HIT
content-length: 16155
x-amz-id-2: eFPyHQOkYcNUaGPb6LSqDYmhvDIHj9oIudWB8iLPdRcM7GbsU9bLNF5EDDbPUupGj0TA+dk6wSU=
x-served-by: cache-fra19146-FRA
last-modified: Fri, 04 Sep 2020 23:39:59 GMT
server: AmazonS3
x-timer: S1636383028.253579,VS0,VE0
date: Mon, 08 Nov 2021 14:50:28 GMT
vary: Accept-Encoding
x-amz-request-id: KZ4C3B7PFRJR578E
via: 1.1 varnish
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 4

GET
H2 200 adservice.js Show response
ad.medyanetads.com/adservice/ 51 KB
16 KB 74ms
18ms Fetch
application/javascript 51.195.89.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.medyanetads.com/adservice/adservice.js
Requested by: Host: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/scripts/redesign/critical.min.js?v=octo-20.179.0.1428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.195.89.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3183877.ip-51-195-89.eu
Software: MerlinCDN /
Resource Hash: c8595f2986065b1aa55f54636dd0c22dfeacc7e9b340331d98b64cbaec4e19be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
via: HTTP/2.0 Merlin CDN
dsuid: 18
age: 347285
x-midtier: tr-izm-nt-s05
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 04 Nov 2021 14:22:22 GMT
server: MerlinCDN
etag: W/"6183ec9e-ca0a"
allow: GET, HEAD, POST
content-type: application/javascript
access-control-allow-origin: *
x-edge: de-lim-ovc-s01
cache-control: max-age=60
x-ecache: HIT
x-mcache: HIT

GET
H2 200 impl.20211107-1-RELEASE.js Show response
cdn.taboola.com/libtrc/ 600 KB
123 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211107-1-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/demiroren-hurriyet/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 3e44236e71f1d7fc33169b5536e83d1f14f1b773396d387f9ba9bd9885d60f0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: bA04eeQQnUJESShRv0JGlNPXY7wN8JGN
content-encoding: br
etag: "64d760f09de2984aa236bc27c1de1e5f"
age: 18577
x-cache: HIT
content-length: 125168
x-amz-id-2: sQd0gnIGsVC/Rkwpkr//OblPYUI/60QAH9GZcOX5WXIfB8yPkgz+EXL1k8UenWla4wG3M92zmeQ=
x-served-by: cache-fra19155-FRA
last-modified: Sun, 07 Nov 2021 09:32:06 GMT
server: AmazonS3-br
x-timer: S1636383028.294260,VS0,VE0
date: Mon, 08 Nov 2021 14:50:28 GMT
vary: Accept-Encoding
x-amz-request-id: GD0P1ZCEG41K1H56
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 96
x-cache-hits: 14294

GET
H2 200 load.js Show response
widget.perfectmarket.com/demiroren-hurriyet/ 3 KB
2 KB 39ms
16ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/demiroren-hurriyet/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/demiroren-hurriyet/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fea0d4b621dc955a798c674cbf2fd139da4cceb8055ebc2ae75b746bbf2c68a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: B_dFRRpbZblazMRGx9b0S6cA6Hw3DK38
content-encoding: gzip
etag: "89bd43afc2379eb16bbfe4d568c29c21"
age: 225
x-cache: HIT, HIT
content-length: 1129
x-amz-id-2: 0+Afn1e9kiNrCwT2tDNanlZsGydi1MAFGvsuaMhdEVUllOMA3d+2WgRIKnCAemqc9RnL+UMp+/E=
x-served-by: cache-lax10620-LGB, cache-fra19174-FRA
last-modified: Wed, 25 Nov 2020 07:37:04 GMT
server: AmazonS3
x-timer: S1636383028.327115,VS0,VE0
date: Mon, 08 Nov 2021 14:50:28 GMT
vary: Accept-Encoding,,
x-amz-request-id: EKWK29AS6F12XFG3
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 3

GET
H2 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 19ms
18ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 08 Nov 2021 14:50:28 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 425 B
218 B 33ms
17ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.hurriyet.com.tr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

4223d7cd6f3f5fe89821f3dd2aae7ca2094c050c24485213d646f8ef1ea2d019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0
expires: Mon, 08 Nov 2021 14:50:28 GMT

GET
H2 200 card-interference-detector.20211107-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 6ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20211107-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/demiroren-hurriyet/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b800cb78591f6c96318a98bbdfdd4ba913bd3a30d506dfe13f9c57e3779dda47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 6iLNWnU03tzGwf9LxbLWXr5DfWu8sjLF
content-encoding: gzip
etag: "1d3e0d87e540ee236989327d01befff4"
age: 18508
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2179
x-amz-id-2: txGjoCQjWDx66sozKOGF5T2oe0g9n4OKEOSBC5msoYJJZ6QSmC/ageIqOC8vhws8Y9dlJwqe6GQ=
x-served-by: cache-fra19155-FRA
last-modified: Mon, 08 Nov 2021 09:40:02 GMT
server: AmazonS3
x-timer: S1636383028.338998,VS0,VE0
date: Mon, 08 Nov 2021 14:50:28 GMT
vary: Accept-Encoding
x-amz-request-id: PV4Z8CHS123TAJYZ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 96
x-cache-hits: 11672

GET
H2 200 pmk-202010011.4.js Show response
widget.perfectmarket.com/demiroren-hurriyet/ 112 KB
31 KB 6ms
6ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/demiroren-hurriyet/pmk-202010011.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/demiroren-hurriyet/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ef3e6811b230cc02f127ed8ac3395ef3d5381fe0d1c867a574b3492e8a2d250

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: y0oKS.5xJH6ogid9L6a46.dFmbzKgMCk
content-encoding: gzip
etag: "471b42fe7b006b4254cd1777c66ffb86"
age: 8830622
x-cache: HIT, HIT
content-length: 31154
x-amz-id-2: 1FfjGy0f6EUhEB1Ug/qmlvZPOiLMwVAisKC9IAikodxAN7eIRKpRvHhOG/CJm/hfxUiCPB3qH6k=
x-served-by: cache-sna10749-LGB, cache-fra19174-FRA
last-modified: Wed, 25 Nov 2020 07:37:04 GMT
server: AmazonS3
x-timer: S1636383028.343687,VS0,VE0
date: Mon, 08 Nov 2021 14:50:28 GMT
vary: Accept-Encoding,,
x-amz-request-id: VADRXPZN5BWMT76B
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 71307

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 87 B
268 B 75ms
18ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?fields=status,countryCode,city,asname&key=516Dastvwe7f1pn
Requested by: Host: ad.medyanetads.com
URL: https://ad.medyanetads.com/adservice/adservice.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 540db236ce539a88e0d2186a04b4e80543c1e3d82a904ff77a0440b9c847dbb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.hurriyet.com.tr
Date: Mon, 08 Nov 2021 14:50:28 GMT
Content-Length: 87
Content-Type: application/json; charset=utf-8

GET
H2 200 hurriyet_com_tr.json Show response
ad.medyanetads.com/adservice/prebid/ 4 KB
650 B 20ms
18ms XHR
application/json 51.195.89.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.medyanetads.com/adservice/prebid/hurriyet_com_tr.json
Requested by: Host: ad.medyanetads.com
URL: https://ad.medyanetads.com/adservice/adservice.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.195.89.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3183877.ip-51-195-89.eu
Software: MerlinCDN /
Resource Hash: 62aa76d088e0fb756fbe15ac88e5e455296ac765041fc452a0fe1d38d984cff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
via: HTTP/2.0 Merlin CDN
dsuid: 14
age: 515563
x-midtier: de-fra-dp-s01
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 02 Nov 2021 15:37:43 GMT
server: MerlinCDN
etag: W/"61815b47-f97"
allow: GET, HEAD, POST
content-type: application/json
access-control-allow-origin: *
x-edge: de-lim-ovc-s01
cache-control: max-age=60
x-ecache: HIT
x-mcache: MISS

GET
H2 200 currency.json Show response
ad.medyanetads.com/adservice/ 34 B
354 B 21ms
18ms XHR
application/json 51.195.89.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.medyanetads.com/adservice/currency.json
Requested by: Host: ad.medyanetads.com
URL: https://ad.medyanetads.com/adservice/adservice.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.195.89.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3183877.ip-51-195-89.eu
Software: MerlinCDN /
Resource Hash: 10c4b39297ed526540a5282fe29fad4f8015f3b9c223149a004b014e3ab3286a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
via: HTTP/2.0 Merlin CDN
dsuid: 20
age: 5721
x-midtier: de-fra-dp-s01
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 13:15:02 GMT
server: MerlinCDN
etag: W/"618922d6-22"
allow: GET, HEAD, POST
content-type: application/json
access-control-allow-origin: *
x-edge: de-lim-ovc-s01
cache-control: max-age=60
x-ecache: HIT
x-mcache: HIT

GET
H2 200 prebid.js Show response
ad.medyanetads.com/adservice/ 240 KB
90 KB 41ms
39ms Script
application/javascript 51.195.89.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.medyanetads.com/adservice/prebid.js
Requested by: Host: ad.medyanetads.com
URL: https://ad.medyanetads.com/adservice/adservice.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.195.89.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3183877.ip-51-195-89.eu
Software: MerlinCDN /
Resource Hash: 37ab12abc870791846a9519a517d2d3beb05dd00aadcdb3d8f9ad5d050581016

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
via: HTTP/2.0 Merlin CDN
dsuid: 15
age: 5286592
x-midtier: de-fra-dp-s01
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 08 Sep 2021 10:20:32 GMT
server: MerlinCDN
etag: W/"61388e70-3bfa0"
allow: GET, HEAD, POST
content-type: application/javascript
access-control-allow-origin: *
x-edge: de-lim-ovc-s01
cache-control: max-age=60
x-ecache: HIT
x-mcache: HIT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 52ms
11ms Script
application/javascript 104.111.228.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: ad.medyanetads.com
URL: https://ad.medyanetads.com/adservice/adservice.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.228.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-137.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Mon, 08 Nov 2021 14:50:28 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Mon, 15 Nov 2021 14:50:28 GMT

GET
H/1.1 200
OK 36374 Show response
tags.bluekai.com/site/ 41 B
648 B 199ms
163ms Script
text/javascript 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/36374?ret=js&limit=1
Requested by: Host: ad.medyanetads.com
URL: https://ad.medyanetads.com/adservice/adservice.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fc9cc6050cb99e5097549d04e20272c825e728bce705dee95c621f87499dc2eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:28 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 41
BK-Server: 8895
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 28ms
7ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: ad.medyanetads.com
URL: https://ad.medyanetads.com/adservice/adservice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 38743be62c3c6384da933b785f689933c1bc3b0fe33af64d40027ca84d44a834

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:06:28 GMT
content-encoding: gzip
age: 2640
x-guploader-uploadid: ADPycdutqpAZF85kHO74WTVLSoCyVXPqtxcPtJ3S8OOCgIIrNdYxCrw56Pez_OnOdY4KPj1IsdEqbTnjk1ImJmvIAc2ll2GHPQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3607
last-modified: Wed, 03 Nov 2021 14:17:41 GMT
server: UploadServer
etag: "a3cfc290a2a59172994eca570704d2ea"
vary: Accept-Encoding
x-goog-hash: crc32c=Nfk9rw==, md5=o8/CkKKlkXKZTspXBwTS6g==
x-goog-generation: 1635949061609314
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 3607
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 68ms
46ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ad.medyanetads.com
URL: https://ad.medyanetads.com/adservice/adservice.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bc856485fc030d62ffc0bd503a92a0dd5bca9903c1d60edc2d1d94d8050824b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51628
x-xss-protection: 0
server: cafe
etag: 18031480948212776796
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 14:50:28 GMT

GET
H2 200 adservice.css
cdn.medyanetads.com/assets/ 1 KB
793 B 60ms
41ms Stylesheet
text/css 51.195.89.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.medyanetads.com/assets/adservice.css
Requested by: Host: ad.medyanetads.com
URL: https://ad.medyanetads.com/adservice/adservice.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.195.89.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3183877.ip-51-195-89.eu
Software: MerlinCDN /
Resource Hash: ab398f53d2db477897aba7548843113dd5003fc95ffeb5018078779122f3df4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
via: HTTP/2.0 Merlin CDN
dsuid: 17
age: 3031730
x-midtier: tr-ist-sh-s03
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 06 Jul 2021 12:41:01 GMT
server: MerlinCDN
etag: W/"60e44f5d-44f"
allow: GET, HEAD, POST
content-type: text/css
access-control-allow-origin: *
x-edge: de-lim-ovc-s01
cache-control: max-age=60
x-ecache: HIT
x-mcache: HIT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 43ms
7ms Image
image/x-icon 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 09:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 09:15:29 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
1007 B 45ms
19ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.6458212285281806
Requested by: Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Mon, 08 Nov 2021 14:50:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 887
x-guploader-uploadid: ABg5-UzSZ-Kt1WbGdd88HlCnZf7YcJGLu-DR5tPwPS9bXoxAsvJYwt4jGn6LAHoZbG34sctt0vecv7iFCJZExLBCcbRvF7nEjw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBq%2BJVCVdf0HOKJOq8lGMOKkiBIzTBl3yjDAmKSHw0xvEC%2FmzPO29EfuGlONQiR0kdLh8clXfOqjEBtGGxX%2FRPH3PpOAvUz3s1EEqqmIMSQ03b%2BTg32yHFiaY188DEtYziX4vJHRPNqQtm3pNA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6aaf9d277d8d6955-FRA
expires: Mon, 08 Nov 2021 15:09:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 46ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hurriyet.com.tr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hurriyet.com.tr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 pv Show response
api.btloader.com/ 0
96 B 140ms
113ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=yuYyE9QF&w=5644481027112960&o=5633512275181568&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&upapi=true
Requested by: Host: medyanet-com-tr.videoplayerhub.com
URL: https://medyanet-com-tr.videoplayerhub.com/galleryloader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 Nov 2021 14:50:28 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK 34182 Show response
stags.bluekai.com/site/ Frame D8B3 71 B
1 KB 181ms
156ms Document
text/html 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/34182?ret=html&phint=PageType%3Dhaberleri&phint=cd6%3Dlinux&phint=cd7%3D4g&phint=cd3%3DFrankfurt%20am%20Main&phint=cd4%3DDE&phint=cd5%3DClouvider&phint=hour%3D14&phint=weekday%3D1&phint=date%3D8&phint=month%3D11&phint=__bk_t%3DPandemi%20Destek%20Haberleri%20-%20Son%20Dakika%20Pandemi%20Destek%20Hakk%C4%B1nda%20G%C3%BCncel%20Haber%20ve%20Bilgiler&phint=__bk_k%3DPandemi%20Destek%2C%20Pandemi%20Destek%20haberleri%2C%20Pandemi%20Destek%20geli%C5%9Fmeleri&phint=__bk_pr%3Dhttps%3A%2F%2Femobilformdoldurunuzvakif.xyz%2F&phint=__bk_l%3Dhttps%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&phint=__bk_v%3D3.1.10&limit=1&r=34303319
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 73ae
Date: Mon, 08 Nov 2021 14:50:28 GMT
Connection: keep-alive

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 145 KB
44 KB 602ms
602ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1363868726308546&correlator=3823769125409485&output=ldjh&impl=fifs&eid=31063281%2C31063405%2C31063429%2C31063182%2C44753989&vrg=2021110401&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=9927946%2Churriyet%2Cdiger%2Cheader_728x90%2Cpageskin_sol_120x600%2Csag_120x600%2Cbody_728x90_1%2Csidebar_300x250_1%2Cfooter_728x90%2Coop_2%2Coop_3%2Coop_4&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10%2C%2F0%2F1%2F2%2F11&prev_iu_szs=728x90%7C940x90%7C940x250%7C970x90%7C970x250%2C300x600%7C120x600%7C160x600%2C300x600%7C120x600%7C160x600%2C320x50%7C300x250%7C336x280%2C300x250%2C728x90%7C940x90%7C940x250%7C970x90%7C970x250%2C1x1%2C1x1%2C1x1&fluid=0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0&ists=7&eri=1&cust_params=hurriyet_kategori%3Dhr_index%26keywords%3Dpagetype_other%26catlist%3Dc1_index%26contentid%3D1%26context%3D%26AdServiceStatus%3Dtrue%26screenWidth%3Dlarge%26consentStatus%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1636383028&dt=1636383028470&dlt=1636383027731&idt=667&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C-135%2C1435%2C468%2C1115%2C436%2C0%2C0%2C0&adys=262%2C462%2C462%2C1381%2C761%2C3642%2C0%2C0%2C0&adks=1465202717%2C3927909414%2C4001034156%2C3179944183%2C2486161909%2C4285802911%2C185160960%2C2236863044%2C229154383&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&ref=https%3A%2F%2Femobilformdoldurunuzvakif.xyz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0%7C465x0%7C465x0%7C866x80%7C300x0%7C1230x0%7C0x-1%7C0x-1%7C0x-1&msz=728x0%7C300x0%7C300x0%7C300x0%7C300x0%7C1230x0%7C0x-1%7C0x-1%7C0x-1&ga_vid=1198651847.1636383028&ga_sid=1636383028&ga_hid=973641647&ga_fc=false&fws=4%2C4%2C4%2C4%2C516%2C4%2C516%2C516%2C516&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&btvi=0%7C0%7C0%7C1%7C0%7C2%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

7a414fd06c1808140a0393ff18f7d3ebc313fd569c573b5d7f4a958c3b5ce3b0

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLmziOmBifQCFZP7dwodP3UGDg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLmziOmBifQCFZP7dwodP3UGDg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
google-creative-id: -1,-1,-1,-1,-1,-1,138368166195,138353897362,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44755
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,5815030071,5724328702,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Mon, 08 Nov 2021 14:50:29 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hurriyet.com.tr
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BA70 6 KB
4 KB 64ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 08 Nov 2021 14:50:28 GMT
expires: Tue, 08 Nov 2022 14:50:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111030101/ 268 KB
96 KB 334ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4133813641255581&plah=www.hurriyet.com.tr&bust=31063413

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0601934a0e1f4b07a01c2d152af6835361466c6a5e9e6220f84a8f1b82d8ba35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98352
x-xss-protection: 0
server: cafe
etag: 17805520738418469245
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 14:50:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/ Frame 361C 11 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 07 Nov 2021 18:47:13 GMT
expires: Sun, 21 Nov 2021 18:47:13 GMT
content-type: text/html; charset=UTF-8
etag: 2948287274155451234
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4905
x-xss-protection: 0
age: 72195
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK request Show response
clicks.hurriyet.com.tr/ 0
290 B 32ms
31ms XHR
text/plain 52.49.225.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clicks.hurriyet.com.tr/request
Requested by: Host: clicks.hurriyet.com.tr
URL: https://clicks.hurriyet.com.tr/static/clicks.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.225.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-225-127.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hurriyet.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

Date: Mon, 08 Nov 2021 14:50:28 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0

OPTIONS
H/1.1 200
OK request
clicks.hurriyet.com.tr/ Frame 0
0 122ms
31ms Preflight
text/html 52.49.225.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clicks.hurriyet.com.tr/request
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.225.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-225-127.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.hurriyet.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Allow: POST
Content-Type: text/html; charset=utf-8
Date: Mon, 08 Nov 2021 14:50:28 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Server: nginx/1.16.1
Vary: Accept-Encoding
X-Powered-By: Express
Content-Length: 4
Connection: keep-alive

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
410 B 16ms
15ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.hurriyet.com.tr&callback=_gfp_s_&client=ca-pub-4133813641255581

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4133813641255581&plah=www.hurriyet.com.tr&bust=31063413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

24ca884a5509f9460ab1aeea03f8bda9428cc8abb039175f49b827eb4f339898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hurriyet.com.tr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 317ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hurriyet.com.tr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 41ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&tn=DIV&cls=fc-dialog-overlay&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 40ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&tn=HEADER&cls=header%20&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7ABB 10 KB
5 KB 80ms
80ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4133813641255581&output=html&adk=1812271804&adf=3025194257&lmt=1636383028&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636383028493&bpp=2&bdt=762&idt=364&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1091037249168&frm=20&pv=2&ga_vid=1198651847.1636383028&ga_sid=1636383028&ga_hid=973641647&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C31063413%2C31063182&oid=2&pvsid=1363868726308546&pem=308&ref=https%3A%2F%2Femobilformdoldurunuzvakif.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=10&uci=a!a&fsb=1&dtd=381

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d8e6863ceccccfea603b5227bab39459262a56c5bf48d0e9cf55395b6fa6de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 08 Nov 2021 14:50:28 GMT
server: cafe
content-length: 4592
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 08 Nov 2021 14:50:28 GMT
cache-control: private

GET
H2 200 container.html Show response
6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A6C6 6 KB
3 KB 309ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 08 Nov 2021 14:50:28 GMT
expires: Tue, 08 Nov 2022 14:50:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9FB9 6 KB
3 KB 308ms
9ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 08 Nov 2021 14:50:28 GMT
expires: Tue, 08 Nov 2022 14:50:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8A54 6 KB
3 KB 305ms
9ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 08 Nov 2021 14:50:28 GMT
expires: Tue, 08 Nov 2022 14:50:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 687A 6 KB
3 KB 302ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 08 Nov 2021 14:50:28 GMT
expires: Tue, 08 Nov 2022 14:50:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 CTOHUVRM.js Show response
cdn.insurads.com/bootstrap/ Frame B8BE 7 KB
3 KB 258ms
67ms Script
application/x-javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/bootstrap/CTOHUVRM.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 969cea1b979fe9caa3bb40ab811c363f7140091f8c1c0ded2c67005f3f7bfbc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: gzip
cdn-edgestorageid: 756
x-amz-request-id: QBRZWVY7Q4BC5HG0
cdn-cachedat: 08/11/2021 07:40:09
cdn-pullzone: 55316
x-amz-id-2: k4bS+wUwAJqHYsu6lnvpiC21C2mbVE5lsonDkeDyvip20uc9ABY+lTxL84Db9TaRjxnKRPWjYPc=
server: BunnyCDN-DE1-756
last-modified: Wed, 23 Jun 2021 10:40:55 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=31536000
cdn-requestid: 4f3d330d76896edf0c23c630e827565d
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ Frame B8BE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 956aeb3e9594933b7a401326de186861399c7a783d5981caf02bb825ee28ddb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B8BE 0
26 B 43ms
42ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdVftq3SlDMFiv-OjmpnB8BrkYpLprGDirU820hZW-aJyDyvSjkNmpKuBGPa7XEEs4RU6stuRF9SJ-y98web5saGPggtgnUvah01s6UVrumCU6pIsjkCbkEamdCok16gTFmwgtXmnXv1WChHbyfJ2T8ch4QnyIXqcal4UXlJtiuaGnfr7xTUP6EPgeg7ryQbRLg4j1xprsRVnzmrflR-iNz1s7RvH3RdDYxlrpDeIEHpYMWuYeaOx_f01u68ozr0L87UPdjpEZv1oCak9YxxdtZSmFHTNsOo89tEOT4C7Dwsr41_GrTZv5GXEcQJMkQuLzqEMRZHw&sai=AMfl-YQ8Nwjdr4Gh7K51cN3hsnsVRG7rerC6zLxP89p0UCaeIkhcq3g4PeKQAv-B40CTzvhRjfZkt3KzkLtwsa1bKlD35gcZCYTlei0clbEmY7Emea2Alh8z-KXENctcSmg&sig=Cg0ArKJSzC4XiBFBhwt7EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 14:50:29 GMT

GET
H2 200 container.html Show response
6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1C47 6 KB
3 KB 277ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 08 Nov 2021 14:50:28 GMT
expires: Tue, 08 Nov 2022 14:50:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EBF5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f3c7cb556133bf2aa975d3bd23799d142cee068aa98d97e37def7e2020271f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EBF5 0
26 B 43ms
42ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbOGcTj7B7B9ONXCutu0sTblBb6S_oGwaToip44-2f-CAGegB1o-59VsUOygI-JSrvmFHnWC72kjE963yghDWpGVe8JgIBrgo2Qib4tq_uyYAARB2Yqm7Sc2rZyt_117CEvo7F6kgnQ4mmFd0t1o9BLKFo96kKeGf0CpgaS880dIl8hmdNntM0j-m2MurBz4U9fNG_bJOaTEE4Q6lLtbXS6tW25kpwcuS2jzsGGS2Y-lfYP6HGfnvd1dCMLwA3CVg-Fj6QJsoJmfQrYK0b8yehEAnYp4voblFWy7IasWhfklQaL8ChMFW2Ulu4X_UoDoSey-4&sai=AMfl-YSkld6ytIqETMFIu_hXiZ1T1pJviSTjOaOaH3RjR29lXj6FU-4qbNgjPFEigb_kpy4yM9fDlejUrWV42qVBRrMPcMrg-qbTiT9_VJcDzR0Y4H5kOCXwxWkIscvbC2I&sig=Cg0ArKJSzBPJygrv2w4HEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 14:50:29 GMT

GET
H2 200 init Show response
services.insurads.com/ 2 KB
1 KB 317ms
106ms Script
application/javascript 23.21.247.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/init?appId=CTOHUVRM&h=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&t=1636383029506
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/CTOHUVRM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.247.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-247-176.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: caeeb73b936e9372b4a74c2b41f43d6dc21af097bef90d56bd7fe00a0d90cdc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D278 624 B
344 B 18ms
18ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRD4v_SDAhjsqtu2ATAB&v=APEucNUtV-iDMxWbxzhldsArFBqp610WURrLlnUfxMhv4rGWla-hJISqN6tOCF-VNX4WuFFzKAA3JteeTHYoaEaBlt0kkTN5A4axZfFTpoV2Ugb_2AX7kMm1bQQzrHvIARAxmCrSpwFnTjYNnLDD5F_xp5_7HYH0xSMiVflEmKm_ZrWL1qGjvKwxujB9D6Qxex-fmHhzjq-OsuHXkukiqNzPTDA-_oHbRQ

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 08 Nov 2021 14:50:29 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A6C6 73 KB
29 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVk3sMgG289DsEsDnGouIt09po5rjTksii4IJyurAiZV2mRe4li9VpaWbkgM04V28EsYlnhqhQvJXwY2DqBSKkTKVCcgIyN33h_xzhgbhTP9bmiLNfyJiOFWI_XG3ExSUFidonOYJCwKmLgFvNELdSadaPhw&dbm_d=AKAmf-D55e_35f0wk-HgX2IX-NItGkTFsfRigtWp5fnpM7rs-KOsaZlhumIFSTeqy8NXwoNYcD5dsV8l_PT0V8AyoxPW8L6pyWnXfp-_B1x8fkhUoJf9LIj4tkTBKLkll8p1M55DhTlURaWS-iJQVyg0fF_126GApSXVjnuHHiRmLeNJ7U62XkT_u2hDqW0w6PBdlvTXNb2G1cm3EWBjJqBhw3NtI7_V1xx_D3h5omCGctSGEEctoPlgJuINzHTnVL3iXDbNcLNJmaO3Td8_8KOoPisxfH8_xZl6FCXt3NK36pnLFUsbe5JYCCDEUUfAfoHsWtopGDjopIvLa1hSj7BtolaqKq3eaWPgLI8q5q3VY3E1UOyw22ogIJJK7DjOBDiY2MwSygoNp6U2Fr9YDFJW6WhzNbLyLuxqSZ53l-YiSxeX7wtpTxYNM5jSMTMC4b8f9yF9NoIUZiZIaM-zBZLV0s_9GoY9IQAWb4KTqiAKRuB9OZHNWZerq8NE_ZL5v6wNq6BRuVBbMKRW9J3lTYFKVoi5ylYuDP526bg6_DmuPmXiL48yYJZU8zwe7UHA2BfMVc7KfF1ivN4fxPt6syIm6PqpSyKz7xoySQG2sTNjk6hFeChDzMfzOIXqhrabCL0OxDEvJadZouSMxGy9Uvt2vJ-NBHzwp2vkcLsBu_4qElSmQsDyKSPt4MAmhUiquz1LIxzYAOZ9WSf7QZ8g2RF8I4JFSOPOSpTBvBIu2Szz477srhIIdunwPUcxMggqIlXPiAGdgGrQNkOpBI0TTp9LihK-5yOYB3BFgjHACHqip2FzTQ5CYaCxHpzcSDmT4PrkynC_LYxe9iIvHjeJz384aF2_KhgYZ0lDWzIpZSKA1B3AFokUjJ2QmFHswHhoa-tV658jEqOQ3V2HdHgRMs5m4zkP8qEMKFjiFNlRF_FkkW7n_7ZEJku38kyVxrb_OmrIlGfoWrXjEJugMOaNitagFATYHmlTVLCMNVJ6fW9niGl6NzB6wRVCBvXsewxn3dC_fqg_grQfzk8IVPKP6BlDpYo7nlkRvgywpFC9f3axfQfWJJWkTg9hcD08-mOIlZw9loD20eCxanQDbEpeNpde8ccizak4rFPjRm2_TZgiHh0nKmt-iPGMXl5n0ZhS03F4Vb3_ZpdxpHuk0JSWyG18RM61rciMDwwZqMU2XSgcHCt9gSQ-Sxki-0EURBUQ4Qv9g5sKphgLs2crwx9qTOy6ndKgimylzcsBDiIzLxohOrT1QiHI_KWMqBQ8bMfXuBVa7o8u9h-COglk2g-qyPSrvGgN2dyat6XkC2HogxLXy5Zct7H2MUGpNtRfM5cLBEQ8qy8lzpLVHCHpoEP_DFL87ii4htQ-kbkqZQxXV6xdf7mq4SdESt6wJ2tQObIZAfVmDnvOxjxc9wxLcD6XwmwJhRIFGwnnh3gqqKmbkKO0vpi_txVN7nbCXGjrgMMdDrUZFcSD-F4b78Ehkq-PAvHlWYArWLb5BauEWpzvhVNSJx0zzfZ_ZtgHiMseRy7bphkr7jh90-Lw2yc5WSLncubq30w0t8--gx7grGFVDm1F-OlG2eXHlmSWsru4NyJxbeW4QOGEg47OV7PivkJmgxWumhTJzLh4VdcVuSV-2ffn9C--Eo-wJStgqH5E9mSkKfkcYUGdF3zCkyMUvfNquqEtMxWtrYJ6nBPKa_QRyP3K-Mo4cm3101BJBECYdy1KVpGnam2pIZA_x1AL4-kmXfZ90-QyyF0R-TssiuLJDGtbSjZ3ScjmEG889bDZ7d3pLD8vbqAaEnjTggCI-T9NQHzxuSKLze5frsqiCQVx-FKofmbH8XoXUO_Exu939v0NB10owjxMDPkn3iDyI43hd5yh-6dgP4TeqFqXo1e179R4AoDKrBzjsiFfI-oPtWdAheOYYwvuhnB7zijbQLba_A-HxeWM8GWUvYfy0q3TfdwYB-HwwDJAgtb1NOGi5PJbMCUGdQtgvxi75jdOJr87WfjZzTl7SeAPG10Ty16LEOQjhijDMZs09URV9CkyTWPG2be5I9iWAb0m_kdlAHpAMu1oIf_V_Ezg7vt89NSz4vXirqXGXQ3-1XU0C8bf2wLUSe-A7sQypVTJjHTQiNli8a5eFGr7G0WHSfGt0kz4CPwoSLdtAl7nv1XETyKWUNKZd395BIksTP-R1ISvkk6nOsYzMuLmFqI_Of3e5fZX0HT5FxCaxHvbSrmhyP6a7I8EASdEYOM6_Wvivc1jfeCUVp0Bw6-dL6vlzo5oQc3JlBl2vr59HMnNF0FmAMarHsnO-1yiTZeb5q8KzOv-mXBXSn5TTlvJnW_3dwaK_QIlmoAmkc0bGnNVGpBOGlfxa2K0zPKPdcVx2H3us3nDsr5f2MR8yGD0pu0w2_THg3qp7h2jSN9h4f8oykL2_HYXsBUJf4vPfV2NZ5JotyOAdzD_LQFdKjbLg6nX4Vti9kAoJtUELjFN3qEVqCVJdTQFENikrw-2WNMQRi4o6PRvYoujPTFkBolE0_HqN2yj7HIXFzcluTaJzFPncKXrCirLX00NPRWW-TYQp0_EOvNtFJeBQt-8FhnCnhH6B5MbnUPvI1-hvxS9u8dvC-N5ffRewLLXzjF_xIHEWrfXKByE5Va6rcaFaffJP_BMl35_zq2nNTZ7ZFcEQ8tfT7Tv7OnH91BV2LmWsC-_AfL3XTy8avV5Ojd1GgjX92fzY4Ym63zlNS5U9kzbUrNwCGQnmPksyGfnjfsbsTxy1RLOxh-y1ZRcNEOniS8esh6xDqJ8i74WHe-xaZYokcpyZorPbJSYW3vmc10QYypVTt8HAvqoBjDVhr76NkBNVCbwrXFuiJ16_n_u5p-UzDmKGTsOFAC82rclV1Hp18Ca0dxRzypULZGLS3z_pwI1Dt0cLBdcNgH8ItFREfsssmT2AM-95FyBbhXiMA3aBmJyjZgaMNWg2FmURknOfOn-nF66IE7Q2En6gSughuXbKaE2BFLeXD9sN-TZnulzVKmrRGKc5uYrrQ1o8fO5i_CAP5ldgrsiZeaix1H86t7a7LDwSgmj12oGF7Q_JMSIt6CrNS7R9rL8oDqpT6HKQpxr7oJAsCTHykHmbSihpWcz217pTGIUOBbEOVJx6-z_YqvaxJgr1kXpVIFlrp_hlAu6aCsgesO0jwsta-iceDijwe-hj3dpnmc23ZTZVne9BkqGeGBFGSxHBcCnbfiQneLtsX7H51OSOaAVVa_V_CbN8bKFoiVfSWMPyS1L1cqNR29hSW8aWxSB1U_YH_ujNl4qp_x3ukmIcj29fhLVMVoeItvQ9r_Qauhen5ERb0GkJEE65hw0&cid=CAASFeRoYwA4GlHZPyKZOp2nN7ZOTk5jzg&rfl=1%2Chttps%253A%252F%252Fwww.hurriyet.com.tr%252F%240

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f065ce535c9b84c29ff9ffce9cc1b7a02178e2d5a01271d80dcc6282182d9ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30064
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6C6 42 B
110 B 39ms
38ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D49J9Lg6aLZL1xJh6aPZGQl2Q400jY_xj_3OWImFSKt3__1o-PJXuR_QjOeLDmLoAgwOXnTARtYThdDUEwy4gteGObEdumCD5Qp1lXorHWTsUDjsY

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame A6C6 3 KB
1 KB 43ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:42:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6C6 120 KB
37 KB 50ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 14:50:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame A6C6 15 KB
7 KB 34ms
5ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:43:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A6C6 0
0 48ms
17ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRx6Yd7SculTAdt6C_oTezHHvHeVFpfCInisXc_PQZAwXmD3F7Lkm5Z9XRWwSkGzetJ7bgkMLnBa5ZgSbuqkgo0IoWuhw
Requested by: Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 45DF 624 B
340 B 20ms
19ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPK0wEQmJDhlwIYmczZpgEwAQ&v=APEucNUNQXbkO2VSLWrdNef6Xw97V2as6v-4Jp3yKx0IctlZjUjbnph4PYCvFYidN77ajEbVVABOyGtg3cnW_tiuB9bxbiNWhgvjQ1eUFvRGkyzhHOyXwtQ4MWQGHSYgXeM0tqANvH2eboYc5yk2VjAGyRjMJnveZckiDma8GM88yk52ASfFiY9Lf83IyvkRff8FlH8uQxMvAR3B0Ov72lJj5xTtlUjs5w

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 08 Nov 2021 14:50:29 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9FB9 72 KB
29 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgjjWNP6-JXzA2WZw4fWkVyL29joJdKXyfMc2eaIEOA0MW3CqXaNc4xD_5e4vvElSADvLdCkg1CMq4dneIePEa8NOSHCRcNTJ_5DwQiufdtL1drjHV0qqZSKM7WasX0-z7zgWPzHF2ilOd1QmjwcdYbuCWnQ&dbm_d=AKAmf-AbIVrA3-FN-8Wr9X9J2l0TqQNqClXSet9Aa0iGNfdur5F0fsmBcKx07q5AEKRFqAKBoPQJlJXUyqOoDC2UjPrG_yekRfEjvwVnfsd4m-FEnN6Vq5Db4u-lzI_A9rem4yohNdy-rMVO9Wnd26jkJ8l6dgf8TdWq5Y8l9rjTQj6xsDeHzIpbUbnM5qcI3fQWopY_efIv-WL_FUCihxug-J0yhsrjGJ1rk2WXzvGCbv4nLrXBSjLKJxdQ7LH26HNxzb8K_MbCxc4QOuN6BTOKqJlEeOIOHwmOA-ReP7TZfwmtYy0KNGk60aW_BK30MmEPNKkt1JNxiEa7GsCxnQExH01KH0wwMOaMbCpU2bYHtNHVOjlcDzde12l6UlRvsa1VZko16AouD62FFKJmhENCGey1PzXlQ-AI8v5tK0BZacoLditPX5RxKd7WBQkZVT80hdGEDGOkIFokGmUI5n-f-IAyBWe1Y82qGcKnHSP3KyTJl6K5aZ5Na_32e_g6AHv1fvRa_Zx0NDKLfwxeb2vRXa8rSWvq5rn96_qcNap_-72curCn-M1NkfKGc5OyrZB2fo4XH98GG7Bbwxq3icAeB1dsMMjDQ1fqyNRPjHJG1SWYATnVxAk-ZGhf1J_NbftqVg83Fik8q2jm7fcRpRl40v29NjDf5p5l26vLblvvjdAyLbGvmk0a8bpv3lh6G-g-1c9MOeIcXDDmxDv3hJmvaocl3h0H4fiXTDkjWW5WjSYfk223MNFMlyA2q23ummdI-fWIfde99pzsnct_fwn69HAw_VVafD1bGP-RU-0J_kzkP5j-27oXvpsrXNPFsJDl04bwiypIeGlDOqaslLaEp4HGITGvc46jgjdhfGOcQZd4U7p0ixNcd2v2yt9zJO8g-z6iizszda3IfFaPXkd5z8YKqSQGUR8SG7Mp4GfLJ3nXPaFkEKOx28UeK17zxT3J0bAFRIOUBXp4E0YjJ1YGwnxSTxgKqKe0odfyLFYzTpVs7MvVpkHD_oWNSTiWv6xvf87Cn0pVox4Fi3oZ6GWuAaLcxJau38uD4Vj4RnoUhq8wTV490ECyLHY21qVlKybz1i20hQTgqlTWCUNyTztZe3Pf6gnCd5x7zEiRz9DIboFF8X5FsKOsAGzkmFAKS4dUeYxUI-mZjhS4wQBXdR2GcHs-MTjFPMgkd1oukwJpyC4Q5ye0mLVGOP4vPCfJTrPt8BcvKoX2Bj2gBQ_oUsRGWnMxMAQvc6Yh-wLQ7qsZAY1uKItFTlA9Bz6vEMtEZy1lYEqrqI6YLJp0jTtG5aQHZMCLB469VctxmFqz8JB6_qDxNN7gzRTec4Utox7sM9fjF42YFaHNeag2a4Q90MvtB3NilZmArw85Q8_ckRqqTAzmp5tXT0JZ3sN_SiztEhI4jfGlxo7KW2jTJcy8iEQMwGiYZXXf_aL8_uqQkUSIrWyntGgJDPnY0Ixe0Z9OwrSnm8AdU75s1wmdwoUCa-A1ibNuyQhA4gdaSCvakDeGPP40AfLQzaVpQZzgSd5QAWh4V-WnaFZZDawSmIHr_qJ1c8jgG4Oai1D2owWKL185b4ud1imDF32Bz2tJCs-5EGaVJ_F4gnP-AlInEV550_bEqjKgAv9bK-NheerP3rqy1kamaXbWBRLP-Xztn6-zLs-cvaGfq7kiSFrbbGXSvhJTkyTyIJO_-wif8hjx4NrOjnyV_525hLHzBQP-dqB_xS-POPEBn1wOK_JezHsq2RQ1-YVriohv4jcy62qb379JG_ny6isjFwqzKejphxx9cuZXIyjrgbVZuBJbZ-PsY15b1avS5O43lM5XnzQInNo_IW72ML_YjownmO98YEzx0lF-MQg_Ghp93uBKHxVYfHvGzqd7kb8RPSJh3Y6vH3cCM4nEWzqCohiSbpo367io4borxKMR1HqtwKtw3r0MntWbt4AAS8AvusIIuNMG9uUViTHA6bt9z-qcsfyWYA4sIciP8pzNzMfITNO9y7jCjjQd1XFYir2xGC-TmmxtlD40V_DUXZkDf_gYBfaU6TcQHILTBbFoJgZM_x8fYD_1PHP3ssnPF4kKj5q7hOHXQHVGXtxziG_hUL2YgiZvUQp-HsO-20If4p2BnJF9lsQSiA6wCCK16aUA1LwPoiva7v2loEpcAn3waTFuznsJvKCM5-G5Xfy_ONKJSWt2j9dEKAY9yjSwz0-kcC67zhJoWVO2tGD4JI7u_fxmcoeaDfnfTgrm2TRLzC6VEOsDaLR0Q_YMCCmnGE6m3_3OrC1q-cyskRlOGJwSlBn7zshZZOmvAoYez--sd1dz6WET4VM0hI7civaxfdbeRiAtLZ9XhtUgLPHnpAi4yl79Iex7xzO0nip1cLpyeAwhttOydLnTjuds_v2afu7ObV9FUmTDIAE-Fbj_Hi0ZbyEjl_VZtDdWEL2T3gehFGh3XbNtKsJY_Hf43xJ4S0ErvDIxJtQ-dpTyPxSA-XMDX_yjkJK4HYMctfaMwyY7BU3Wv0UzlcHxKRLNP6qZcQRRZnUZ8J_NEmLFNBjw3tNx10nvG9VG6JWN-Qxei1HVoMgPwBQHfLeDNKpkDbcjho1KvhqXQidaaff0zA4m3hgxUxebpXdUSV0sxPRp3uoiGdAqqLxY31MqLTJDAM90QtnjIUGMfNGyLSLbNZwd1dLbeuo41_fSCbRThaErsOf-EmObsfjy9_OW6kJ1zLYOmo-EhtWxGDyyXwhRdBzdPIwhYTAEFkxpk2ouRC_Yrg5tr8-thBwOBN_N8QrPC0JmvXyFvrSJs_v6PyT_v8yxeKoNmiGEBnH6MrXHSKnLuhrM8tCxy25eKk25Os042OOAO8CHOdnCyHy06OcxXebwJJSaqb05ttvF3Lidjun3BgeFYJUY8Z27q2whK0ugwhF7h1soCHQw2udxU_6Ta48z2EbtVWXAaYuFnqjVIF9ltjY0qc3TmSaSc5uOWXsCpbrvAdiD_YCKRi7F0mdbwcz9fAjiM6-AnDE_OilRt0pZDV8KmxZBdQPXa168Y1px2wXoRVgYhImmHbojJXkXv9Jbva_VHe53-mY139QmaX5z4oziQXb7qEWJ32NvGQeAN2TQM1EUWUKPv6v-SurfCPzKtVtT1hESwGW6o3sHe3glggy0D0lq5xhrX-W-kj5Ic-LlTtWoZ1xgYGwf75uVpa9kZwTa21p923qWN0y5C7-dyeFuLBljiI0NJNj2uM1vr0dakbRGbM-rYRoN43SkmPehgqlwf3kzPOPID6YdVBh44DcsVMZf&cid=CAASFeRoGo0Z5U2my-Ek196nzYMyLifvMw&rfl=1%2Chttps%253A%252F%252Fwww.hurriyet.com.tr%252F%240

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0decf5461bf2a1f4243bfbb8d2b5702ca539b71338f87fb516a13a05d220d69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29747
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FB9 42 B
107 B 41ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2UIx7yasnF2vppBo2EV3A2l7fW6PrXqF_6MlNfCTORcIvl56mgFx3sXrd8cqQl4tlAGyvYcy2YvvQBcjLae5cT0i8bJiN4O2ac7JQlWiIikebeDc

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 9FB9 3 KB
1 KB 39ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:42:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9FB9 120 KB
37 KB 55ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 14:50:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 9FB9 15 KB
7 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:43:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9FB9 0
0 44ms
17ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQaVgRE5-E5Bac_2rGPNFCgDXPbJxiecnu_Pj17pGaq2QdpHaNkgx-8U46gm9GgoU7kMW0U5IvyoHkBf9cOkr_OaWMPLA
Requested by: Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4E21 624 B
340 B 23ms
21ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLiTLhCUmNKVAhjO7MW2ATAB&v=APEucNXgz6KsgursZ2CTWFHmxkHdVybY_LjwRHtNJvw6FklDWbz6naoNCoU1rLQsL9DV8SEA-u9Ku6gJl9u9dd8jIoTB_ZBS4t2TLLcgpLeF6MpBzL6H5estBxs8gSdWW1CDYE1baFBXLLdl6fvL5xMUwmaxSh0-Fon1ZZOdKTNsp7l3W19VpgeTrqPR7CoISeYdLTffOzMTGrzWeg3rfJCUsPZxqkWwKw

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 08 Nov 2021 14:50:29 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 687A 74 KB
30 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9gAMlTsWH5ykfuQhQ8pPaxuGCQQndpYWVjc19otWvWU5jIFQbLiqS0q35oo6MGvOhOItWVvVD6QRGhCXXnE1dyZCKlPfzAUdv8cSPwahytaUBqrfhn8z-nbZulCYtzn5JZ-w2DjjafdmaXTOeAsEoDpE87Q&dbm_d=AKAmf-CeoBk8UP1d8LNg7JILNF2ZxVdavq6o_Sq0KP5ii94cXeckuHECjjcFgr_rewf454nb2R_rrwLX5dhENx1_DQv3CIxa9vf-FGXtv78hgezoxcIJuHOi8TYaXKWP8ZD_zspSTuXDsKRf3VD7-5jLWZuLpYyW6hfl4z_Zo5Gnlpc5YIF5VasNfZHHTqFk1PJRhOTk0bwtP4utz9WIomZ7tbF998sOrssYQ_8j4h_F5pzPxQBafrBk-nTL2KTHUscwO0eSTJ1fkaonEhZ9GPsPlz6PJceE1g1WBoxEMYKas0H8JMiswRvXz4YidMHw5Bpb-DOCt5wVM7XlNgEv2Lk3IC_ztyiOu9AY0D1IDvGlLJI-J3BZaI07Kuj3wFT4Uaa6-GHJnRVWzoI_5LzCm1s_ugdHaMxwK2sGlfRVIoaGgSzXlzjdQkX6uVez3GkZWIgC042LyOC2CRxsHHRpVkUR0Es4CaYM7Z6tEXKWzuiSev_wqdqiUL35EwOVjPdjd1DdDesxlbNM26fDrkVMMrh59iCCwKCY8xyEnSE1BaQ9jr7DVbNNUS1SdPj-3ZBJSdd92zHESVZdO9CsL2B7dfLIOtYq_qbreYEZIDyIobcmdO0QpEqQNgUOPbIurkRUV8RGh3mbrymXZp2boIjPRpAjmtpraegrl75I1dd_KDNl0P-Nip_Q-V37dwjjxi56w-OiuH9Ae_D-K2dsYYlFWIZ9zpxPjTrKkJQ9Uq4bbNiCUAmc1y3dlSGjZyUw8YcD0Pbce9pfGbt_SP7gA8X-p4wocyZEnmwMCyMJ4oV6zw0kWNsFP-8WSpfpDOFenVLEWRsKFqhBGBdw0gUmEni-Dt__Wr83MPa-Lossx4AH5GrbipLdKGd5M0_jJU4Rv3xCec49RD9RjvTBMoptLQ8edu5ZVYgzm6PvovKcWPss9NSKoqr4lHpGUc9uL9dPGvg5exD7wG_r4xK8qSb2afiZWU0lH96xJp6CmDOOKG41RsfJkiU6lh5fjbO93cBSbWB4y1brwGEIFd47ZuigTlrLByEqoCb6sIhRy3MLRz2BJK3h28-E2R7lE6M6LMVJGNilOQOKVl32bLiMLnoV-eIZHyaWAj8j1kmFxMZCbVSLLgCuO39pqtYAtRge7YOc9tkiWBCdlEpTJF_41oAw7DR3AC7SRkUfxbfu3-Jt4Nnkan6lMuaSOOe7nzuzt2f-095AKNjCy_BC1oDT-icaF7tDLl9-558zNMaBanUBz-IQtnPdY0YKOiWKo8S_596SGYvBjQLbgnV1dFUj9KZVPL0uN7E_oIvBoSyczRPOhDDAZiDapl7vUTVEGC6vc-9GHbWQOl2ZwerRwbrnk3F4i4tLlaCyB3J6QVvozG31ZWjXdFQ0N_kWl1dk69ImbRonSUTkk-3r6MsZXmeXowmkZMnX3jAI7RFUN7tUKr4TiwErjxQIwqy094j1oLFP2cOOE-D5TkmRDO8JVBMjuWYc3IrfsIKdYrippw84ztX1MgHVgNENtcaAdvJb2xw9ys_Q9MQJNnjY2X-3ErOBFtaKDfeaGBVjzOvbP_rrHMJs_Q9AChA8oNPtFm3RTI9R0uAReZKyq-rOkduuRrnXTC_7JmAlZBK08UL6OHAIh6LaxIkr_W6V8vusv_YCD22xmzvDTlnN_8gT5sMFsBi2eFmDlVUilnz-3uXYncHUBP3ErI3rOWVHiXvVTvH2AijKgt0dViY-yadhDk4InZK-W4CEPQ1AM7n8sZlzSc3rFuQrIS9mM959L2378JT_EuPjJikFZRTqSqhu7-3B_W_GBYBBFG0iG9VdZDxqPgy3APVsvIOwssIlJwZn0YAmHER96V4Ax9gRF9LM-Mg5UO2uUL03C1eJrfT1PxeXbfrTimvJHTz4lexTkxrobOfx4p1IxqQ8P_02zEtEe8XlT5JQD_uj3pEWxoI8933s3l8TiO5W9u6odYF0uxaUj5lGHp6xkaJoTZb8Oj01zQrucQ2DIWta-7-O1FRlYu2iXktoX5cvl5AWxfFQ_EXSNV2ZUi1TPbsMCBo_kK4zf9SURy4hWS8vs32cQFrdod0YpeiQuJRsm3TTKcd9LE1UDLvJJ17utA-6NVkG5p70XASuWl1-a_IL_LO5jFxr2mYcsIPJIge9UcOAiWL3TQHnr6lIAz5utpeaXB8yk_w_1IMN1DahiZCNzYYWEAoCBoa6PCuL3oeHZvU6eVA0cBNxVgvCLWE2kGX55TAUE7YmWUHfuwW4BZh_MFzUEHk21G0Rhu6uvyzkxvdYLAb1k_DPzy6A_KwjIMN8ki2a3T0MZ8Ip2q2x7wHiCn-H-I_Lm6yKKNbjDgmXGEUFDVBfVAn_YOCsQFBx6tb4ZduVXuXgucN2MawxN3mUVDaqNOX2ll2LVOyIkbREuu9Pr5HXYuv-1hdyydQHK2fczP_C_AkB-FwsnkL4086l7adIYFs8NHI1Ur848gawpP2EdKMKxEIsJyEkDq_t5KyhBJBBW-2gED7BRaP4mR4j67T0BTv7knZq6pqFqcVkQ4dUGZKJVrGXz9BP5fHba5MHf-I0rbeUX7YPMPsenyg3dsnMGz6BnEco8EapeRZYi7HPzSinyV0-8aj0IcOi0ZYcLT6-wd2hbfbhpRQf-80A12NGI4pdVZVGtGhY3TCklrhk23uu-ArYXho2cby0WHskhlpo0_BSK1NBC-MFKHYDfHS27FT7rXfpgzJUCSHB4bPx8ibY9fnmhTEhJy_t1UIJ69SzUcO5ZCvmNGMn275VkVjZjVr6QLog_ocuP4Ma5mUMkKrkJxIjw6Bxi0ixRLwtXDLECxKSsBpadqT6h8kBwDVHVaBa2z9jKYX90pItr8FA6QkJpWBjlaRd4t_D7XAGPUCZKErWb_E9UPp011qkdkRCeSB5GJznKIsMC9RW6oC5l720RFlNSV5Js-cJOUJjQCe7-lm8ogQq2joo3hPBlh8I2MjGJxQDtnCsPa4deubo0wTSlx0JqtGVTbWJ6Y_AGC9K4p2Usan9QejfC4PcPCZAnjTyTLmNgRa7yCJmjMdn54rjFCRo71NK9LeHxdEF4jo0uM1NxP4TK8uZ-uSszNb69aYiGtzlx6WP3OhX_7Bw_2ZzHwKbDE-cztCzyXRw2ZXiubTzE06-LpxQKnGhzzEjEtk4CXWvOaEDH6QucloOQ4BIQ92gPWGHGMuWv3gD34dbMK3xL7iFVzekbQeoApmihivCzxq29assO6oH4fM9zqZVPl2WpIjQ0UKKMp12wt6pxh4ogvbnQ-qmY30hOwN1XQiyRnd_bABx6DckVS7TyDerbxo1KOdcr80b5oBrwzu9HgfKIorB_H9n&cid=CAASFeRoEhs_e7CWZ6ixwQLJoL5ed_P7rQ&rfl=1%2Chttps%253A%252F%252Fwww.hurriyet.com.tr%252F%240

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdbb1b242bd9ed3fd3f5268722a6862d02714aa25552a488aa6176314784abc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 687A 42 B
107 B 39ms
38ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BL5A91v2pxF7WZRCPIlJKqP3XvJ8sj66B7-CUaY0cQZeSZS9gg1DmRfd3eS5cMCEjNfkWGH2FB1QgDYckJnRoLyoE3eLlOpZq3YINv8ChBB4mAcFQ

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 687A 3 KB
2 KB 35ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:42:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 687A 120 KB
37 KB 53ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 14:50:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 687A 15 KB
7 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:43:23 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4478 624 B
340 B 19ms
18ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLiTLhCUmNKVAhiW64W2ATAB&v=APEucNUyYHAQuzAg63xPdRQyYj7-ZdR8vybFubhNdISHv6LVVsGyYMXRGW0n_9-QC0r-SrQHYk3MNDMimh8_WlkeM6XpwhE8yK6WZEarl9ICENiQfGNzMpv3c1BuaLM3jhaJvSoRt5nxOyzc5hEjqsEQ1snHcLeUrtn5hmkL9ctIfWAUdNqwLcqgaV4CMZKBT4vecYxANRJkou23JSnttaSoUP5dDug_1g

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 08 Nov 2021 14:50:29 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1C47 74 KB
30 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CygloUO6sQQYmgJY2Ie9SF5pxvQMenbPY8gOTMjWvDOi5hMLDJ_9yH_h_fwwEik9kNJ6IJWVBan6Fh2wqXU4r0cLQoppjHEmqIcS7_KAVYTADNUVdYzHMCCixRv7Tb1luYaP_Eh-ak-3S3IFiLnH7-mFe99g&dbm_d=AKAmf-CaN7JYaxoIEKJrJ6zzSPaVvjEUMJxOIIq5sWCHK3lOxLUiGUt2lG7fDtvQaHFDZ-Hue6h1uGp5Cgh9pmz1FntfeuMmP3pGa1iy2mXQu7yncygEZ_mUl4kE10XYM8aUkhh8bd11_9yLe6g2NDVdtTmsHBElCv_mgk3N2dcmvjIdnIzAKMT7yQutj98yUx7axdcesHIlXdkMB0IWvTDYngm7a2Q54FLzdWvxRyorxIArsUJV5sGpfl9QSrzpAUvzX8J28Q2tNUSzNhhZ3Oe3KK7y50xfodRfxEDd2vOqddMAFZv2kBqCKFKk-78JKD9l1_AdTtWEvgKL40PHAIkDNVazCqMa4HFDTZ-k1TTElJAPz2cz5Do5CQfPIJhpeBKAR9P0eJvTN-cosheLc6jOz-IRcdf0WQPpclxChIDTKnJNRbJLhfcoe-Fy3JIAO4RwwatN3iz7InBTFb2J_fBB7lgiBIRHMuSYzMiMYOcHsE1eYIFDux9wjvGfHmC63iCujzERNhSNbI_oV9qixUYdg7tHEhD7E8ZtGpm4CnZHnUzmTn5JK4V3E3lWDIxgHO-pfs2mvO29KqDpEc2FX3Di7U_Axc_EjuriAeHofyUWh6pGKzWj4XOqAFIfbZR_uZChcarecPldEGBjUnmmZYU-uGyN6jNOO7mSut6FQSQcvFH4ER5qm5E99UiyY7eumN8pfSaAstaR5FutQXi9JU_oPhx87Hf1yXprmhsv19SPxZhynCj5EiU-bykRSdEvYPi6wssGZPYbY2xx40abGyauhAs67knLckoLa452ixJyu1Uj5sjRk_wFcUBqFw0g_5ps_sDoY39fUw3Q53HeYe-0o3GJsfoxnIwzfwko90yi3IW6LHKjXdA5ewW-JLiidiwhxcG9IfkKQP1bZwOCMgbTdUsHAXmJc0V69DxOxDh56H9iejlWcufVpgse0C7d-hldEy8J9sKQSYsPVIjjyi-LvniBMyFHcd4mDsQ_6LBGj-QGa5eDcvMXvQvrz_MOX0UjgP6YII2zyS0xdnzfRkYOnqc_VvwvoeDLuaX4Cm6UAtyCl6TuqJk_8vPLfWkjJvVj9n2xf8ihMQnizA99LkWdiYhvaJbrMAnqAbVPBsXXmSJSOx5LJ7oyzKzopSYUj2rzx6mSxaEvCDewfihFDfVLiAxMe_3MO_TWOeTqzr9ai0Hud_7ofBKBq4xu7W39VhP9gOBMi6J-Lk7Np2kGjemVsmlVzC0DkPGVbzMO4gOQkXvyReDkUfvCPwxBHRKveWOKrpd3gAkwpAql2uENkmZpqh1mlM_G-h9h8rlvBE3xyQmgHEM1RVMsZmzohaoCdtH2gYwrGIhCSldVegKFiEaCvL2ikEaxu_HDU8vLdl8Oa9WGJMNV7ednjZ1rbBnDx71QFgolEHVNyeQhWTLw4DL0Zw-A9qTdShURePr-Ots7PHEQfn0kyHO1JG7w04iEL7QxeeEUg3gEhF2CgDGUPtY8PJnDG3IA1mtxfG2hvr8b2-YhKIsrIVHfHoyh1XG26ABxgIfSAf0gQNf3TVEfOiTtnqCdKlVTK5rpMym5Fviw080bKn_yHHHv3VtOcykDnUDs-vJuJAVJXeN4SyHdad2FbeLuyJhqxtsHInWnFERPE13lnE48D99-_3CGU03AAT-mvIgRyDOrwVxIyFXyS53i_I9xW8e-EbjmZ3Q5IpZq000WLq4M5eprv3XtDDjd0rVpbDYKFoMiw_4Trde7BL1ip56INUe4zOczPBn6ESu8QzhjOFElzsWpKQt0U3X_ku4yTOxEHbBFgAlOITF77R9NKVdqMBCxdPymiUkoMF2D0jKrw6FcfhcBpla--EH-WAn2xad5lU3H7hyMp0pFfd5GgHXW7Ycr2WvAVJ8pqMoLWQEhofyt7L7HxEhlDT0uxiuWSIre7kbV_dqX4d8w79QEk-FvNyY6njew6yRaU2MBx5teZoWKh8N9Uh7xfkg9GrkN-Muzdva8l8x-jvteZyMIJTBH-Ofz1ry3-DR2F_X9YEAJhEGQs0GZjFlPfKBP81qNwGVrwXNxFLKxRAkMndHAtJ3Cnoj9F08whliBEL3a67Osol7J5pwRu2A3gdrivFACHpFvgOmVnU-0kKSvJjD5TOfUL7YAMbBEc8bdTp8ThVq5aXNrrfID8cO206z5qUGRTul9rLOAnJPfSbfNxzPu1qma0xauRpAxhu-oFSZdRcH4_3ZgZaSaqnsoNVsa9vhR_WLlsMAvnmU96nQI39XVF8KkjPYHcmVwzp852gEMVlHBEd9OwwgHUGadm1woI_leNLqaMwJ40_kAJ90ZWkPQqW_FRKLiy7LMXEzjZfvrjLpzza3JxOocgGFeNGx8paDLZ_V5v8oqYIem1LgxvqwZTePAkCgF3CXE2K-mYtuID-8u0OdSWTTRezeYunt5P3iJ17ZuLjtRm629eszkOv_-4IB1o6OJBl4TO0Eyi_KbmUQ3CEbfeTFrgtTvS5i0Ga6KHi3YJcbneAXl90jkC5ab1Np0qMp1aNiuBL7xZUzcD5KIH4OsnjOuhNnVJOvm9PGDBEvR0242KGQErVFwGj6MgiGD7DvyvcyRwYMVk65ePuVqDEi0mI9zV2D5GAcgRL_z2Ymial_kT0uJIQVVzo7aA5qlVv_OfafLKc8nxHawiKbgfvenDPe9Tkq975Uie3iNz4pqdjm44W4T-Thyf1Td9ns1Jb1oAQAxVvLYUEJ9ed9acJUqFQniXu4RFtGQyd2l5XP7D_NufmLX7Af74gOEJgmd-JqIBljgX12r2GUVAdzwDp4ZAYODsHJoOkCpY2ODYpc5ycHGPHzb0foEA6qswvwdA3ICkaTzBD2rDmRKdExTcGS2qKX8ICNz5HMxJbwFsD6-pbGVb-7SMM44xLs9kMKoMLu5Yzyxr1XsQm5l2hVlfCsX2yLlHDrf4o_gHP4OYnABB6lZnIIj8T7MeK9cX4ZYzCKKgt3fRLgypYspkcGzWBlBkCQFOZXHNrvjQyXubNRQt5DVfC2d8efxg_iZsbPH8_KV46EZPWGJpFZNYEjhzTjZhsVo6MvadFqDszu7PA3AAeUPXlx6wlC8Q3KhtGA6hjkpMnFEUfswXC0HSHtkpLmSAgusOd-wu5ny3kUbotE8qoguNJzqECZNtwd1uqWzvjP-sao5jlgWuLziW0OeSyfDyCG78L53DsVMMoMUHp3Z2ONYB7JrD0VN3PFgSzF_mYCL96uEr6-gmkrHCt6DsmtOqO9C6xNsZOrxVrkWnyYPsrLcQqV6AeiXpvvTbmAbjxK2eZMOqEnNQAx12DFUIsmSJkYYY0Wkd0b10YZqG_GgHPHaIr67J2uWNnEf_z-3i2KluQ&cid=CAASFeRoE6Jb_AJ6YHF3ihIc07UuHJ06sA&rfl=1%2Chttps%253A%252F%252Fwww.hurriyet.com.tr%252F%240

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95126473a271db1e4d6e30a63a33dab813a3b23fc185f531f601fb79c5b9e58b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C47 42 B
107 B 40ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DF3-eImseTdKYMSVLhX_oYTh9jSffLOPMZa8UHvbbs6LvdhgCIAtNiixJsana6lEn0V2vERuegNDbezr94c2T_pCrTm90fkLuJOuzjufhEaISc3i0

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 1C47 3 KB
1 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:42:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C47 120 KB
37 KB 54ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 14:50:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 1C47 15 KB
7 KB 31ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:43:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1C47 0
0 39ms
18ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbWFVTqPABgJGv6Jn1j9eimHkboBBbKIpnTI0zT8hvYQDToV3mgFYamq2uoEPvpXl83X_AmTwmdD4J0Zi0kDOgExJufg
Requested by: Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B398 624 B
340 B 21ms
20ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRD4v_SDAhjsqtu2ATAB&v=APEucNW5it3YMk0vYxgNL5PLpFb47GmArPNlN2jb-CS8eP8JAi7lgu1VfBHETuZ7lRLLOrbwBu1bthmAiQjrVza8HajSU0wRh1LUXFcBsQ6KVMY8tkZ5HyhqXeVoI-7A9f4PtvS9CmKE0G46eMK3yRwrBFVOBAWr3Mij-0WbrQs-p3sLtLY3tfrMlVP150tlCxmrrdFfESZNrpkgT2WIIdXK2cZXzdbTgg

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 08 Nov 2021 14:50:29 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8A54 73 KB
29 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-k-SmDnznqqK3iwDtbYuBd5mT3ffBn4HiizDDfBGBNzrugA7sNuuI9_XTOflE_TOO7EUPcOYZHrtPGsQnVvCgxn-PZgTVWR-EMSMbclDZnYpQ9UXaqGEMCbzlUXp3MoX4cC0RTKQh2YQ-BgzPiikJ7jDbvg&dbm_d=AKAmf-BXfN6N7_nSRxziyaVVU1Qn7aoiPBqEQiwhseC58zIVFPM6ID6axkWoD2ekIyEbJ5QXoKf8uILwnFGTw2h1I5SrsJnK9P4HX61hCyUiQMynDzcGxZnbtpp-iqQmVg_cPmmJ7c0G9_QWjVp25oZsEbI2A3CvytQ6Fy2cmxumLekcczmkHXw3GmGmAWSV2W6KPCZTSFQpk-cbNE5j_HacM4hsXLAJJCKlTowNrL6AbqvfnphtU79reKBftYD2Muf5Eyu80RTKRZ9udAThjCIMhb88q0ei30x_vlh1wfds3Ki5qKOE1SfKoqnMcdBGZKcLqm2UsxTarzt34asjrMJi7DjDfqzO65gAhhIvDg0UTdc7XuWP06Rt8uZYYiue_147Zd8_kgOB7cACOws9lXVLrvfxZHRO7K7-QX3LalrjLh_MnQ9cTWwep8iSDzfDgMbc_WgQ_UF2IE8shjR6HrvkhHJD8TAM1wIgfRhG0iaZN5y3nOG855GYiz_svXyioPsazZvbJ6fDYKLejuXy8hH-MPDiLWHStk7H9nXtNNDQEIvtKeDZSIwBjLNdcHnJBAuWXjpM-qBP4XjINayZApiZoV9bAN5gG13aNiuiO4cx85Hz29eoSVG56XYqGmzwFr44ekJM1ORFtj44T0zaEZELr6Y2H5F3vtZ_x6RzKOD-E0c8DB-aLoKsp9UVhrmbVWlFYU0BtYUgpCCEVhNZC9JsOMtv_GMBonYCaEvziYSZzBMRoGEv29ZcNcId_ygFEi3HDbNIhtngisKvstCHgIiAHmhcw6RYMYdFFY-27MWd6_Tfn-4pnrlhKsMK2gXJ8XuOQYtdm9ErJ3DNOHn2U34AEYlQ8exOvdCYeXa5teMqbQMjYDzii_WHqVmZw1zUwHVCpE3PVGkEBef--d8Q0RH_jFLDHPgz1FbchGSoJPqG9d_soQxrIJLl4OUC1tL3SzeEc3qIqrKfPk1NVGdTwpnmj-2qg8xhTPChTFGvxUUimn6F1xtttd3fBPjScmy5gVl4RTKDPdE2Q_sP3BrM0AnDV2SXvWdD99M1UltWFiXLmVfDIGYXev82cpqGCA0nHzCHHs6eFIayYrF0-tYuDEPe8reAlz_wEP0EoAcbc7Wd5TYlgP-lMOcVgk1rxWAsx_-5VSTQMArs5-MwQ6NwLXMZNMg_V2ghy7XtXJXLOaSghbUPFwTryUH3JKZO8OcWeKQ5YtG5Mau6J5OR8mpoImxpV5zAwFm7dMU8EudvGVYczci0T0E9c2OW8jYVTxNIfSrVH_4VmuB_SOTqcIgxNm-yhDwerNaFnMaqh5_mgpalMQM6qRd1IQcdej0W0ju7UtisXmXiPDEgnSbQs1lN4qdyiMe2fXxra9ksyCVJtQzNIW6EPspFRT0gFw-jBDhaBmki0goG_nSi5dUxzk5QsiWfaODfou-x2s4LpRLSCN2pNxxitct639UzVYPJ01_RbhT8SNegy3VRMXpyMQyKUyCcr7caBlODzx16uJ1XRQXfqut_1b6iIH8or1KE8tRrxhQKVgDIZdA38pNGG3-rZNekl6O-htEtzE_YI_FdBHIs3wYMSw84sPp6sUBuVthSvjzR1Xitc6yA6CZl5fD91Kc3GQPxikGUqHURGFQhklOC9LMmWaTi2lU6m4kRa5aseuov2NvK-U754Awb_w5sm6_gJ_Sr1jZf7dptidxy7L5wjORDNXENMvr84ccACESCjhazcnnknFPksBLJE4HX489uCS0iiKvBnDpGK3FRGUc_ADHs8lnJe1KE4QasOkNh9eqD1ZRDlNVfuXgbfXGW_krtQFtj1P0VDw3N9fgoH4KhBTfVUUxNgrqgScHgwUB6s3Vu05ADFAm6vDgjFbaoFxud5vCooWp0bDz6HKc9IUc3mF0duXxG7OC4LVQUIdkPQfNNL5VCnjMOxbDhopygZ7TolEB_4BfRNppuuDKB_cGyXQQ4WByyqT1lDAhup3AbG-zhwPoiCspOSOKy21OmUTotT4Y0QO21oAnVhRec_RAel1F2K7OD-hPBI6WxnhvdqfzN5azq1wRPnnPxjgnkN_52kc93Adqr6zwKMOAJAolyrXqT94bQMnu9VQ1dDjxPEUAioBewzHJTlxu21XS6FH6pHkUMcbhuuZ1Px1XDmQalMAovErclhmeFAfvppjFUvvnQUnVkSuIh6w5xujwwuOSmp0zqigcDsHbQ1T3OOMyqPZ_VQ6nMWzRSsBST4DF5tic4s2xcwRrlVvXbTQmS3OfMjWbs3DuXMSv6JRrpPBun38yjv_Z1LYb6KcYDiLe2PW0HN9lJfapQbqw215pe0iXq1YMbh3TViopasglI3pUZY6V62lqT1ZlUnYkO6NLpvhOz9tTST6DZIxqjwf9rI1f9bb1Gh_O_fgeA5ifPo8uzaHkm3b0IR4XVPZZYnAluc0wWdaO7tW0rB6qXrQyr6nOEWh_uBfdMI2Af2w7CwuCTvz7JkNnt9R4WE0vuHQY0SvOZdyjvnyMuQtmkk3D0c9Ebw-fUhKBxaEgAeABfZbG4thnXOA6wif9DuBe471BYabKImiz8nD-6HNSVbzGjID1LhO-XZmK8jxCGR24f78H6kn109zvYMP4roXTPh9XOvddSWizf3zPvZYQ6NqaeKGhX-_GeDJh31pJEq1lt7b5fcaG5g8N61C-6PSxWlNE77n-GoDEZrnIeaBrhBf6J-IAc_pJ4dKvRuHkBPP4yPlO0JLL5p7pcOgbwe4UKsiqmIdV43zghukZnjI3dsxxLQycz0g_W67ZWlsHd8hwLp9NY7_edy5eIF9fk9aF8EGxheW6ZQxqT0eCcA7QWj00FxSFjkpLLJbuTkBRed8XxhQZJuH9PGYmFR03ezqhZq5uqApjL4Fb1qDSlMQN8UQYbTfAb8MN9TK3l3dMcEGGiDd5lWHbSnfVvvqe05hZopVoXsRtjwsy2PEwkssnYAVfNbNDwP6oIErwgmb83VspSBxcuphjufZAma4eqPwLl8q_TJdejxHlMGaFC46XwYhJObgPIs9FiEm7Og78KMP2AFeN7IxuExuTzhq8VmS8FR1uQUnDwmsBQQK9o6qyDi7VafOYzgz2ys9JU-PABunZcAKc1_0rBsMuyV3D8fr1dCm0lXkRbiB_r3r15SzgkBahXFQmT2F3mKMK1gatuQiEn7sPDgsNKO8BMwVfBBupbqRgwlmlRQJCZ2Z-SsTKTLsv3m-iT-jFr4M4MK_JS1DVO3JP_agQmDiVjNIyQjWJXo_bZskxN2BIW-3iGxfjkBLFpEgPvHN92qXJdlVIEWjQzDs0sMvS7EVGs5pjdHsyoHFTBcABrIVXJGtpf&cid=CAASFeRoWJYzYKgmI6a-wt88xaWLMygfiA&rfl=1%2Chttps%253A%252F%252Fwww.hurriyet.com.tr%252F%240

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83df8f02ca091f2a8b11e6f3cf7b629558794efc9b78ac32c18004f9c715091b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29884
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A54 42 B
107 B 39ms
39ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AIDoDzCealTxCjQqmJcqpp2J-9gap3AiiSdKx1e4NmO6O5U-nQilu7GfNvrPBKPIIvJ9riWlKHsQYf7tZuFe7fxxIfl9Nqukl8VpwDmj7trMcC6zk

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 8A54 3 KB
1 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:42:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A54 120 KB
37 KB 55ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 14:50:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 8A54 15 KB
7 KB 29ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:43:23 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D278
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

43 B
1014 B

28ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRD4v_SDAhjsqtu2ATAB&v=APEucNUtV-iDMxWbxzhldsArFBqp610WURrLlnUfxMhv4rGWla-hJISqN6tOCF-VNX4WuFFzKAA3JteeTHYoaEaBlt0kkTN5A4axZfFTpoV2Ugb_2AX7kMm1bQQzrHvIARAxmCrSpwFnTjYNnLDD5F_xp5_7HYH0xSMiVflEmKm_ZrWL1qGjvKwxujB9D6Qxex-fmHhzjq-OsuHXkukiqNzPTDA-_oHbRQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Nov 2021 14:50:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D278
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYk5NYIH2DeqImZiRwzjhAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

43 B
1014 B

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRD4v_SDAhjsqtu2ATAB&v=APEucNUtV-iDMxWbxzhldsArFBqp610WURrLlnUfxMhv4rGWla-hJISqN6tOCF-VNX4WuFFzKAA3JteeTHYoaEaBlt0kkTN5A4axZfFTpoV2Ugb_2AX7kMm1bQQzrHvIARAxmCrSpwFnTjYNnLDD5F_xp5_7HYH0xSMiVflEmKm_ZrWL1qGjvKwxujB9D6Qxex-fmHhzjq-OsuHXkukiqNzPTDA-_oHbRQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Nov 2021 14:50:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D278
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

43 B
1003 B

10ms
6ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRD4v_SDAhjsqtu2ATAB&v=APEucNUtV-iDMxWbxzhldsArFBqp610WURrLlnUfxMhv4rGWla-hJISqN6tOCF-VNX4WuFFzKAA3JteeTHYoaEaBlt0kkTN5A4axZfFTpoV2Ugb_2AX7kMm1bQQzrHvIARAxmCrSpwFnTjYNnLDD5F_xp5_7HYH0xSMiVflEmKm_ZrWL1qGjvKwxujB9D6Qxex-fmHhzjq-OsuHXkukiqNzPTDA-_oHbRQ

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 49e4f755-329b-48cb-a0e1-1d2f2785ca5c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D278
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

170 B
188 B

16ms
16ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 44fe55d4-c433-4b71-827b-0c2ac6af84b1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 45DF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

43 B
1014 B

28ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPK0wEQmJDhlwIYmczZpgEwAQ&v=APEucNUNQXbkO2VSLWrdNef6Xw97V2as6v-4Jp3yKx0IctlZjUjbnph4PYCvFYidN77ajEbVVABOyGtg3cnW_tiuB9bxbiNWhgvjQ1eUFvRGkyzhHOyXwtQ4MWQGHSYgXeM0tqANvH2eboYc5yk2VjAGyRjMJnveZckiDma8GM88yk52ASfFiY9Lf83IyvkRff8FlH8uQxMvAR3B0Ov72lJj5xTtlUjs5w
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Nov 2021 14:50:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 45DF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYk5NYIH2DeqImZiRwzjhAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

43 B
1014 B

19ms
19ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPK0wEQmJDhlwIYmczZpgEwAQ&v=APEucNUNQXbkO2VSLWrdNef6Xw97V2as6v-4Jp3yKx0IctlZjUjbnph4PYCvFYidN77ajEbVVABOyGtg3cnW_tiuB9bxbiNWhgvjQ1eUFvRGkyzhHOyXwtQ4MWQGHSYgXeM0tqANvH2eboYc5yk2VjAGyRjMJnveZckiDma8GM88yk52ASfFiY9Lf83IyvkRff8FlH8uQxMvAR3B0Ov72lJj5xTtlUjs5w
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Nov 2021 14:50:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 45DF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

43 B
1003 B

20ms
16ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPK0wEQmJDhlwIYmczZpgEwAQ&v=APEucNUNQXbkO2VSLWrdNef6Xw97V2as6v-4Jp3yKx0IctlZjUjbnph4PYCvFYidN77ajEbVVABOyGtg3cnW_tiuB9bxbiNWhgvjQ1eUFvRGkyzhHOyXwtQ4MWQGHSYgXeM0tqANvH2eboYc5yk2VjAGyRjMJnveZckiDma8GM88yk52ASfFiY9Lf83IyvkRff8FlH8uQxMvAR3B0Ov72lJj5xTtlUjs5w

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 45f8e076-f3e1-4877-82b9-36ddca964de3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45DF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

170 B
188 B

32ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c9ee951b-b552-42fc-847d-7e0ffedb0c77
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4478
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

43 B
1014 B

24ms
21ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLiTLhCUmNKVAhiW64W2ATAB&v=APEucNUyYHAQuzAg63xPdRQyYj7-ZdR8vybFubhNdISHv6LVVsGyYMXRGW0n_9-QC0r-SrQHYk3MNDMimh8_WlkeM6XpwhE8yK6WZEarl9ICENiQfGNzMpv3c1BuaLM3jhaJvSoRt5nxOyzc5hEjqsEQ1snHcLeUrtn5hmkL9ctIfWAUdNqwLcqgaV4CMZKBT4vecYxANRJkou23JSnttaSoUP5dDug_1g
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Nov 2021 14:50:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4478
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYk5NYIH2DeqImZiRwzjhAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

43 B
1014 B

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLiTLhCUmNKVAhiW64W2ATAB&v=APEucNUyYHAQuzAg63xPdRQyYj7-ZdR8vybFubhNdISHv6LVVsGyYMXRGW0n_9-QC0r-SrQHYk3MNDMimh8_WlkeM6XpwhE8yK6WZEarl9ICENiQfGNzMpv3c1BuaLM3jhaJvSoRt5nxOyzc5hEjqsEQ1snHcLeUrtn5hmkL9ctIfWAUdNqwLcqgaV4CMZKBT4vecYxANRJkou23JSnttaSoUP5dDug_1g
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Nov 2021 14:50:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4478
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

43 B
1003 B

14ms
11ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLiTLhCUmNKVAhiW64W2ATAB&v=APEucNUyYHAQuzAg63xPdRQyYj7-ZdR8vybFubhNdISHv6LVVsGyYMXRGW0n_9-QC0r-SrQHYk3MNDMimh8_WlkeM6XpwhE8yK6WZEarl9ICENiQfGNzMpv3c1BuaLM3jhaJvSoRt5nxOyzc5hEjqsEQ1snHcLeUrtn5hmkL9ctIfWAUdNqwLcqgaV4CMZKBT4vecYxANRJkou23JSnttaSoUP5dDug_1g

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 93f04f34-8e17-4d6c-810b-513f17f97616
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4478
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

170 B
188 B

25ms
19ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9097695c-bc89-4859-aa6b-f89506c4fa36
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4E21
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

43 B
1014 B

33ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLiTLhCUmNKVAhjO7MW2ATAB&v=APEucNXgz6KsgursZ2CTWFHmxkHdVybY_LjwRHtNJvw6FklDWbz6naoNCoU1rLQsL9DV8SEA-u9Ku6gJl9u9dd8jIoTB_ZBS4t2TLLcgpLeF6MpBzL6H5estBxs8gSdWW1CDYE1baFBXLLdl6fvL5xMUwmaxSh0-Fon1ZZOdKTNsp7l3W19VpgeTrqPR7CoISeYdLTffOzMTGrzWeg3rfJCUsPZxqkWwKw
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Nov 2021 14:50:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4E21
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYk5NYIH2DeqImZiRwzjhAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

43 B
894 B

16ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLiTLhCUmNKVAhjO7MW2ATAB&v=APEucNXgz6KsgursZ2CTWFHmxkHdVybY_LjwRHtNJvw6FklDWbz6naoNCoU1rLQsL9DV8SEA-u9Ku6gJl9u9dd8jIoTB_ZBS4t2TLLcgpLeF6MpBzL6H5estBxs8gSdWW1CDYE1baFBXLLdl6fvL5xMUwmaxSh0-Fon1ZZOdKTNsp7l3W19VpgeTrqPR7CoISeYdLTffOzMTGrzWeg3rfJCUsPZxqkWwKw
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Nov 2021 14:50:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4E21
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

43 B
1003 B

41ms
32ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLiTLhCUmNKVAhjO7MW2ATAB&v=APEucNXgz6KsgursZ2CTWFHmxkHdVybY_LjwRHtNJvw6FklDWbz6naoNCoU1rLQsL9DV8SEA-u9Ku6gJl9u9dd8jIoTB_ZBS4t2TLLcgpLeF6MpBzL6H5estBxs8gSdWW1CDYE1baFBXLLdl6fvL5xMUwmaxSh0-Fon1ZZOdKTNsp7l3W19VpgeTrqPR7CoISeYdLTffOzMTGrzWeg3rfJCUsPZxqkWwKw

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e027dbd7-0956-40bb-ba2d-284cd22b3525
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E21
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f3a54d75-f13e-42dc-9284-d65790a3a8e3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B398
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

43 B
1014 B

25ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRD4v_SDAhjsqtu2ATAB&v=APEucNW5it3YMk0vYxgNL5PLpFb47GmArPNlN2jb-CS8eP8JAi7lgu1VfBHETuZ7lRLLOrbwBu1bthmAiQjrVza8HajSU0wRh1LUXFcBsQ6KVMY8tkZ5HyhqXeVoI-7A9f4PtvS9CmKE0G46eMK3yRwrBFVOBAWr3Mij-0WbrQs-p3sLtLY3tfrMlVP150tlCxmrrdFfESZNrpkgT2WIIdXK2cZXzdbTgg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Nov 2021 14:50:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B398
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYk5NYIH2DeqImZiRwzjhAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1

43 B
1014 B

20ms
20ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRD4v_SDAhjsqtu2ATAB&v=APEucNW5it3YMk0vYxgNL5PLpFb47GmArPNlN2jb-CS8eP8JAi7lgu1VfBHETuZ7lRLLOrbwBu1bthmAiQjrVza8HajSU0wRh1LUXFcBsQ6KVMY8tkZ5HyhqXeVoI-7A9f4PtvS9CmKE0G46eMK3yRwrBFVOBAWr3Mij-0WbrQs-p3sLtLY3tfrMlVP150tlCxmrrdFfESZNrpkgT2WIIdXK2cZXzdbTgg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Nov 2021 14:50:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4FrRHgcJ-Y4DrC8DD6R1s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B398
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

43 B
1003 B

37ms
26ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRD4v_SDAhjsqtu2ATAB&v=APEucNW5it3YMk0vYxgNL5PLpFb47GmArPNlN2jb-CS8eP8JAi7lgu1VfBHETuZ7lRLLOrbwBu1bthmAiQjrVza8HajSU0wRh1LUXFcBsQ6KVMY8tkZ5HyhqXeVoI-7A9f4PtvS9CmKE0G46eMK3yRwrBFVOBAWr3Mij-0WbrQs-p3sLtLY3tfrMlVP150tlCxmrrdFfESZNrpkgT2WIIdXK2cZXzdbTgg

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 4ef9b540-46ec-454c-993a-bd9477883e4c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL3vAoEam9CQT5LKUqrdQ40&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B398
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

170 B
188 B

26ms
16ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:29 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 73783dbd-8602-40d6-84c0-e6f578082d53
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3OTAzOTkyMzY3NTA4NTgx
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 687A 169 KB
59 KB 61ms
9ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Origin: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 05:32:01 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 687A 8 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9gAMlTsWH5ykfuQhQ8pPaxuGCQQndpYWVjc19otWvWU5jIFQbLiqS0q35oo6MGvOhOItWVvVD6QRGhCXXnE1dyZCKlPfzAUdv8cSPwahytaUBqrfhn8z-nbZulCYtzn5JZ-w2DjjafdmaXTOeAsEoDpE87Q&dbm_d=AKAmf-CeoBk8UP1d8LNg7JILNF2ZxVdavq6o_Sq0KP5ii94cXeckuHECjjcFgr_rewf454nb2R_rrwLX5dhENx1_DQv3CIxa9vf-FGXtv78hgezoxcIJuHOi8TYaXKWP8ZD_zspSTuXDsKRf3VD7-5jLWZuLpYyW6hfl4z_Zo5Gnlpc5YIF5VasNfZHHTqFk1PJRhOTk0bwtP4utz9WIomZ7tbF998sOrssYQ_8j4h_F5pzPxQBafrBk-nTL2KTHUscwO0eSTJ1fkaonEhZ9GPsPlz6PJceE1g1WBoxEMYKas0H8JMiswRvXz4YidMHw5Bpb-DOCt5wVM7XlNgEv2Lk3IC_ztyiOu9AY0D1IDvGlLJI-J3BZaI07Kuj3wFT4Uaa6-GHJnRVWzoI_5LzCm1s_ugdHaMxwK2sGlfRVIoaGgSzXlzjdQkX6uVez3GkZWIgC042LyOC2CRxsHHRpVkUR0Es4CaYM7Z6tEXKWzuiSev_wqdqiUL35EwOVjPdjd1DdDesxlbNM26fDrkVMMrh59iCCwKCY8xyEnSE1BaQ9jr7DVbNNUS1SdPj-3ZBJSdd92zHESVZdO9CsL2B7dfLIOtYq_qbreYEZIDyIobcmdO0QpEqQNgUOPbIurkRUV8RGh3mbrymXZp2boIjPRpAjmtpraegrl75I1dd_KDNl0P-Nip_Q-V37dwjjxi56w-OiuH9Ae_D-K2dsYYlFWIZ9zpxPjTrKkJQ9Uq4bbNiCUAmc1y3dlSGjZyUw8YcD0Pbce9pfGbt_SP7gA8X-p4wocyZEnmwMCyMJ4oV6zw0kWNsFP-8WSpfpDOFenVLEWRsKFqhBGBdw0gUmEni-Dt__Wr83MPa-Lossx4AH5GrbipLdKGd5M0_jJU4Rv3xCec49RD9RjvTBMoptLQ8edu5ZVYgzm6PvovKcWPss9NSKoqr4lHpGUc9uL9dPGvg5exD7wG_r4xK8qSb2afiZWU0lH96xJp6CmDOOKG41RsfJkiU6lh5fjbO93cBSbWB4y1brwGEIFd47ZuigTlrLByEqoCb6sIhRy3MLRz2BJK3h28-E2R7lE6M6LMVJGNilOQOKVl32bLiMLnoV-eIZHyaWAj8j1kmFxMZCbVSLLgCuO39pqtYAtRge7YOc9tkiWBCdlEpTJF_41oAw7DR3AC7SRkUfxbfu3-Jt4Nnkan6lMuaSOOe7nzuzt2f-095AKNjCy_BC1oDT-icaF7tDLl9-558zNMaBanUBz-IQtnPdY0YKOiWKo8S_596SGYvBjQLbgnV1dFUj9KZVPL0uN7E_oIvBoSyczRPOhDDAZiDapl7vUTVEGC6vc-9GHbWQOl2ZwerRwbrnk3F4i4tLlaCyB3J6QVvozG31ZWjXdFQ0N_kWl1dk69ImbRonSUTkk-3r6MsZXmeXowmkZMnX3jAI7RFUN7tUKr4TiwErjxQIwqy094j1oLFP2cOOE-D5TkmRDO8JVBMjuWYc3IrfsIKdYrippw84ztX1MgHVgNENtcaAdvJb2xw9ys_Q9MQJNnjY2X-3ErOBFtaKDfeaGBVjzOvbP_rrHMJs_Q9AChA8oNPtFm3RTI9R0uAReZKyq-rOkduuRrnXTC_7JmAlZBK08UL6OHAIh6LaxIkr_W6V8vusv_YCD22xmzvDTlnN_8gT5sMFsBi2eFmDlVUilnz-3uXYncHUBP3ErI3rOWVHiXvVTvH2AijKgt0dViY-yadhDk4InZK-W4CEPQ1AM7n8sZlzSc3rFuQrIS9mM959L2378JT_EuPjJikFZRTqSqhu7-3B_W_GBYBBFG0iG9VdZDxqPgy3APVsvIOwssIlJwZn0YAmHER96V4Ax9gRF9LM-Mg5UO2uUL03C1eJrfT1PxeXbfrTimvJHTz4lexTkxrobOfx4p1IxqQ8P_02zEtEe8XlT5JQD_uj3pEWxoI8933s3l8TiO5W9u6odYF0uxaUj5lGHp6xkaJoTZb8Oj01zQrucQ2DIWta-7-O1FRlYu2iXktoX5cvl5AWxfFQ_EXSNV2ZUi1TPbsMCBo_kK4zf9SURy4hWS8vs32cQFrdod0YpeiQuJRsm3TTKcd9LE1UDLvJJ17utA-6NVkG5p70XASuWl1-a_IL_LO5jFxr2mYcsIPJIge9UcOAiWL3TQHnr6lIAz5utpeaXB8yk_w_1IMN1DahiZCNzYYWEAoCBoa6PCuL3oeHZvU6eVA0cBNxVgvCLWE2kGX55TAUE7YmWUHfuwW4BZh_MFzUEHk21G0Rhu6uvyzkxvdYLAb1k_DPzy6A_KwjIMN8ki2a3T0MZ8Ip2q2x7wHiCn-H-I_Lm6yKKNbjDgmXGEUFDVBfVAn_YOCsQFBx6tb4ZduVXuXgucN2MawxN3mUVDaqNOX2ll2LVOyIkbREuu9Pr5HXYuv-1hdyydQHK2fczP_C_AkB-FwsnkL4086l7adIYFs8NHI1Ur848gawpP2EdKMKxEIsJyEkDq_t5KyhBJBBW-2gED7BRaP4mR4j67T0BTv7knZq6pqFqcVkQ4dUGZKJVrGXz9BP5fHba5MHf-I0rbeUX7YPMPsenyg3dsnMGz6BnEco8EapeRZYi7HPzSinyV0-8aj0IcOi0ZYcLT6-wd2hbfbhpRQf-80A12NGI4pdVZVGtGhY3TCklrhk23uu-ArYXho2cby0WHskhlpo0_BSK1NBC-MFKHYDfHS27FT7rXfpgzJUCSHB4bPx8ibY9fnmhTEhJy_t1UIJ69SzUcO5ZCvmNGMn275VkVjZjVr6QLog_ocuP4Ma5mUMkKrkJxIjw6Bxi0ixRLwtXDLECxKSsBpadqT6h8kBwDVHVaBa2z9jKYX90pItr8FA6QkJpWBjlaRd4t_D7XAGPUCZKErWb_E9UPp011qkdkRCeSB5GJznKIsMC9RW6oC5l720RFlNSV5Js-cJOUJjQCe7-lm8ogQq2joo3hPBlh8I2MjGJxQDtnCsPa4deubo0wTSlx0JqtGVTbWJ6Y_AGC9K4p2Usan9QejfC4PcPCZAnjTyTLmNgRa7yCJmjMdn54rjFCRo71NK9LeHxdEF4jo0uM1NxP4TK8uZ-uSszNb69aYiGtzlx6WP3OhX_7Bw_2ZzHwKbDE-cztCzyXRw2ZXiubTzE06-LpxQKnGhzzEjEtk4CXWvOaEDH6QucloOQ4BIQ92gPWGHGMuWv3gD34dbMK3xL7iFVzekbQeoApmihivCzxq29assO6oH4fM9zqZVPl2WpIjQ0UKKMp12wt6pxh4ogvbnQ-qmY30hOwN1XQiyRnd_bABx6DckVS7TyDerbxo1KOdcr80b5oBrwzu9HgfKIorB_H9n&cid=CAASFeRoEhs_e7CWZ6ixwQLJoL5ed_P7rQ&rfl=1%2Chttps%253A%252F%252Fwww.hurriyet.com.tr%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:46:22 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 687A 24 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:47:48 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 9FB9 106 KB
37 KB 61ms
15ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Origin: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 08:37:30 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 9FB9 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgjjWNP6-JXzA2WZw4fWkVyL29joJdKXyfMc2eaIEOA0MW3CqXaNc4xD_5e4vvElSADvLdCkg1CMq4dneIePEa8NOSHCRcNTJ_5DwQiufdtL1drjHV0qqZSKM7WasX0-z7zgWPzHF2ilOd1QmjwcdYbuCWnQ&dbm_d=AKAmf-AbIVrA3-FN-8Wr9X9J2l0TqQNqClXSet9Aa0iGNfdur5F0fsmBcKx07q5AEKRFqAKBoPQJlJXUyqOoDC2UjPrG_yekRfEjvwVnfsd4m-FEnN6Vq5Db4u-lzI_A9rem4yohNdy-rMVO9Wnd26jkJ8l6dgf8TdWq5Y8l9rjTQj6xsDeHzIpbUbnM5qcI3fQWopY_efIv-WL_FUCihxug-J0yhsrjGJ1rk2WXzvGCbv4nLrXBSjLKJxdQ7LH26HNxzb8K_MbCxc4QOuN6BTOKqJlEeOIOHwmOA-ReP7TZfwmtYy0KNGk60aW_BK30MmEPNKkt1JNxiEa7GsCxnQExH01KH0wwMOaMbCpU2bYHtNHVOjlcDzde12l6UlRvsa1VZko16AouD62FFKJmhENCGey1PzXlQ-AI8v5tK0BZacoLditPX5RxKd7WBQkZVT80hdGEDGOkIFokGmUI5n-f-IAyBWe1Y82qGcKnHSP3KyTJl6K5aZ5Na_32e_g6AHv1fvRa_Zx0NDKLfwxeb2vRXa8rSWvq5rn96_qcNap_-72curCn-M1NkfKGc5OyrZB2fo4XH98GG7Bbwxq3icAeB1dsMMjDQ1fqyNRPjHJG1SWYATnVxAk-ZGhf1J_NbftqVg83Fik8q2jm7fcRpRl40v29NjDf5p5l26vLblvvjdAyLbGvmk0a8bpv3lh6G-g-1c9MOeIcXDDmxDv3hJmvaocl3h0H4fiXTDkjWW5WjSYfk223MNFMlyA2q23ummdI-fWIfde99pzsnct_fwn69HAw_VVafD1bGP-RU-0J_kzkP5j-27oXvpsrXNPFsJDl04bwiypIeGlDOqaslLaEp4HGITGvc46jgjdhfGOcQZd4U7p0ixNcd2v2yt9zJO8g-z6iizszda3IfFaPXkd5z8YKqSQGUR8SG7Mp4GfLJ3nXPaFkEKOx28UeK17zxT3J0bAFRIOUBXp4E0YjJ1YGwnxSTxgKqKe0odfyLFYzTpVs7MvVpkHD_oWNSTiWv6xvf87Cn0pVox4Fi3oZ6GWuAaLcxJau38uD4Vj4RnoUhq8wTV490ECyLHY21qVlKybz1i20hQTgqlTWCUNyTztZe3Pf6gnCd5x7zEiRz9DIboFF8X5FsKOsAGzkmFAKS4dUeYxUI-mZjhS4wQBXdR2GcHs-MTjFPMgkd1oukwJpyC4Q5ye0mLVGOP4vPCfJTrPt8BcvKoX2Bj2gBQ_oUsRGWnMxMAQvc6Yh-wLQ7qsZAY1uKItFTlA9Bz6vEMtEZy1lYEqrqI6YLJp0jTtG5aQHZMCLB469VctxmFqz8JB6_qDxNN7gzRTec4Utox7sM9fjF42YFaHNeag2a4Q90MvtB3NilZmArw85Q8_ckRqqTAzmp5tXT0JZ3sN_SiztEhI4jfGlxo7KW2jTJcy8iEQMwGiYZXXf_aL8_uqQkUSIrWyntGgJDPnY0Ixe0Z9OwrSnm8AdU75s1wmdwoUCa-A1ibNuyQhA4gdaSCvakDeGPP40AfLQzaVpQZzgSd5QAWh4V-WnaFZZDawSmIHr_qJ1c8jgG4Oai1D2owWKL185b4ud1imDF32Bz2tJCs-5EGaVJ_F4gnP-AlInEV550_bEqjKgAv9bK-NheerP3rqy1kamaXbWBRLP-Xztn6-zLs-cvaGfq7kiSFrbbGXSvhJTkyTyIJO_-wif8hjx4NrOjnyV_525hLHzBQP-dqB_xS-POPEBn1wOK_JezHsq2RQ1-YVriohv4jcy62qb379JG_ny6isjFwqzKejphxx9cuZXIyjrgbVZuBJbZ-PsY15b1avS5O43lM5XnzQInNo_IW72ML_YjownmO98YEzx0lF-MQg_Ghp93uBKHxVYfHvGzqd7kb8RPSJh3Y6vH3cCM4nEWzqCohiSbpo367io4borxKMR1HqtwKtw3r0MntWbt4AAS8AvusIIuNMG9uUViTHA6bt9z-qcsfyWYA4sIciP8pzNzMfITNO9y7jCjjQd1XFYir2xGC-TmmxtlD40V_DUXZkDf_gYBfaU6TcQHILTBbFoJgZM_x8fYD_1PHP3ssnPF4kKj5q7hOHXQHVGXtxziG_hUL2YgiZvUQp-HsO-20If4p2BnJF9lsQSiA6wCCK16aUA1LwPoiva7v2loEpcAn3waTFuznsJvKCM5-G5Xfy_ONKJSWt2j9dEKAY9yjSwz0-kcC67zhJoWVO2tGD4JI7u_fxmcoeaDfnfTgrm2TRLzC6VEOsDaLR0Q_YMCCmnGE6m3_3OrC1q-cyskRlOGJwSlBn7zshZZOmvAoYez--sd1dz6WET4VM0hI7civaxfdbeRiAtLZ9XhtUgLPHnpAi4yl79Iex7xzO0nip1cLpyeAwhttOydLnTjuds_v2afu7ObV9FUmTDIAE-Fbj_Hi0ZbyEjl_VZtDdWEL2T3gehFGh3XbNtKsJY_Hf43xJ4S0ErvDIxJtQ-dpTyPxSA-XMDX_yjkJK4HYMctfaMwyY7BU3Wv0UzlcHxKRLNP6qZcQRRZnUZ8J_NEmLFNBjw3tNx10nvG9VG6JWN-Qxei1HVoMgPwBQHfLeDNKpkDbcjho1KvhqXQidaaff0zA4m3hgxUxebpXdUSV0sxPRp3uoiGdAqqLxY31MqLTJDAM90QtnjIUGMfNGyLSLbNZwd1dLbeuo41_fSCbRThaErsOf-EmObsfjy9_OW6kJ1zLYOmo-EhtWxGDyyXwhRdBzdPIwhYTAEFkxpk2ouRC_Yrg5tr8-thBwOBN_N8QrPC0JmvXyFvrSJs_v6PyT_v8yxeKoNmiGEBnH6MrXHSKnLuhrM8tCxy25eKk25Os042OOAO8CHOdnCyHy06OcxXebwJJSaqb05ttvF3Lidjun3BgeFYJUY8Z27q2whK0ugwhF7h1soCHQw2udxU_6Ta48z2EbtVWXAaYuFnqjVIF9ltjY0qc3TmSaSc5uOWXsCpbrvAdiD_YCKRi7F0mdbwcz9fAjiM6-AnDE_OilRt0pZDV8KmxZBdQPXa168Y1px2wXoRVgYhImmHbojJXkXv9Jbva_VHe53-mY139QmaX5z4oziQXb7qEWJ32NvGQeAN2TQM1EUWUKPv6v-SurfCPzKtVtT1hESwGW6o3sHe3glggy0D0lq5xhrX-W-kj5Ic-LlTtWoZ1xgYGwf75uVpa9kZwTa21p923qWN0y5C7-dyeFuLBljiI0NJNj2uM1vr0dakbRGbM-rYRoN43SkmPehgqlwf3kzPOPID6YdVBh44DcsVMZf&cid=CAASFeRoGo0Z5U2my-Ek196nzYMyLifvMw&rfl=1%2Chttps%253A%252F%252Fwww.hurriyet.com.tr%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:46:22 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 9FB9 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:47:48 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 8A54 106 KB
37 KB 53ms
20ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Origin: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 08:37:30 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 8A54 8 KB
3 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-k-SmDnznqqK3iwDtbYuBd5mT3ffBn4HiizDDfBGBNzrugA7sNuuI9_XTOflE_TOO7EUPcOYZHrtPGsQnVvCgxn-PZgTVWR-EMSMbclDZnYpQ9UXaqGEMCbzlUXp3MoX4cC0RTKQh2YQ-BgzPiikJ7jDbvg&dbm_d=AKAmf-BXfN6N7_nSRxziyaVVU1Qn7aoiPBqEQiwhseC58zIVFPM6ID6axkWoD2ekIyEbJ5QXoKf8uILwnFGTw2h1I5SrsJnK9P4HX61hCyUiQMynDzcGxZnbtpp-iqQmVg_cPmmJ7c0G9_QWjVp25oZsEbI2A3CvytQ6Fy2cmxumLekcczmkHXw3GmGmAWSV2W6KPCZTSFQpk-cbNE5j_HacM4hsXLAJJCKlTowNrL6AbqvfnphtU79reKBftYD2Muf5Eyu80RTKRZ9udAThjCIMhb88q0ei30x_vlh1wfds3Ki5qKOE1SfKoqnMcdBGZKcLqm2UsxTarzt34asjrMJi7DjDfqzO65gAhhIvDg0UTdc7XuWP06Rt8uZYYiue_147Zd8_kgOB7cACOws9lXVLrvfxZHRO7K7-QX3LalrjLh_MnQ9cTWwep8iSDzfDgMbc_WgQ_UF2IE8shjR6HrvkhHJD8TAM1wIgfRhG0iaZN5y3nOG855GYiz_svXyioPsazZvbJ6fDYKLejuXy8hH-MPDiLWHStk7H9nXtNNDQEIvtKeDZSIwBjLNdcHnJBAuWXjpM-qBP4XjINayZApiZoV9bAN5gG13aNiuiO4cx85Hz29eoSVG56XYqGmzwFr44ekJM1ORFtj44T0zaEZELr6Y2H5F3vtZ_x6RzKOD-E0c8DB-aLoKsp9UVhrmbVWlFYU0BtYUgpCCEVhNZC9JsOMtv_GMBonYCaEvziYSZzBMRoGEv29ZcNcId_ygFEi3HDbNIhtngisKvstCHgIiAHmhcw6RYMYdFFY-27MWd6_Tfn-4pnrlhKsMK2gXJ8XuOQYtdm9ErJ3DNOHn2U34AEYlQ8exOvdCYeXa5teMqbQMjYDzii_WHqVmZw1zUwHVCpE3PVGkEBef--d8Q0RH_jFLDHPgz1FbchGSoJPqG9d_soQxrIJLl4OUC1tL3SzeEc3qIqrKfPk1NVGdTwpnmj-2qg8xhTPChTFGvxUUimn6F1xtttd3fBPjScmy5gVl4RTKDPdE2Q_sP3BrM0AnDV2SXvWdD99M1UltWFiXLmVfDIGYXev82cpqGCA0nHzCHHs6eFIayYrF0-tYuDEPe8reAlz_wEP0EoAcbc7Wd5TYlgP-lMOcVgk1rxWAsx_-5VSTQMArs5-MwQ6NwLXMZNMg_V2ghy7XtXJXLOaSghbUPFwTryUH3JKZO8OcWeKQ5YtG5Mau6J5OR8mpoImxpV5zAwFm7dMU8EudvGVYczci0T0E9c2OW8jYVTxNIfSrVH_4VmuB_SOTqcIgxNm-yhDwerNaFnMaqh5_mgpalMQM6qRd1IQcdej0W0ju7UtisXmXiPDEgnSbQs1lN4qdyiMe2fXxra9ksyCVJtQzNIW6EPspFRT0gFw-jBDhaBmki0goG_nSi5dUxzk5QsiWfaODfou-x2s4LpRLSCN2pNxxitct639UzVYPJ01_RbhT8SNegy3VRMXpyMQyKUyCcr7caBlODzx16uJ1XRQXfqut_1b6iIH8or1KE8tRrxhQKVgDIZdA38pNGG3-rZNekl6O-htEtzE_YI_FdBHIs3wYMSw84sPp6sUBuVthSvjzR1Xitc6yA6CZl5fD91Kc3GQPxikGUqHURGFQhklOC9LMmWaTi2lU6m4kRa5aseuov2NvK-U754Awb_w5sm6_gJ_Sr1jZf7dptidxy7L5wjORDNXENMvr84ccACESCjhazcnnknFPksBLJE4HX489uCS0iiKvBnDpGK3FRGUc_ADHs8lnJe1KE4QasOkNh9eqD1ZRDlNVfuXgbfXGW_krtQFtj1P0VDw3N9fgoH4KhBTfVUUxNgrqgScHgwUB6s3Vu05ADFAm6vDgjFbaoFxud5vCooWp0bDz6HKc9IUc3mF0duXxG7OC4LVQUIdkPQfNNL5VCnjMOxbDhopygZ7TolEB_4BfRNppuuDKB_cGyXQQ4WByyqT1lDAhup3AbG-zhwPoiCspOSOKy21OmUTotT4Y0QO21oAnVhRec_RAel1F2K7OD-hPBI6WxnhvdqfzN5azq1wRPnnPxjgnkN_52kc93Adqr6zwKMOAJAolyrXqT94bQMnu9VQ1dDjxPEUAioBewzHJTlxu21XS6FH6pHkUMcbhuuZ1Px1XDmQalMAovErclhmeFAfvppjFUvvnQUnVkSuIh6w5xujwwuOSmp0zqigcDsHbQ1T3OOMyqPZ_VQ6nMWzRSsBST4DF5tic4s2xcwRrlVvXbTQmS3OfMjWbs3DuXMSv6JRrpPBun38yjv_Z1LYb6KcYDiLe2PW0HN9lJfapQbqw215pe0iXq1YMbh3TViopasglI3pUZY6V62lqT1ZlUnYkO6NLpvhOz9tTST6DZIxqjwf9rI1f9bb1Gh_O_fgeA5ifPo8uzaHkm3b0IR4XVPZZYnAluc0wWdaO7tW0rB6qXrQyr6nOEWh_uBfdMI2Af2w7CwuCTvz7JkNnt9R4WE0vuHQY0SvOZdyjvnyMuQtmkk3D0c9Ebw-fUhKBxaEgAeABfZbG4thnXOA6wif9DuBe471BYabKImiz8nD-6HNSVbzGjID1LhO-XZmK8jxCGR24f78H6kn109zvYMP4roXTPh9XOvddSWizf3zPvZYQ6NqaeKGhX-_GeDJh31pJEq1lt7b5fcaG5g8N61C-6PSxWlNE77n-GoDEZrnIeaBrhBf6J-IAc_pJ4dKvRuHkBPP4yPlO0JLL5p7pcOgbwe4UKsiqmIdV43zghukZnjI3dsxxLQycz0g_W67ZWlsHd8hwLp9NY7_edy5eIF9fk9aF8EGxheW6ZQxqT0eCcA7QWj00FxSFjkpLLJbuTkBRed8XxhQZJuH9PGYmFR03ezqhZq5uqApjL4Fb1qDSlMQN8UQYbTfAb8MN9TK3l3dMcEGGiDd5lWHbSnfVvvqe05hZopVoXsRtjwsy2PEwkssnYAVfNbNDwP6oIErwgmb83VspSBxcuphjufZAma4eqPwLl8q_TJdejxHlMGaFC46XwYhJObgPIs9FiEm7Og78KMP2AFeN7IxuExuTzhq8VmS8FR1uQUnDwmsBQQK9o6qyDi7VafOYzgz2ys9JU-PABunZcAKc1_0rBsMuyV3D8fr1dCm0lXkRbiB_r3r15SzgkBahXFQmT2F3mKMK1gatuQiEn7sPDgsNKO8BMwVfBBupbqRgwlmlRQJCZ2Z-SsTKTLsv3m-iT-jFr4M4MK_JS1DVO3JP_agQmDiVjNIyQjWJXo_bZskxN2BIW-3iGxfjkBLFpEgPvHN92qXJdlVIEWjQzDs0sMvS7EVGs5pjdHsyoHFTBcABrIVXJGtpf&cid=CAASFeRoWJYzYKgmI6a-wt88xaWLMygfiA&rfl=1%2Chttps%253A%252F%252Fwww.hurriyet.com.tr%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:46:22 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 8A54 24 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:47:48 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame A6C6 106 KB
37 KB 49ms
23ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Origin: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 08:37:30 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame A6C6 8 KB
3 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVk3sMgG289DsEsDnGouIt09po5rjTksii4IJyurAiZV2mRe4li9VpaWbkgM04V28EsYlnhqhQvJXwY2DqBSKkTKVCcgIyN33h_xzhgbhTP9bmiLNfyJiOFWI_XG3ExSUFidonOYJCwKmLgFvNELdSadaPhw&dbm_d=AKAmf-D55e_35f0wk-HgX2IX-NItGkTFsfRigtWp5fnpM7rs-KOsaZlhumIFSTeqy8NXwoNYcD5dsV8l_PT0V8AyoxPW8L6pyWnXfp-_B1x8fkhUoJf9LIj4tkTBKLkll8p1M55DhTlURaWS-iJQVyg0fF_126GApSXVjnuHHiRmLeNJ7U62XkT_u2hDqW0w6PBdlvTXNb2G1cm3EWBjJqBhw3NtI7_V1xx_D3h5omCGctSGEEctoPlgJuINzHTnVL3iXDbNcLNJmaO3Td8_8KOoPisxfH8_xZl6FCXt3NK36pnLFUsbe5JYCCDEUUfAfoHsWtopGDjopIvLa1hSj7BtolaqKq3eaWPgLI8q5q3VY3E1UOyw22ogIJJK7DjOBDiY2MwSygoNp6U2Fr9YDFJW6WhzNbLyLuxqSZ53l-YiSxeX7wtpTxYNM5jSMTMC4b8f9yF9NoIUZiZIaM-zBZLV0s_9GoY9IQAWb4KTqiAKRuB9OZHNWZerq8NE_ZL5v6wNq6BRuVBbMKRW9J3lTYFKVoi5ylYuDP526bg6_DmuPmXiL48yYJZU8zwe7UHA2BfMVc7KfF1ivN4fxPt6syIm6PqpSyKz7xoySQG2sTNjk6hFeChDzMfzOIXqhrabCL0OxDEvJadZouSMxGy9Uvt2vJ-NBHzwp2vkcLsBu_4qElSmQsDyKSPt4MAmhUiquz1LIxzYAOZ9WSf7QZ8g2RF8I4JFSOPOSpTBvBIu2Szz477srhIIdunwPUcxMggqIlXPiAGdgGrQNkOpBI0TTp9LihK-5yOYB3BFgjHACHqip2FzTQ5CYaCxHpzcSDmT4PrkynC_LYxe9iIvHjeJz384aF2_KhgYZ0lDWzIpZSKA1B3AFokUjJ2QmFHswHhoa-tV658jEqOQ3V2HdHgRMs5m4zkP8qEMKFjiFNlRF_FkkW7n_7ZEJku38kyVxrb_OmrIlGfoWrXjEJugMOaNitagFATYHmlTVLCMNVJ6fW9niGl6NzB6wRVCBvXsewxn3dC_fqg_grQfzk8IVPKP6BlDpYo7nlkRvgywpFC9f3axfQfWJJWkTg9hcD08-mOIlZw9loD20eCxanQDbEpeNpde8ccizak4rFPjRm2_TZgiHh0nKmt-iPGMXl5n0ZhS03F4Vb3_ZpdxpHuk0JSWyG18RM61rciMDwwZqMU2XSgcHCt9gSQ-Sxki-0EURBUQ4Qv9g5sKphgLs2crwx9qTOy6ndKgimylzcsBDiIzLxohOrT1QiHI_KWMqBQ8bMfXuBVa7o8u9h-COglk2g-qyPSrvGgN2dyat6XkC2HogxLXy5Zct7H2MUGpNtRfM5cLBEQ8qy8lzpLVHCHpoEP_DFL87ii4htQ-kbkqZQxXV6xdf7mq4SdESt6wJ2tQObIZAfVmDnvOxjxc9wxLcD6XwmwJhRIFGwnnh3gqqKmbkKO0vpi_txVN7nbCXGjrgMMdDrUZFcSD-F4b78Ehkq-PAvHlWYArWLb5BauEWpzvhVNSJx0zzfZ_ZtgHiMseRy7bphkr7jh90-Lw2yc5WSLncubq30w0t8--gx7grGFVDm1F-OlG2eXHlmSWsru4NyJxbeW4QOGEg47OV7PivkJmgxWumhTJzLh4VdcVuSV-2ffn9C--Eo-wJStgqH5E9mSkKfkcYUGdF3zCkyMUvfNquqEtMxWtrYJ6nBPKa_QRyP3K-Mo4cm3101BJBECYdy1KVpGnam2pIZA_x1AL4-kmXfZ90-QyyF0R-TssiuLJDGtbSjZ3ScjmEG889bDZ7d3pLD8vbqAaEnjTggCI-T9NQHzxuSKLze5frsqiCQVx-FKofmbH8XoXUO_Exu939v0NB10owjxMDPkn3iDyI43hd5yh-6dgP4TeqFqXo1e179R4AoDKrBzjsiFfI-oPtWdAheOYYwvuhnB7zijbQLba_A-HxeWM8GWUvYfy0q3TfdwYB-HwwDJAgtb1NOGi5PJbMCUGdQtgvxi75jdOJr87WfjZzTl7SeAPG10Ty16LEOQjhijDMZs09URV9CkyTWPG2be5I9iWAb0m_kdlAHpAMu1oIf_V_Ezg7vt89NSz4vXirqXGXQ3-1XU0C8bf2wLUSe-A7sQypVTJjHTQiNli8a5eFGr7G0WHSfGt0kz4CPwoSLdtAl7nv1XETyKWUNKZd395BIksTP-R1ISvkk6nOsYzMuLmFqI_Of3e5fZX0HT5FxCaxHvbSrmhyP6a7I8EASdEYOM6_Wvivc1jfeCUVp0Bw6-dL6vlzo5oQc3JlBl2vr59HMnNF0FmAMarHsnO-1yiTZeb5q8KzOv-mXBXSn5TTlvJnW_3dwaK_QIlmoAmkc0bGnNVGpBOGlfxa2K0zPKPdcVx2H3us3nDsr5f2MR8yGD0pu0w2_THg3qp7h2jSN9h4f8oykL2_HYXsBUJf4vPfV2NZ5JotyOAdzD_LQFdKjbLg6nX4Vti9kAoJtUELjFN3qEVqCVJdTQFENikrw-2WNMQRi4o6PRvYoujPTFkBolE0_HqN2yj7HIXFzcluTaJzFPncKXrCirLX00NPRWW-TYQp0_EOvNtFJeBQt-8FhnCnhH6B5MbnUPvI1-hvxS9u8dvC-N5ffRewLLXzjF_xIHEWrfXKByE5Va6rcaFaffJP_BMl35_zq2nNTZ7ZFcEQ8tfT7Tv7OnH91BV2LmWsC-_AfL3XTy8avV5Ojd1GgjX92fzY4Ym63zlNS5U9kzbUrNwCGQnmPksyGfnjfsbsTxy1RLOxh-y1ZRcNEOniS8esh6xDqJ8i74WHe-xaZYokcpyZorPbJSYW3vmc10QYypVTt8HAvqoBjDVhr76NkBNVCbwrXFuiJ16_n_u5p-UzDmKGTsOFAC82rclV1Hp18Ca0dxRzypULZGLS3z_pwI1Dt0cLBdcNgH8ItFREfsssmT2AM-95FyBbhXiMA3aBmJyjZgaMNWg2FmURknOfOn-nF66IE7Q2En6gSughuXbKaE2BFLeXD9sN-TZnulzVKmrRGKc5uYrrQ1o8fO5i_CAP5ldgrsiZeaix1H86t7a7LDwSgmj12oGF7Q_JMSIt6CrNS7R9rL8oDqpT6HKQpxr7oJAsCTHykHmbSihpWcz217pTGIUOBbEOVJx6-z_YqvaxJgr1kXpVIFlrp_hlAu6aCsgesO0jwsta-iceDijwe-hj3dpnmc23ZTZVne9BkqGeGBFGSxHBcCnbfiQneLtsX7H51OSOaAVVa_V_CbN8bKFoiVfSWMPyS1L1cqNR29hSW8aWxSB1U_YH_ujNl4qp_x3ukmIcj29fhLVMVoeItvQ9r_Qauhen5ERb0GkJEE65hw0&cid=CAASFeRoYwA4GlHZPyKZOp2nN7ZOTk5jzg&rfl=1%2Chttps%253A%252F%252Fwww.hurriyet.com.tr%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:46:22 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame A6C6 24 KB
9 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:47:48 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 1C47 169 KB
59 KB 43ms
25ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Origin: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 05:32:01 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 1C47 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CygloUO6sQQYmgJY2Ie9SF5pxvQMenbPY8gOTMjWvDOi5hMLDJ_9yH_h_fwwEik9kNJ6IJWVBan6Fh2wqXU4r0cLQoppjHEmqIcS7_KAVYTADNUVdYzHMCCixRv7Tb1luYaP_Eh-ak-3S3IFiLnH7-mFe99g&dbm_d=AKAmf-CaN7JYaxoIEKJrJ6zzSPaVvjEUMJxOIIq5sWCHK3lOxLUiGUt2lG7fDtvQaHFDZ-Hue6h1uGp5Cgh9pmz1FntfeuMmP3pGa1iy2mXQu7yncygEZ_mUl4kE10XYM8aUkhh8bd11_9yLe6g2NDVdtTmsHBElCv_mgk3N2dcmvjIdnIzAKMT7yQutj98yUx7axdcesHIlXdkMB0IWvTDYngm7a2Q54FLzdWvxRyorxIArsUJV5sGpfl9QSrzpAUvzX8J28Q2tNUSzNhhZ3Oe3KK7y50xfodRfxEDd2vOqddMAFZv2kBqCKFKk-78JKD9l1_AdTtWEvgKL40PHAIkDNVazCqMa4HFDTZ-k1TTElJAPz2cz5Do5CQfPIJhpeBKAR9P0eJvTN-cosheLc6jOz-IRcdf0WQPpclxChIDTKnJNRbJLhfcoe-Fy3JIAO4RwwatN3iz7InBTFb2J_fBB7lgiBIRHMuSYzMiMYOcHsE1eYIFDux9wjvGfHmC63iCujzERNhSNbI_oV9qixUYdg7tHEhD7E8ZtGpm4CnZHnUzmTn5JK4V3E3lWDIxgHO-pfs2mvO29KqDpEc2FX3Di7U_Axc_EjuriAeHofyUWh6pGKzWj4XOqAFIfbZR_uZChcarecPldEGBjUnmmZYU-uGyN6jNOO7mSut6FQSQcvFH4ER5qm5E99UiyY7eumN8pfSaAstaR5FutQXi9JU_oPhx87Hf1yXprmhsv19SPxZhynCj5EiU-bykRSdEvYPi6wssGZPYbY2xx40abGyauhAs67knLckoLa452ixJyu1Uj5sjRk_wFcUBqFw0g_5ps_sDoY39fUw3Q53HeYe-0o3GJsfoxnIwzfwko90yi3IW6LHKjXdA5ewW-JLiidiwhxcG9IfkKQP1bZwOCMgbTdUsHAXmJc0V69DxOxDh56H9iejlWcufVpgse0C7d-hldEy8J9sKQSYsPVIjjyi-LvniBMyFHcd4mDsQ_6LBGj-QGa5eDcvMXvQvrz_MOX0UjgP6YII2zyS0xdnzfRkYOnqc_VvwvoeDLuaX4Cm6UAtyCl6TuqJk_8vPLfWkjJvVj9n2xf8ihMQnizA99LkWdiYhvaJbrMAnqAbVPBsXXmSJSOx5LJ7oyzKzopSYUj2rzx6mSxaEvCDewfihFDfVLiAxMe_3MO_TWOeTqzr9ai0Hud_7ofBKBq4xu7W39VhP9gOBMi6J-Lk7Np2kGjemVsmlVzC0DkPGVbzMO4gOQkXvyReDkUfvCPwxBHRKveWOKrpd3gAkwpAql2uENkmZpqh1mlM_G-h9h8rlvBE3xyQmgHEM1RVMsZmzohaoCdtH2gYwrGIhCSldVegKFiEaCvL2ikEaxu_HDU8vLdl8Oa9WGJMNV7ednjZ1rbBnDx71QFgolEHVNyeQhWTLw4DL0Zw-A9qTdShURePr-Ots7PHEQfn0kyHO1JG7w04iEL7QxeeEUg3gEhF2CgDGUPtY8PJnDG3IA1mtxfG2hvr8b2-YhKIsrIVHfHoyh1XG26ABxgIfSAf0gQNf3TVEfOiTtnqCdKlVTK5rpMym5Fviw080bKn_yHHHv3VtOcykDnUDs-vJuJAVJXeN4SyHdad2FbeLuyJhqxtsHInWnFERPE13lnE48D99-_3CGU03AAT-mvIgRyDOrwVxIyFXyS53i_I9xW8e-EbjmZ3Q5IpZq000WLq4M5eprv3XtDDjd0rVpbDYKFoMiw_4Trde7BL1ip56INUe4zOczPBn6ESu8QzhjOFElzsWpKQt0U3X_ku4yTOxEHbBFgAlOITF77R9NKVdqMBCxdPymiUkoMF2D0jKrw6FcfhcBpla--EH-WAn2xad5lU3H7hyMp0pFfd5GgHXW7Ycr2WvAVJ8pqMoLWQEhofyt7L7HxEhlDT0uxiuWSIre7kbV_dqX4d8w79QEk-FvNyY6njew6yRaU2MBx5teZoWKh8N9Uh7xfkg9GrkN-Muzdva8l8x-jvteZyMIJTBH-Ofz1ry3-DR2F_X9YEAJhEGQs0GZjFlPfKBP81qNwGVrwXNxFLKxRAkMndHAtJ3Cnoj9F08whliBEL3a67Osol7J5pwRu2A3gdrivFACHpFvgOmVnU-0kKSvJjD5TOfUL7YAMbBEc8bdTp8ThVq5aXNrrfID8cO206z5qUGRTul9rLOAnJPfSbfNxzPu1qma0xauRpAxhu-oFSZdRcH4_3ZgZaSaqnsoNVsa9vhR_WLlsMAvnmU96nQI39XVF8KkjPYHcmVwzp852gEMVlHBEd9OwwgHUGadm1woI_leNLqaMwJ40_kAJ90ZWkPQqW_FRKLiy7LMXEzjZfvrjLpzza3JxOocgGFeNGx8paDLZ_V5v8oqYIem1LgxvqwZTePAkCgF3CXE2K-mYtuID-8u0OdSWTTRezeYunt5P3iJ17ZuLjtRm629eszkOv_-4IB1o6OJBl4TO0Eyi_KbmUQ3CEbfeTFrgtTvS5i0Ga6KHi3YJcbneAXl90jkC5ab1Np0qMp1aNiuBL7xZUzcD5KIH4OsnjOuhNnVJOvm9PGDBEvR0242KGQErVFwGj6MgiGD7DvyvcyRwYMVk65ePuVqDEi0mI9zV2D5GAcgRL_z2Ymial_kT0uJIQVVzo7aA5qlVv_OfafLKc8nxHawiKbgfvenDPe9Tkq975Uie3iNz4pqdjm44W4T-Thyf1Td9ns1Jb1oAQAxVvLYUEJ9ed9acJUqFQniXu4RFtGQyd2l5XP7D_NufmLX7Af74gOEJgmd-JqIBljgX12r2GUVAdzwDp4ZAYODsHJoOkCpY2ODYpc5ycHGPHzb0foEA6qswvwdA3ICkaTzBD2rDmRKdExTcGS2qKX8ICNz5HMxJbwFsD6-pbGVb-7SMM44xLs9kMKoMLu5Yzyxr1XsQm5l2hVlfCsX2yLlHDrf4o_gHP4OYnABB6lZnIIj8T7MeK9cX4ZYzCKKgt3fRLgypYspkcGzWBlBkCQFOZXHNrvjQyXubNRQt5DVfC2d8efxg_iZsbPH8_KV46EZPWGJpFZNYEjhzTjZhsVo6MvadFqDszu7PA3AAeUPXlx6wlC8Q3KhtGA6hjkpMnFEUfswXC0HSHtkpLmSAgusOd-wu5ny3kUbotE8qoguNJzqECZNtwd1uqWzvjP-sao5jlgWuLziW0OeSyfDyCG78L53DsVMMoMUHp3Z2ONYB7JrD0VN3PFgSzF_mYCL96uEr6-gmkrHCt6DsmtOqO9C6xNsZOrxVrkWnyYPsrLcQqV6AeiXpvvTbmAbjxK2eZMOqEnNQAx12DFUIsmSJkYYY0Wkd0b10YZqG_GgHPHaIr67J2uWNnEf_z-3i2KluQ&cid=CAASFeRoE6Jb_AJ6YHF3ihIc07UuHJ06sA&rfl=1%2Chttps%253A%252F%252Fwww.hurriyet.com.tr%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:46:22 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 1C47 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 14:47:48 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 687A 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
DATA 200
OK truncated
/ Frame 687A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1203b946e0f41ad0a8bb563e0d00d9ad4576e6e42abd318292c08a2bef083ae3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9FB9 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
DATA 200
OK truncated
/ Frame 9FB9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bca94fbfd76e966b029dea0978c8ea032c816b3e13bd04876222f8946797c824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iat-realtime-1.0.0.js Show response
cdn.insurads.com/ 45 KB
10 KB 51ms
51ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/iat-realtime-1.0.0.js
Requested by: Host: services.insurads.com
URL: https://services.insurads.com/init?appId=CTOHUVRM&h=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&t=1636383029506
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: e40debd2efac39fc0e362436fd698949e34793e7ee371619a0aadab075c3ee27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: gzip
cdn-edgestorageid: 756
x-amz-request-id: NWNY1M0W63M4GH1A
cdn-cachedat: 08/11/2021 05:07:53
cdn-pullzone: 55316
x-amz-id-2: kFQeCtQAQaHdehLuOm8em4ZYKcLC6d8kQgT9GUBnHOy9yL+TDkoR14LGgnrKqCNpY3JeyzjNT3Q=
server: BunnyCDN-DE1-756
last-modified: Tue, 13 Jul 2021 14:45:42 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=2592000
cdn-requestid: e5c5309daf4eb06889bd19094f054383
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 iat-1.5.59.js Show response
cdn.insurads.com/ 112 KB
31 KB 51ms
50ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/iat-1.5.59.js
Requested by: Host: services.insurads.com
URL: https://services.insurads.com/init?appId=CTOHUVRM&h=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&t=1636383029506
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 16a1b4d2d632f5ffcf01adc7004f644bd12a652603b46156813608fab8e98f17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:29 GMT
content-encoding: gzip
cdn-edgestorageid: 756
x-amz-request-id: CBFXWJ5VE9X6VB4D
cdn-cachedat: 11/05/2021 17:32:22
cdn-pullzone: 55316
x-amz-id-2: cuO97xzYV9WrrBnk3nW+XMorne2HUjMwuBRDeZejmYAvC0XVvJePENmLH619q8/QEHTXK6o6leY=
server: BunnyCDN-DE1-756
last-modified: Fri, 05 Nov 2021 16:30:19 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=2592000
cdn-requestid: 423c5f35d35eb68598787458c9e449f8
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 initcb Show response
services.insurads.com/ 96 B
419 B 117ms
117ms Script
application/javascript 23.21.247.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/initcb?appId=1828&vId=382E733935A78992&iatId=3926621368&iatIdB=3883679719&s=1352&dads=0&fpc=1&lts=0&lIatId=0&lIatIdB=0&nv=1&npv=1&h=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&ts=1636383029946&v=1.0.4
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/CTOHUVRM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.247.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-247-176.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 34f860cf67c03312b7ebcc931a1265a751780d7794e4e1f441b586c462eb6439

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:30 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E0DE 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 454379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.html Show response
s0.2mdn.net/10388772/1619617590834/ Frame F14B 7 KB
3 KB 335ms
14ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10388772/1619617590834/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1e9f14128c13ce84f5305448ac1194419d9c616eaee250ce33ac704ece33fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2813
date: Mon, 08 Nov 2021 05:43:17 GMT
expires: Tue, 09 Nov 2021 05:43:17 GMT
last-modified: Wed, 28 Apr 2021 13:46:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 32833
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9FB9 0
61 B 81ms
50ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsux2rsEojDMAz53xetJMYDGRCA--Y67KVgxagsrHikkFCVJVsl5rfv1tzuVXqjdjM0VVsTMmYdUMr9QHchF13hhLDrtlToU7AKTAXoBKj4lGNCwnZfcI5k6JSWijR2nu2BjY5bBOdONqetM6UMh4E0tmSLDgggXms6Zce6a685BdBsyZ955z1uXsywX07t5T1h3GjnR9ADDLEJDbudEEZe5en3QgViYQO4H55JkKPePr8XCzw_VOX41BTPIrOrrzGmD89jl30jcHoCRb9xHOkegWuqn6xzoto3_y7piLuWja-hqeHM_uMwOtafiD1PVJHCtSFMcR4T2CXYXwVSwfT6CSpcX6x_R6ot06109-fPNOS3Rb8g_qCS8-e4CbAtqpg_C0Cdi-Ix1XRtrmWThT7AqsD_tpP-BCtN78YvctOuzQnSOHLNCLoTW5t5C1K-1txXhN0nBeXijWMUxJVlv1O8kim6M4bVnZukn9OebsV_U_U2HydAkqkHAYayhfGjqKqGZegNLg9r0L-x9W02YnXUqLzawyLR7EA40uzRjnK6FAmsLzRrPOeNSPXUbKgpkLX6Bq1n9uGOtj4EVZzVPPbSJB0TQu818iTRmMmFh50KUIJkPhVCX2b3FUk0gb-TySsY-au4rEJOLXYq5TGE3DB88FONFsqsAKMYAhpu2Uc-66UcH1vXC6weJXS1VrSFEK8xFkvqEt38WYkmQEgvcWGwe-J6c6airfbgn6q1XGyEzZfpuvI0_C0i10mhxhb_vuXsIAPYlqVAilV9LXXl74n7pP4VhYjCKtM3z-mqGQEdWoLodMwcFvV9SJZAlfV6kXGv_h7EQLYhjGSNAR0VcNX58uvgN-GuS7g0WRZNPGKxyGJb1upjIOyS1jBrVF-iUfC5vY6Yu0VrbXMaivH0oP2wVCtcoF40rdBpQCb9I0Dvvbdp4YwNTSMDGWlx20eFJdfYWxOdXijMhhwJJ2KvDNMPc3JH482J5Q1KcQwpXHT9pUMqCTVWYLDJighU2SPXWbNz2MXUbuKP8xIahNInHFN-6ia0FjoxuEOh_KhiepmVUpoZY5VGpc5lqvxixvThrwS5uOJs0bHAkIx9-AkR09fZZTBIckpWp5dZcpsYDeSJEuFq3X1rHWdQqLWOy9Dn_blgwtDJ89rVKHkLiRDbglpEm28ZLVvEBuRUHq7nvk4VZiAtuTR27v07Yx_C-tZyohqf32BkpNmBtUs2XvkBusjUEnI3ZTf7rYMc5UA&sai=AMfl-YS9a9U9uxAcFb0wiZYKJilpmyf8QSXiqKEbNO43csYViXgEDCmjhji4jcAsIe7siDsu29F24VMHFsfBrHo5Ix5XXf49wsOqCc1aHd0EMdbanQgyM7mbt55UD26YGcoTAUInZWDA7f2GIaP0bEMuwa8moxQnfYuH1R--U4w&sig=Cg0ArKJSzJ-4miE93sZAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=166&cbvp=1&cstd=164&cisv=r20211103.77506&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 08 Nov 2021 14:50:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61925064/20211004022009764/sujet_chicken_300x250_google_studio/ Frame E383 3 KB
1 KB 345ms
34ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61925064/20211004022009764/sujet_chicken_300x250_google_studio/index.html?e=69&leftOffset=0&topOffset=0&c=iBL35WyrKS&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c799fde86667860a31b64da4ab21331c9d928234c47e6382d37dfff016d3367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1355
date: Mon, 08 Nov 2021 14:50:30 GMT
expires: Tue, 09 Nov 2021 14:50:30 GMT
cache-control: public, max-age=86400
last-modified: Mon, 04 Oct 2021 09:20:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 687A 0
61 B 68ms
49ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqrkza8lPYoGY_yXDjuE3IWC0OFfrYfsDuX_l5LA34kRSHan0xwceKdqRBXBkdL4lNHY3dDvqtoiDpV7FhHZ6jwCGm9df8KxCULKsoQHw09roDQ1mxnvsnrzkGB4_ClJBdZ9yop3fM62W6PYzGhMDefFYk0W6NqEUJeAw4P1pzS5c0ukWIfZMy97c7LwPK8dUkoDoi8_JMvjGttrapOfCaxEILefolzLQA1UVlaOk0RFOB0kWqorjJw1cu9kU1XBpXbw0M3ASJ5gQqDjPAus-Z41F1l2CDL7stpRaI8oRF41o92yylKJCTKTpV8iuUPpo_faJc-uOXFo1aRbbvN5eFBnyNQS747xf0_vS-AnucuxP88DFQuA3YaF5xhOlCRbpaRTZ0E-0lky6tT17LZTULgdW4s1XfWnEqK5E5IpTkxPh74YplMU9ds4lurrevp2LkqP423u0pyBDG2NgdgbpIWbx0q-uvYty4LIHaoK-Inqx9KK_f6mf7MRG4UOVR4pXp0rDNE1A0E6oomC90XznNoOwJdaALs_ku0rQnt1oJeNtbNSm8jTz0LcXcNmEw5wR6i7IbCalKcm0ktD49mU22ReMXYrUbtYwetDmG_P_StInivN-tUizio5sX_midqqmbI9md0EPk2KRtIH8Fru1f5GqKah5qnHrRNJcL1L_cfahVWfu9i-TyS4jjzxtbV39YR3LX8uSOP-OVsVNRtOvQ60v7jL_ZKWAPlEgryqZ4gYdE3Qr3ZeozxFd74w71Qc7GOeTiQnYsNrNS4RZ-UQ_33frJTeud6-3mhW1xUHcbYnthjUIsUkOFCDxuapU61wjOTuUPMWtYEFZuZa8gHKImaRl0bmMWmR9xuplejlIG_N4SJt5OAC4QciAGwVQ-FFNieQBst74s_1y9WR5pu8z3GyiCp0QBE1JSrWjwWJmMka8tkAIne5bm5z6BfGZzvgpb9RZyF_KrRlPAArK_1sD_4U8a7WU9Tp_qhH4yNvCe4sSH4waztqtB0-l2v4appRfr6Hvd1GDJvbMuFX30Gworalx4M_2RhRByuioLDt8hKu7jhonTLK91CtIXqAEogiJI6G6D-hzd6NtjsOjUwBC7KOIs-v9eKjK1QYQJPXw4zrmbz-L4J_1nJhXIXssHq-3c6GjMPzk-lpc1jDUuWYqLsmNeIfQ3XqyuQaM749DlENhNgK2L6MdmNCpAU26wSD1kMhMW84mWjTH4GxUyZgS6EqkVfh64rPdVYB9-X2NltRb9k_1XlLeCdqjump4ig4Ek&sai=AMfl-YT4Pi0RNfwN88qx5iw09Q9Cddqexz0WmgjkZj66Fj68rqwKTVR_ipxLp1bIlXJNsdjQuz1USFqlwDWHg1IhIcyjQCVrUgRm60eCNAi7PuKYNV0oJz29wVzmBgWuz6HYyjVB3UJKGUKbmsPIiHIZJUgjAm6lmmOYzM4S4vY&sig=Cg0ArKJSzHyRTRdMENtXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=189&cbvp=1&cstd=183&cisv=r20211103.51718&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 08 Nov 2021 14:50:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK mtrcs_487794.js Show response
s248.mxcdn.net/bb-mx/serve/ Frame 8A54 152 KB
58 KB 66ms
12ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s248.mxcdn.net/bb-mx/serve/mtrcs_487794.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: eec6cb2000c2fa44f67ee73675e87e6a6276f212f351f89d35696b72fdb07ba2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 14:50:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 12:32:41 GMT
Server: nginx
ETag: "\W00000592011634214761776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=44977
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 59201
Expires: Tue, 09 Nov 2021 03:20:07 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/10274800/1633445426523/ Frame 66B1 75 KB
23 KB 311ms
7ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10274800/1633445426523/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc8dbead1f9ec6a21494f5332352ac522db2a0b86a05fb1520a019a564df570d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 23366
date: Mon, 08 Nov 2021 00:37:44 GMT
expires: Tue, 09 Nov 2021 00:37:44 GMT
last-modified: Tue, 05 Oct 2021 14:50:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 51166
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8A54 0
571 B 63ms
48ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuk97ZJh8lSrAMbkdwoYgt_FUxgALTkYl89A6C1l5EU7mRfhXVOGc02MeRhYNwsy2Tcn3u0dRT2B9MiXqX1VY-aqFfiXwBs41tEiNugThvB0UH_aQIALj7wfgxTpE2A9zYwiWBsGP-Hg-qPxXgjN3HGSZMzojP_bRBuK74ruFsjWzk1a0cOOr8fJeDooVHaFu3C0wGdDpd8GuVke636mNttIYpFu4QNKbvKMgVjxTbPGvPVVaweA2cmQPOnnA8juSsviNueLA3MIItclrtFk0Vy2Zjq0bqGCkQLP4Xau0yxqm87WBZUOJXhJJMvlxNSnk3aHoX1aHwYv_JxS9-vIm_1w2EovSIIeroRgkZK8sEKcku5D0x86atpv7EOmpQjLrOwqLERW6pQ-iVs8W1Xy1FHODydfv_r6OWmFsHnsGsm5FGpGkchzSIDkJCeS0aQ3KDPTXnROZ6BXPdfIwBjSq9QaC9ukeaClvvwZelZ_t5G9yFNeg2K6K98nGoaogO_2xpo6M4lIYdIntNvV5J4Q5mpysm1W5G7Ofn_iCGRHhG0zkSkhZjTMLFc_VHbHGCq13a3G6xjiJwVd9EVZci26EnlV2FcRQZOQV3ky0ySldqhu09DFfbJg6DH1GIJg1mxiAYkjGhWKZJ7m4z3c2snmyuwjzjC8t4lddDUs1iWLTIbsvY6h91iP4aRLw4Rkwb8wleKZ-q4fKW5LBhLChNx832Wz12xkWgpkRH8B6wl0tLxsPHyW4OV3ySu5cyua4Oanm4TyOpMz_Zj7h4tZ7jw7fvSx0-Buytw4OAnofo2_w8AWfOvoM4Q2JeQRbDHgIPPggI3x_A9Hy4P6uStgmq4M5G4SgMI0jhHy4zv-SMGBrbuyyl55Lp1HkDfPzcUxoQTnm2ZKj1Ecglr-TlZGo5gb40qvwOTfx08OBWbNtYsvMyhSAXGu8T_LXU9JLP8A3puXGNbIpev00_21qFe97z4lJH1MbkuThfksWU_3AsXKBH5Hah0Oag9oNGJmZSaIm2PGffXulu_6vRgnklUnF1kyJTKXslEETgNFFvcdEKR59BfagZp-vuhYwXUJc09vK7tkhFHbhAGU7s5duoYZElDLoQlxW3c2u5bC8DYWPvKdxcQj8QTx_1QouYWjaV3t6g_0nA2AHEKajZdrY2g9KWRaBDgLBApZEkWv805xfYH1YcvMpBMggZpPHgcgXA3M2Ziithc2ifr0_hEgNsm4YzEFJzJYIw7K2NeF4tHp1oHxHN0_GcnwLFspBcaCmt-48KPenMOL2gEtA&sai=AMfl-YTYuI5d4xYELfW7kckEPHIVOOHh6ZWqRPlfnq82jevo0RcoD85cCzEpXj0OjEBHo1_lTwvHuL054nIhc5IxbxmccNDleF16M3PMfCcyPRAV2QpLO0tFUPF-6UXSb2zSooiELDB0bA7vXtoEzsRW_QnVW59Wg9Ue3Ga_c-Q&sig=Cg0ArKJSzORhHZpM1CgsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=173&cbvp=1&cstd=171&cisv=r20211103.40891&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 08 Nov 2021 14:50:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK mtrcs_487794.js Show response
s248.mxcdn.net/bb-mx/serve/ Frame A6C6 152 KB
58 KB 64ms
13ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s248.mxcdn.net/bb-mx/serve/mtrcs_487794.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: eec6cb2000c2fa44f67ee73675e87e6a6276f212f351f89d35696b72fdb07ba2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 14:50:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 12:32:41 GMT
Server: nginx
ETag: "\W00000592011634214761776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=44977
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 59201
Expires: Tue, 09 Nov 2021 03:20:07 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/10274800/1633445426523/ Frame 38A9 75 KB
23 KB 314ms
14ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10274800/1633445426523/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc8dbead1f9ec6a21494f5332352ac522db2a0b86a05fb1520a019a564df570d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 23366
date: Mon, 08 Nov 2021 00:37:44 GMT
expires: Tue, 09 Nov 2021 00:37:44 GMT
last-modified: Tue, 05 Oct 2021 14:50:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 51166
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A6C6 0
61 B 59ms
49ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFU_cQNbh55YU65zray2fPPnHFNSVSXbVyhA6XpWio3R5XwMcvTiOwIHWtJxNxv8JnetYnD434-6tg7Uot-yyTcr_a7YSDTOcmHxpBaOz7MKoMgnzjr1qKXT4y7Q8mJarTMSC18DmM68uFSwu9FvbS5NdKH_6TQcYhtUHnSrGQc8BiWq0z6Cue1PZy845lntIUHnoR6dFnh24SY3-DLD2LeEEKpO4WybIyZKT7xtSFn1fZD0qfdy80wSyrfqeqvd9F6EYRoNJpGCxZdxjHcr7d0gftM2Dxawl6a5Wv6hUzFB26IS672KCulxknNr2yreOdivlFeHGYUpYpgLpauXtSm_Ixcn7wktOni5atsOIEqGqrxaXQhaK2sf8zpwCX7IJ6fNbhxKTUZnpWJm_BUe3HF8UHzJbTn7PMIL_qYPuu-S34WSLQcR_Fl7ALbnlpyMTJZv592EwmJ45Yo-9SazAcHmzMBT85OOU_IK0SLcBi27i0ora7LVPgssOaO1YP4rIGqKW-t6Md-OTIuj5iS00Vrp8mNAz4E6TAb38hfNtgT9DTDhTdKHw_0-AoKXb0DJkaUW7gO-ZT5JN6T8UXFaNyYXXuBTmxyp7ICmdh7qENN2Jnw9ANTb35tIrwxBkgO59Q-q-kbxPJ49oBKhjkqwn2NkL56ZLrHMSSSqRAX-4WoLYQvIDJyLTxHehjnqF8AFah45kDqj3MhlrfymbKuK9vJd8ze-4wiBSvhDFylcWvMefvStrj_lkEd2LycvCGwsZQZTYR4pd14yUzoYP_p7qONbXPxauNJvl_LJzrRwnikAfTuluCiHP1nwvw6B_37uxi0ctn6kPNcOlhWPjFOJBNigK10_ENXyV_LYIdIzjRii3atSKnJn98bq_YTVAjyDSJTDjd_iOt_G5B9KQDnAnW3lb0kO1a3TkWipPjR4IPF_-jTqHlMxTDR5HombpdqZQ4QxVP9lYVIyseDG6wqTqxnkyF4y0dAWJfSKIF4fpvDtQGYBlsVRymGqLIkBDlgurJRUHnydd4B9y_V4rUaJfBebsijueJ3ubWyzt5bY4F3_zOI90hAQ-ef4mtLtbBIDNnXFcjH8qFNkMthUECOaJDbh8v3B_lLG7qfCucqFUT-aZESWevKpNjX6Nyyhj2qsInYSzVe5pD5pD2jG021kWKLrWUGbqrLqIVK1Yl2Gq0Snc2c-62vMggdbbb811FFqIZuXmhBXIIo-8np_pGODETBFLXVwj32Up_HrxMAfcXngq5gDbJ3BzLbYcZSDEs31m1vdquRw&sai=AMfl-YSQ60gwfZmZ5T-JGCeFIdBN_sUUwpUxrZjeY0sYVVm73n4m1mS-9cHLuEW7fJpaGE1TOiFreh32DdZi7aufWtZdzcQ-xGTfuhDh4Ym2mUSfkj0ZxS0-Hm78SovXvUqmbMKzIm0Pxqhe4BbHbY6TQLcwbo-nSlr7pj8IG8k&sig=Cg0ArKJSzP5j8u0DHAiIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=167&cbvp=1&cstd=165&cisv=r20211103.04888&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 08 Nov 2021 14:50:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7B21 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 454379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61903792/20210929024754596/300x250_google_studio/ Frame 5369 3 KB
1 KB 311ms
18ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61903792/20210929024754596/300x250_google_studio/index.html?e=69&leftOffset=0&topOffset=0&c=JYQoAC6Uzr&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aef3fac8deaff6954f9c2e5de5bed3cd1204889d6dad0ea4722e30ea35cd4e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1323
date: Mon, 08 Nov 2021 14:50:30 GMT
expires: Tue, 09 Nov 2021 14:50:30 GMT
cache-control: public, max-age=86400
last-modified: Wed, 29 Sep 2021 09:47:54 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1C47 0
61 B 63ms
59ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvH6oK7gxf_FCDs5CcjjB7zq_5b0zevYoQyYzMkibI8AXQNCYvXjj4T-kaSVKtK-P2fS4_wrvWBZRr30YU-RaKlaMHfWQsRGRfZCRpevl6H8WOrZWYIFCh-ZOpLXtGZRZuxtlIjDXCPRUZrLIXsDJ_gF-lC5irRJmQ_5684mbMQY5dbt6clc2ntQI1D6qA1s9QvEQKNg1nTFj9o-YHLXJkxDnC4L14g0ZQ4CGQy8osNpoTfu8f-YomkV2d4npdBosVBQDuI83vixGTq-Ju0xxscoy_7hQdtTBJ-DCoUY-ueUPmNeC1vq_xcfANWMAfJVfou4ad-iIRri2qycgcU_dafYVAF_BWgDkSHyk7qL1__kv0qELcQQzw99nhOMZBv8Jr8svdn1IucQVhknol6JqtCfNgFBYhRrVzZdL2MOBvbd4k5J9RDo1_Y4UDEqAhmqdK4c1cYSkQImq6dYNW9Rkfc8IdFJX7yTEcfcuINIhFKwKx7UYmoXauBdifgVsJpYBRZNMFWMSO2Az1GxMasNp93snbG8xDX44wr3Ks09MlRhBFCw6Mx498UZCML2cLOpUVKImjUQKK48Giv12HH2T_yBiJsXrlYM0L-SjGz6IIDSm9CjXYBRegGBqWe0F9QioQHFrWiElKS17bHo2pHlYPkRx0WsyYGB1Rm9lI9NWhbOUKBA28-2kbwv2AoxKt4PlwUjVKsAGlF77RIiqyCEEwPPjboIhyV5t98XgKlhc7R8CGV9tvNTTgJTCrTBrL1zymur3AKZlgDo5Izz4DBt5Ui2QK0iuwEpO3wm_I4kFBdaC6amVHI5VUHTmqpT-L8qYYTw8mBzENsRJgdoVFDXv8N4wtd54ljMBviBRa9SFuYV8WHGWObXBg7qE9-Go_5sPqE69L86IzEEaShAviLkWwXRgPJim32he7D_oJSf1xcyjAYvRWUFmSbPo6hlx558gvsZ8dS9PLvdHi_fezVRg6FuFc0CRXJzJ7iiqfVLyqzs5oE8fjDXbVJhqiBtMWgnlWRW3YwrZ5o06fzUjcmAlw7C4Vew6qPimb1CBBnvGFQfGMgNXQMYlT1qPxyT5PHVHOXxfbDRpi2I71xjpAnqal1gx_KIm3aRQIV3ArpeLsZYHtOM8WFWsllYeqeXn2PX4daAM19_pNlP3yEq9L2KqR_nBIULs4nojOcIUF8zmdhJBszriJUz4ztXR8F-u_FcqAgmh3qanzFkVKt5FwpLftXXA375Xe-BhmHPvpO1QsOxE9mc65a15IpCjV_7DlMt9FBkH44_A&sai=AMfl-YRXquOIxkXUO2sf_DPi_jxSKAcKE_J8tw5FtYq-dNc6SatKdBjrLFNzEVDZuP48uPNTB1qHcLAEGxy6--DozC7j6JmOG72YqVSVxClrKJrBjulYk3UiLgYm6jqjpgGMoHG7IibNW4VpgmwlezOlcDErXfFRk0ZI4-9KuKo&sig=Cg0ArKJSzPfWw_fbSus_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=166&cbvp=1&cstd=163&cisv=r20211103.20444&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 08 Nov 2021 14:50:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8A54 41 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
DATA 200
OK truncated
/ Frame 8A54 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb69ef22c1e156d2525cd305c67b5a9e6baa21d5e01c54a9b8b9668954df34ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A6C6 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
DATA 200
OK truncated
/ Frame A6C6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ec7204087d65bd49fe114a7d8acaa7b45e394a2719dd2d677d5a478aabc31c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1C47 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
DATA 200
OK truncated
/ Frame 1C47 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 136ac63385c12cdedc72dd562a8e8b29a2d201d1f9bd392b4ca26b29f8582bc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 endpoint Show response
messaging.insurads.com/rt-pub/node/messaging/ 68 B
480 B 279ms
90ms Script
application/javascript 54.198.67.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://messaging.insurads.com/rt-pub/node/messaging/endpoint
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.5.59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.67.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-67-185.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 4273d635b75c6f10d8e436bc9734f4204d7d1330076e1e64bf1561ccdda8bb1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:30 GMT
server: Kestrel
content-length: 68
content-type: application/javascript

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DEFB 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 454380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4975 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 454380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK stat Show response
stat.meetrics.net/ Frame 8A54 82 B
351 B 46ms
11ms Script
application/javascript 136.243.15.236
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.meetrics.net/stat
Requested by: Host: s248.mxcdn.net
URL: https://s248.mxcdn.net/bb-mx/serve/mtrcs_487794.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.15.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h339.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 14:50:30 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Mon, 08 Nov 2021 14:50:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s248.meetrics.net/bb-mxad/ Frame 8A54 0
208 B 43ms
10ms Script
application/octet-stream 136.243.33.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s248.meetrics.net/bb-mxad/gettag
Requested by: Host: s248.mxcdn.net
URL: https://s248.mxcdn.net/bb-mx/serve/mtrcs_487794.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h385.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 14:50:30 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b48.s248.meetrics.net/bb-mx/ Frame 8A54 43 B
291 B 47ms
13ms Image
image/gif 78.46.71.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b48.s248.meetrics.net/bb-mx/submit?/LRXxBoAAA/whFtBo0F0wFz6BvvA2hE0mEw0Al0Bx5AljF3kE20AwyA44A0iE0hEw0Ay5Ak0B2hEuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFsBF7pyFo0F0wFz6BvvA33F3uBo1FyyFp5Fl0FujEvtFu0EyvB+k2FmywAyxAtxAwtAx0AtxAy6AzyAt0A43A35A0tAyuAxyAztAm4By3AkxBx0AKp6Fsp3Fx2Az2Az4AzwAy5AxxAzBEjwtFuvFulFnqnFluFtVETsBluFL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5zAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BzBELlnFB/k0F0DxgAwqFpkF90A43A35A0mAhkFj9BxwAy3A04AwwAmjEwpFk9By2Ax2A10A52AmzEp0Fl9B2zAyyAz4AzmAwsFhjFl9BzxA2yAw0A22AwmAjpFk9B1wA44A0xA11A5mAzpF6lF99AzwAw4E2wAw7AvyFk9Bb0FptFlzF0hFtwFd7BkjFfyFmsF9xAtoE00FwzF6vAv3E33FuoE1yFypF5lF0uBjvFtuB0yFvkAw7AkjFfyFlmF9oE00FwzF6vAv3E33FuoE1yFypF5lF0uBjvFtuB0yFvoEhiFlyFslFypFvwEhuFklFtpFtkElzF0lFrjFi9B44Aw1A42AywAmnEkwFyfFjvFuzFluF09BmnEkwFy9BUkzFpBFAAAAAAsEYJYJAPAAAAAAAAAOAAAAGBAAAAAsEYJYJABPfAAAAAAAABSaeAZHAAFAx8Ez8ExBEGAxyA01A2yAroTVAPAAAFAASaeToTVASksFMIbAAAAAAAAAAAAEAAASaeAAAAAAAIAy2Ax2A10A52AJAzxA2yAw0A22AwBEHA2zAyyAz4AzBEHC9zAwwA42BwwA7vEykF9bE0pFtlFz0FhtFwdF7kEjfFymFs9BxsAo0F0wFz6BvvA33F3uBo1FyyFp5Fl0FujEvtFu0EyvBkwA7kEjfFylFm9Bo0F0wFz6BvvA33F3uBo1FyyFp5Fl0FujEvtFu0EyvBohFilFysFlyFpvBwhFukFltFptBklFz0FlrFjiF94A4wA14A2yAwBEJA1wA44A0xA11A5BEIAxwAy3A04AwwAdAAAAAAsEAYJAFAAAoTVAAA1Ao0F0wFz6BvvAzwBuyAtkFuuBulF0vBxwAy3A04AwwAvxA2zAz0A01A0yA21AyzAvpEukFl4FuoE0tFsBFEAIQFBxBAAAAAAAAAAAAAAGAJGFSBFNFFdAAAAAAsEAYJAFAAAY0mAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFQtjFS8P7YA
Requested by: Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.71.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h297.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:30 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Mon, 08 Nov 2021 14:50:29 GMT

GET
H/1.1 200
OK data
b48.s248.meetrics.net/ Frame 8A54 43 B
308 B 46ms
12ms Image
image/gif 78.46.71.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b48.s248.meetrics.net/data?/LRXxCrAAAUkzF7GZBAAFAx8E18ExBEGAxyA01A2yArY0mAPAAAAAAAAAPY0mAPAAAFAASaeTY0mAZAAAFAw8Ez8EwBEGAxyA01A2yArRMPAPAAAFAASaeTRMPAPBAAAAAAAAzRMPAZAAAFAw8Ey8EzBEGAxyA01A2yArfeOAPAAAFAASaeTfeOAPAAAAAAAAAzfeOAZAAAFAw8Ex8EyBEGAxyA01A2yArehwAPAAAFAASaeTehwAPAAAAAAAAAzehwAZAAAFAx8Ex8ExBEGAxyA01A2yArtDOAPAAAFAASaeTtDOAPAAAAAAAAAztDOAZBAAFAx8Ey8ExBEGAxyA01A2yArLFDAPAAAFAASaeTLFDAZAAAFAx8E18E2BEGAxyA01A2yAr8wBAPAAAFAASaeT8wBAZAAAFAx8E18E3BEGAxyA01A2yArgxRAPAAAFAASaeTgxRASksFTPdAAAAAAsEAYJAFAAARMPAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAfeOAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAehwAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAtDOAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAALFDAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAA8wBAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAgxRAAA6EkhF0hF6pEthFnlFvwEunF7iEhzFl2B0sApWFCPFS3FwLEHnFvBFBBFBOFTVFoFFVnFBBFBDFzBFBBFBXFCBFNBFBBFDyFszBpBFBBFBBFCsFCNFWFFVBFBBFErBBjFpXFtaF6XFBBFBBFBuFSTFUsFNBFBwFpkFyCFRBFBBFDBFTVFSCFWCFqUFiaFFCFGvFBnFDFFPzBHzBEvBwvAanFEOFRYFWrFwrBhDF3nEQ2BpvFxaEsGF3jEZNFaVF3DFDhFMtF6wFLJF0uESxB02F2zFF0FO3FUSF55Br5Az5BSzFsHF2MFyoFS4FjsFF4BYsF1MEW4FLjFHVFXjFRyB3rEKhFM3FUoFssFH0B6uFqwFuoFvTF45Fs0FqkF2zEYMF1OFkjFNPFyzELMFWsF4DEq0BNpF0vApYFwGFYrFvREGOFnnFYSFErFJvBrnEBBFBBFCKFSVF1FEyrFKnFnnF99ACATJFAAAAAAAAAAAAAADAEJFWBFQtjFvEOAXA
Requested by: Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.71.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h297.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:30 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 08-Nov-21 14:50:29 GMT

GET
H/1.1 200
OK data
b48.s248.meetrics.net/ Frame 8A54 43 B
308 B 44ms
11ms Image
image/gif 78.46.71.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b48.s248.meetrics.net/data?/LRXxDrAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjF0jVNSA
Requested by: Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.71.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h297.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:30 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 08-Nov-21 14:50:29 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 11DC 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 454380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK stat Show response
stat.meetrics.net/ Frame A6C6 82 B
351 B 11ms
10ms Script
application/javascript 136.243.15.236
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.meetrics.net/stat
Requested by: Host: s248.mxcdn.net
URL: https://s248.mxcdn.net/bb-mx/serve/mtrcs_487794.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.15.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h339.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 14:50:30 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Mon, 08 Nov 2021 14:50:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s248.meetrics.net/bb-mxad/ Frame A6C6 0
208 B 19ms
10ms Script
application/octet-stream 136.243.33.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s248.meetrics.net/bb-mxad/gettag
Requested by: Host: s248.mxcdn.net
URL: https://s248.mxcdn.net/bb-mx/serve/mtrcs_487794.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h385.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 14:50:30 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b54.s248.meetrics.net/bb-mx/ Frame A6C6 43 B
291 B 99ms
12ms Image
image/gif 176.9.43.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b54.s248.meetrics.net/bb-mx/submit?/R1rpBVAAA/whFtBo0F0wFz6BvvA2hE0mEw0Al0Bx5AljF3kE20AwyA44A0iE0hEw0Ay5Ak0B2hEuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFsBF7pyFo0F0wFz6BvvA33F3uBo1FyyFp5Fl0FujEvtFu0EyvB+k2FmywAyxAtxAwtAx0AtxAy6AzyAt0A43A35A0tAyuAxyAztAm4By3AkxBx0AKp6Fsp3Fx2Az2Az4AzwAy5AxwA3BEjwtFuvFulFnqnFluFtVETsBluFL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5zAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BzBELlnFB/k0F2DxgAwqFpkF90A43A35A0mAhkFj9BxwAy3A04AwwAmjEwpFk9By2Ax2A10A52AmzEp0Fl9B2zAyyAz4AzmAwsFhjFl9BzxA2yAw0A22AwmAjpFk9B1wA44A0xA11A5mAzpF6lF99AzwAw4E2wAw7AvyFk9Bb0FptFlzF0hFtwFd7BkjFfyFmsF9xAtoE00FwzF6vAv3E33FuoE1yFypF5lF0uBjvFtuB0yFvkAw7AkjFfyFlmF9oE00FwzF6vAv3E33FuoE1yFypF5lF0uBjvFtuB0yFvoEhiFlyFslFypFvwEhuFklFtpFtkElzF0lFrjFi9Bx0A05Ay0Ay1Ay4AmnEkwFyfFjvFuzFluF09BmnEkwFy9BUkzFmBFAAAAAAsEYJYJAPAAAAAAAAAOAAAAGBAAAAAsEYJYJABPMAAAAAAAAB2OBAZIAAFAx8Ez8ExBEEA1wA02AroTVAPAAAFAA2OBToTVASksFPIbAAAAAAAAAAAAEAAA2OBAAAAAAAIAy2Ax2A10A52AJAzxA2yAw0A22AwBEHA2zAyyAz4AzBEJC9zAwwA42BwwA7vEykF9bE0pFtlFz0FhtFwdF7kEjfFymFs9BxsAo0F0wFz6BvvA33F3uBo1FyyFp5Fl0FujEvtFu0EyvBkwA7kEjfFylFm9Bo0F0wFz6BvvA33F3uBo1FyyFp5Fl0FujEvtFu0EyvBohFilFysFlyFpvBwhFukFltFptBklFz0FlrFjiF9xA00A5yA0yA1yA4BEJA1wA44A0xA11A5BEIAxwAy3A04AwwAdAAAAAAsEAYJAFAAAoTVAAA1Ao0F0wFz6BvvAzwBuyAtkFuuBulF0vBxwAy3A04AwwAvxA2zAz0A01A0yA21AyzAvpEukFl4FuoE0tFsBFEAIQFBxBAAAAAAAAAAAAAAGAJGFSBFNFFdAAAAAAsEAYJAFAAAY0mAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFQtjFreH7YA
Requested by: Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.43.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h429.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:30 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Mon, 08 Nov 2021 14:50:29 GMT

GET
H/1.1 200
OK data
b54.s248.meetrics.net/ Frame A6C6 43 B
308 B 98ms
11ms Image
image/gif 176.9.43.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b54.s248.meetrics.net/data?/R1rpCXAAAUkzFjGZAAAFAx8E18ExBEEA1wA02ArY0mAPBAAAAAAAAPY0mAPAAAFAA2OBTY0mAZAAAFAw8Ez8EwBEEA1wA02ArRMPAPAAAFAA2OBTRMPAPAAAAAAAAAzRMPAZAAAFAw8Ey8EzBEEA1wA02ArfeOAPAAAFAA2OBTfeOAPAAAAAAAAAzfeOAZAAAFAw8Ex8EyBEEA1wA02ArehwAPAAAFAA2OBTehwAPAAAAAAAAAzehwAZAAAFAx8Ex8ExBEEA1wA02ArtDOAPAAAFAA2OBTtDOAPBAAAAAAAAztDOAZAAAFAx8Ey8ExBEEA1wA02ArLFDAPAAAFAA2OBTLFDAZAAAFAx8E18E2BEEA1wA02Ar8wBAPAAAFAA2OBT8wBAZAAAFAx8E18E4BEEA1wA02Ark/uAPAAAFAA2OBTk/uASksFHPdAAAAAAsEAYJAFAAARMPAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAfeOAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAehwAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAtDOAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAALFDAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAA8wBAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAk/uAAAyEkhF0hF6pEthFnlFvwEunF7iEhzFl2B0sApWFCPFS3FwLEHnFvBFBBFBOFTVFoFFVnFBBFBDFzBFBBFBXFCBFNBFBBFDyFszBpBFBBFBBFCsFCNFWFFVBFBBFErBBjFpXFtaF6XFBBFBBFBuFSTFUsFNBFBwFpkFyCFRBFBBFC4BTVFSCFWCFqUFiaFHMFFjFBnFDFFQEFC0FsvBysEaJFBIF2GFMrBjEFJ3FMvBGtFX1By4E36EsOFzLEpwBQnFnNFoWFzpEHZFYIFW1Bj4F0LENRFzIEjPFYXFzXEx0FaJF4mFzmEDrFvJFSZFZFFuwFHFFIXFZTFYwBvDF0nEK6F4zE0KEiSFirBX0F1zBMEFVXF6OFWBFtKFxZFMWFr0AsUFRhF3wAt5BZFFYMF5qEr1Fz2FGvByPEC0Bh1BCnFaGFxoF2XFBBFBBFBFFsGFUrFT1FRtFDDFCATJFAAAAAAAAAAAAAADAEJFWBFQtjF1dEuWA
Requested by: Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.43.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h429.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:30 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 08-Nov-21 14:50:29 GMT

GET
H/1.1 200
OK data
b54.s248.meetrics.net/ Frame A6C6 43 B
308 B 97ms
10ms Image
image/gif 176.9.43.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b54.s248.meetrics.net/data?/R1rpDYAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFugVNSA
Requested by: Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.43.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h429.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:30 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 08-Nov-21 14:50:29 GMT

GET
H2 200 0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js Show response
pagead2.googlesyndication.com/bg/ Frame E0DE 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 11:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 11:14:49 GMT

GET
H2 200 0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B21 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 11:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 11:14:49 GMT

GET
H2 200 0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js Show response
pagead2.googlesyndication.com/bg/ Frame DEFB 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 11:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 11:14:49 GMT

GET
H2 200 0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js Show response
pagead2.googlesyndication.com/bg/ Frame 4975 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 11:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 11:14:49 GMT

GET
H2 200 0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js Show response
pagead2.googlesyndication.com/bg/ Frame 11DC 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 11:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 11:14:49 GMT

GET
H/1.1 200
OK data
b48.s248.meetrics.net/ Frame 8A54 43 B
308 B 11ms
11ms Image
image/gif 78.46.71.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b48.s248.meetrics.net/data?/LRXxEfEAA6rvFo0F0wFz6BvvA33F3uBo1FyyFp5Fl0FujEvtFu0EyBFLruFBLkqFFlqwF04A33A50ALnoFBL2vFBOprFyF3BOqwFyF3BlqwF04A33A50ALkmFBTkzFkQeBAHCAAAAYAAAAICAQAAAAAAAAAXAAAAICARksFAQtjF+iTRSA
Requested by: Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.71.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h297.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:30 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 08-Nov-21 14:50:29 GMT

GET
H/1.1 200
OK data
b54.s248.meetrics.net/ Frame A6C6 43 B
308 B 11ms
11ms Image
image/gif 176.9.43.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b54.s248.meetrics.net/data?/R1rpEyDAA6rvFo0F0wFz6BvvA33F3uBo1FyyFp5Fl0FujEvtFu0EyBFLruFBLkqFFlqwF04A33A50ALnoFBL2vFBOprFyF3BOqwFyF3BlqwF04A33A50ALkmFBTkzFkQ7AAAAAHCAYAAAASBAQAAAAAAAAAXAAAASBARksFAQtjFgwSRSA
Requested by: Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.43.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h429.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:30 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 08-Nov-21 14:50:29 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F14B 236 KB
63 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10388772/1619617590834/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10388772/1619617590834/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 14:50:30 GMT

GET
H2 200 config.js Show response
s0.2mdn.net/10388772/1619617590834/ Frame F14B 1 KB
584 B 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10388772/1619617590834/config.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10388772/1619617590834/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c6009e69fbdff5d7a28e1d10073711761393ef9e29daac23220aa33515c8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10388772/1619617590834/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 23:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 479
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 13:46:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 23:04:12 GMT

GET
H2 200 index.js Show response
s0.2mdn.net/10388772/1619617590834/ Frame F14B 67 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10388772/1619617590834/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10388772/1619617590834/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f790fb56ff8f3f977916f3dfe951fa4232f140fe47cc9d3af14013b16e80b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10388772/1619617590834/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 09:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12977
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 13:46:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 09:04:11 GMT

GET
H2 200 poster.jpg
s0.2mdn.net/10388772/1619617590834/ Frame F14B 8 KB
8 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10388772/1619617590834/poster.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10388772/1619617590834/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2a7f7925e345cc2227f32169e283a330414030d209da99af3e49f7e6db29dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10388772/1619617590834/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 05:43:17 GMT
x-content-type-options: nosniff
age: 32833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8582
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 13:46:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 05:43:17 GMT

GET
H2 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 5369 116 KB
39 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61903792/20210929024754596/300x250_google_studio/index.html?e=69&leftOffset=0&topOffset=0&c=JYQoAC6Uzr&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61903792/20210929024754596/300x250_google_studio/index.html?e=69&leftOffset=0&topOffset=0&c=JYQoAC6Uzr&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 21:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 21:19:37 GMT

GET
H2 200 video.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61903792/20210929024754596/300x250_google_studio/ Frame 5369 1 KB
588 B 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61903792/20210929024754596/300x250_google_studio/video.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61903792/20210929024754596/300x250_google_studio/index.html?e=69&leftOffset=0&topOffset=0&c=JYQoAC6Uzr&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5570962d72dba68e956108399d73c17b208a40d2826468992c15feb731fc94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61903792/20210929024754596/300x250_google_studio/index.html?e=69&leftOffset=0&topOffset=0&c=JYQoAC6Uzr&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 06:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 494
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 09:47:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 06:38:46 GMT

GET
H2 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame E383 118 KB
40 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61925064/20211004022009764/sujet_chicken_300x250_google_studio/index.html?e=69&leftOffset=0&topOffset=0&c=iBL35WyrKS&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61925064/20211004022009764/sujet_chicken_300x250_google_studio/index.html?e=69&leftOffset=0&topOffset=0&c=iBL35WyrKS&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 05:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 05:32:02 GMT

GET
H2 200 video.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61925064/20211004022009764/sujet_chicken_300x250_google_studio/ Frame E383 1 KB
584 B 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61925064/20211004022009764/sujet_chicken_300x250_google_studio/video.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5570962d72dba68e956108399d73c17b208a40d2826468992c15feb731fc94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61925064/20211004022009764/sujet_chicken_300x250_google_studio/index.html?e=69&leftOffset=0&topOffset=0&c=iBL35WyrKS&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 06:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 494
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 09:20:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 06:08:03 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 66B1 236 KB
63 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10274800/1633445426523/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10274800/1633445426523/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 14:50:30 GMT

GET
H2 200 ad_300x600.js Show response
s0.2mdn.net/10274800/1633445426523/ Frame 66B1 110 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10274800/1633445426523/ad_300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10274800/1633445426523/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0375aa549dfae6536a54f56e32b37fe75f40f8a7c6341d03333225d5837b36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10274800/1633445426523/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 03:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19499
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 14:50:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 03:57:30 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 38A9 236 KB
63 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10274800/1633445426523/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10274800/1633445426523/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 14:50:30 GMT

GET
H2 200 ad_300x600.js Show response
s0.2mdn.net/10274800/1633445426523/ Frame 38A9 110 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10274800/1633445426523/ad_300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10274800/1633445426523/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0375aa549dfae6536a54f56e32b37fe75f40f8a7c6341d03333225d5837b36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10274800/1633445426523/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 03:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19499
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 14:50:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 03:57:30 GMT

POST
H2 200 negotiate Show response
messaging.insurads.com/rt-pub/node/hub/ 273 B
751 B 90ms
90ms XHR
application/json 54.198.67.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://messaging.insurads.com/rt-pub/node/hub/negotiate?appId=1828&dev=Personal%20computer&br=Chrome&os=Windows&cc=DE&rc=HE&v=0.2
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-realtime-1.0.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.67.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-67-185.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1b41891bbf5ce88dd311623218cf230f6ec9499df2ac22c66041f2820ae189b

Request headers

Referer: https://www.hurriyet.com.tr/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.hurriyet.com.tr
date: Mon, 08 Nov 2021 14:50:30 GMT
access-control-allow-credentials: true
server: Kestrel
content-length: 273
content-type: application/json

OPTIONS
H2 204 negotiate
messaging.insurads.com/rt-pub/node/hub/ Frame 0
0 301ms
101ms Preflight 54.198.67.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://messaging.insurads.com/rt-pub/node/hub/negotiate?appId=1828&dev=Personal%20computer&br=Chrome&os=Windows&cc=DE&rc=HE&v=0.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.67.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-67-185.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.hurriyet.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 08 Nov 2021 14:50:30 GMT
server: Kestrel
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://www.hurriyet.com.tr

GET
H/1.1

206
Partial Content

file.mp4
r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/a45ace4316c1913b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777356845/sparams/acao,expire,id,ip,ipb... Frame 5369
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/a45ace4316c1913b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777356845/sparams/id,itag,source,ratebypass,m...
https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/a45ace4316c1913b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777356845/sparams/acao,expire,i...

64 KB
0

55ms
12ms

Media
video/mp4

2a00:1450:4001:3d::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/a45ace4316c1913b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777356845/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/3F83FD15CFC4A1BC8EEB22A0FCD764D86A0D8FCA.40D6BDF3F35E00AD5C3A158453242F19B29FACCE/key/cms1/cms_redirect/yes/mh/0a/mip/2a0f:9441:5:0:ea::1/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1636382168/mv/u/mvi/3/pl/48/file/file.mp4

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61903792/20210929024754596/300x250_google_studio/index.html?e=69&leftOffset=0&topOffset=0&c=JYQoAC6Uzr&t=1&renderingType=2

Protocol

HTTP/1.1

Server

2a00:1450:4001:3d::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 14:50:30 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 29 Sep 2021 09:47:29 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1333996/1333997
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1333997
Expires: Mon, 08 Nov 2021 14:50:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:30 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/a45ace4316c1913b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777356845/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/3F83FD15CFC4A1BC8EEB22A0FCD764D86A0D8FCA.40D6BDF3F35E00AD5C3A158453242F19B29FACCE/key/cms1/cms_redirect/yes/mh/0a/mip/2a0f:9441:5:0:ea::1/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1636382168/mv/u/mvi/3/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 680
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

file.mp4
r4---sn-4g5lzne6.c.2mdn.net/videoplayback/id/d115bac9e432918e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777787185/sparams/acao,expire,id,ip,ipb... Frame E383
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/d115bac9e432918e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777787185/sparams/id,itag,source,ratebypass,m...
https://r4---sn-4g5lzne6.c.2mdn.net/videoplayback/id/d115bac9e432918e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777787185/sparams/acao,expire,i...

0
0

GET
H2 200 sujet_300x600.jpg
s0.2mdn.net/10274800/1633445426523/ Frame 66B1 65 KB
65 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10274800/1633445426523/sujet_300x600.jpg?1633084556581

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f4398ec1d6e20d1537b9dbcece8abf40c0834a32c4c93920fa05b7e7c1a0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10274800/1633445426523/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 23:23:48 GMT
x-content-type-options: nosniff
age: 55602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66158
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 14:50:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 23:23:48 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8A54 0
23 B 58ms
42ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuk97ZJh8lSrAMbkdwoYgt_FUxgALTkYl89A6C1l5EU7mRfhXVOGc02MeRhYNwsy2Tcn3u0dRT2B9MiXqX1VY-aqFfiXwBs41tEiNugThvB0UH_aQIALj7wfgxTpE2A9zYwiWBsGP-Hg-qPxXgjN3HGSZMzojP_bRBuK74ruFsjWzk1a0cOOr8fJeDooVHaFu3C0wGdDpd8GuVke636mNttIYpFu4QNKbvKMgVjxTbPGvPVVaweA2cmQPOnnA8juSsviNueLA3MIItclrtFk0Vy2Zjq0bqGCkQLP4Xau0yxqm87WBZUOJXhJJMvlxNSnk3aHoX1aHwYv_JxS9-vIm_1w2EovSIIeroRgkZK8sEKcku5D0x86atpv7EOmpQjLrOwqLERW6pQ-iVs8W1Xy1FHODydfv_r6OWmFsHnsGsm5FGpGkchzSIDkJCeS0aQ3KDPTXnROZ6BXPdfIwBjSq9QaC9ukeaClvvwZelZ_t5G9yFNeg2K6K98nGoaogO_2xpo6M4lIYdIntNvV5J4Q5mpysm1W5G7Ofn_iCGRHhG0zkSkhZjTMLFc_VHbHGCq13a3G6xjiJwVd9EVZci26EnlV2FcRQZOQV3ky0ySldqhu09DFfbJg6DH1GIJg1mxiAYkjGhWKZJ7m4z3c2snmyuwjzjC8t4lddDUs1iWLTIbsvY6h91iP4aRLw4Rkwb8wleKZ-q4fKW5LBhLChNx832Wz12xkWgpkRH8B6wl0tLxsPHyW4OV3ySu5cyua4Oanm4TyOpMz_Zj7h4tZ7jw7fvSx0-Buytw4OAnofo2_w8AWfOvoM4Q2JeQRbDHgIPPggI3x_A9Hy4P6uStgmq4M5G4SgMI0jhHy4zv-SMGBrbuyyl55Lp1HkDfPzcUxoQTnm2ZKj1Ecglr-TlZGo5gb40qvwOTfx08OBWbNtYsvMyhSAXGu8T_LXU9JLP8A3puXGNbIpev00_21qFe97z4lJH1MbkuThfksWU_3AsXKBH5Hah0Oag9oNGJmZSaIm2PGffXulu_6vRgnklUnF1kyJTKXslEETgNFFvcdEKR59BfagZp-vuhYwXUJc09vK7tkhFHbhAGU7s5duoYZElDLoQlxW3c2u5bC8DYWPvKdxcQj8QTx_1QouYWjaV3t6g_0nA2AHEKajZdrY2g9KWRaBDgLBApZEkWv805xfYH1YcvMpBMggZpPHgcgXA3M2Ziithc2ifr0_hEgNsm4YzEFJzJYIw7K2NeF4tHp1oHxHN0_GcnwLFspBcaCmt-48KPenMOL2gEtA&sai=AMfl-YTYuI5d4xYELfW7kckEPHIVOOHh6ZWqRPlfnq82jevo0RcoD85cCzEpXj0OjEBHo1_lTwvHuL054nIhc5IxbxmccNDleF16M3PMfCcyPRAV2QpLO0tFUPF-6UXSb2zSooiELDB0bA7vXtoEzsRW_QnVW59Wg9Ue3Ga_c-Q&sig=Cg0ArKJSzORhHZpM1CgsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=791&vt=11&dtpt=618&dett=3&cstd=171&cisv=r20211103.40891&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 206 360x90_Mann.mp4
d38k2esv5oh9bn.cloudfront.net/wifi/2021/0425.09.21002/mp4/ Frame F14B 1 MB
1 MB 52ms
9ms Media
video/mp4 52.222.206.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38k2esv5oh9bn.cloudfront.net/wifi/2021/0425.09.21002/mp4/360x90_Mann.mp4
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/10388772/1619617590834/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-78.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: a8a9244e4cca9d98eafd4b84ec93b14b3e38ea200d5e98c26e135a46c7c95d44

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 08 Nov 2021 14:25:21 GMT
via: 1.1 4360596ad590d8363ce70eb7bf282e43.cloudfront.net (CloudFront)
last-modified: Thu, 08 Apr 2021 10:18:46 GMT
server: Apache
age: 1517
etag: "16cdac-5bf735f6906b6"
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-1494443/1494444
cache-control: max-age=1800
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
Content-Length: 1494444
x-amz-cf-id: Qh3EGSSj3zdalEobd065LV-yTI_MjdB10sIR7W9OrnDh2BdF_BYhNA==
expires: Mon, 08 Nov 2021 14:55:13 GMT

GET
H2 200 sujet_300x600.jpg
s0.2mdn.net/10274800/1633445426523/ Frame 38A9 65 KB
65 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10274800/1633445426523/sujet_300x600.jpg?1633084556581

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f4398ec1d6e20d1537b9dbcece8abf40c0834a32c4c93920fa05b7e7c1a0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10274800/1633445426523/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 23:23:48 GMT
x-content-type-options: nosniff
age: 55602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66158
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 14:50:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 23:23:48 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A6C6 0
23 B 55ms
44ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFU_cQNbh55YU65zray2fPPnHFNSVSXbVyhA6XpWio3R5XwMcvTiOwIHWtJxNxv8JnetYnD434-6tg7Uot-yyTcr_a7YSDTOcmHxpBaOz7MKoMgnzjr1qKXT4y7Q8mJarTMSC18DmM68uFSwu9FvbS5NdKH_6TQcYhtUHnSrGQc8BiWq0z6Cue1PZy845lntIUHnoR6dFnh24SY3-DLD2LeEEKpO4WybIyZKT7xtSFn1fZD0qfdy80wSyrfqeqvd9F6EYRoNJpGCxZdxjHcr7d0gftM2Dxawl6a5Wv6hUzFB26IS672KCulxknNr2yreOdivlFeHGYUpYpgLpauXtSm_Ixcn7wktOni5atsOIEqGqrxaXQhaK2sf8zpwCX7IJ6fNbhxKTUZnpWJm_BUe3HF8UHzJbTn7PMIL_qYPuu-S34WSLQcR_Fl7ALbnlpyMTJZv592EwmJ45Yo-9SazAcHmzMBT85OOU_IK0SLcBi27i0ora7LVPgssOaO1YP4rIGqKW-t6Md-OTIuj5iS00Vrp8mNAz4E6TAb38hfNtgT9DTDhTdKHw_0-AoKXb0DJkaUW7gO-ZT5JN6T8UXFaNyYXXuBTmxyp7ICmdh7qENN2Jnw9ANTb35tIrwxBkgO59Q-q-kbxPJ49oBKhjkqwn2NkL56ZLrHMSSSqRAX-4WoLYQvIDJyLTxHehjnqF8AFah45kDqj3MhlrfymbKuK9vJd8ze-4wiBSvhDFylcWvMefvStrj_lkEd2LycvCGwsZQZTYR4pd14yUzoYP_p7qONbXPxauNJvl_LJzrRwnikAfTuluCiHP1nwvw6B_37uxi0ctn6kPNcOlhWPjFOJBNigK10_ENXyV_LYIdIzjRii3atSKnJn98bq_YTVAjyDSJTDjd_iOt_G5B9KQDnAnW3lb0kO1a3TkWipPjR4IPF_-jTqHlMxTDR5HombpdqZQ4QxVP9lYVIyseDG6wqTqxnkyF4y0dAWJfSKIF4fpvDtQGYBlsVRymGqLIkBDlgurJRUHnydd4B9y_V4rUaJfBebsijueJ3ubWyzt5bY4F3_zOI90hAQ-ef4mtLtbBIDNnXFcjH8qFNkMthUECOaJDbh8v3B_lLG7qfCucqFUT-aZESWevKpNjX6Nyyhj2qsInYSzVe5pD5pD2jG021kWKLrWUGbqrLqIVK1Yl2Gq0Snc2c-62vMggdbbb811FFqIZuXmhBXIIo-8np_pGODETBFLXVwj32Up_HrxMAfcXngq5gDbJ3BzLbYcZSDEs31m1vdquRw&sai=AMfl-YSQ60gwfZmZ5T-JGCeFIdBN_sUUwpUxrZjeY0sYVVm73n4m1mS-9cHLuEW7fJpaGE1TOiFreh32DdZi7aufWtZdzcQ-xGTfuhDh4Ym2mUSfkj0ZxS0-Hm78SovXvUqmbMKzIm0Pxqhe4BbHbY6TQLcwbo-nSlr7pj8IG8k&sig=Cg0ArKJSzP5j8u0DHAiIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=786&vt=11&dtpt=619&dett=3&cstd=165&cisv=r20211103.04888&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5369 7 KB
6 KB 38ms
17ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c289bc664f08e783ecc13990374882cd60b484365e12ffcc60e587eeaaa7696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E383 7 KB
5 KB 33ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f65420cde2f8776ec2add516000ef5d0204312f3a117937dc6d4575fde3e0b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5147
x-xss-protection: 0

GET
H/1.1

206
Partial Content

https://gcdn.2mdn.net/videoplayback/id/a45ace4316c1913b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777356845/sparams/id,itag,source,ratebypass,m...
https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/a45ace4316c1913b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777356845/sparams/acao,expire,i...

1 MB
1 MB

322ms
7ms

Media
video/mp4

2a00:1450:4001:3d::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/a45ace4316c1913b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777356845/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/81D2E617AD4008A062975996FF450F191BDFD200.0B6CD10EC946D2316AA316CA0326F99F3117D05D/key/cms1/cms_redirect/yes/mh/0a/mip/2a0f:9441:5:0:ea::1/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1636382168/mv/u/mvi/3/pl/48/file/file.mp4

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61903792/20210929024754596/300x250_google_studio/index.html?e=69&leftOffset=0&topOffset=0&c=JYQoAC6Uzr&t=1&renderingType=2

Protocol

HTTP/1.1

Server

2a00:1450:4001:3d::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

edf594c4994ad84cfc58632f53323a69320feb514a58c0ce034d3d18253e6824

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 14:50:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 29 Sep 2021 09:47:29 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1333996/1333997
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1333997
Expires: Mon, 08 Nov 2021 14:50:31 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:31 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/a45ace4316c1913b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777356845/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/81D2E617AD4008A062975996FF450F191BDFD200.0B6CD10EC946D2316AA316CA0326F99F3117D05D/key/cms1/cms_redirect/yes/mh/0a/mip/2a0f:9441:5:0:ea::1/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1636382168/mv/u/mvi/3/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 680
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

https://gcdn.2mdn.net/videoplayback/id/d115bac9e432918e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777787185/sparams/id,itag,source,ratebypass,m...
https://r4---sn-4g5lzne6.c.2mdn.net/videoplayback/id/d115bac9e432918e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777787185/sparams/acao,expire,i...

1 MB
1 MB

325ms
10ms

Media
video/mp4

2a00:1450:4001:12::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5lzne6.c.2mdn.net/videoplayback/id/d115bac9e432918e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777787185/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/4A90D30662A70C4D7844BC4D3BE8650687A539D7.0B4C8018AB5A41C99286E618EBE5B137FC4DABDF/key/cms1/cms_redirect/yes/mh/rW/mip/2a0f:9441:5:0:ea::1/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1636382168/mv/u/mvi/4/pl/48/file/file.mp4

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:12::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

286736416bcd8ab81c082d49937a3a9c1ca3b7086c12ca6426c0d8f4678e48dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 14:50:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 Oct 2021 09:19:50 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1054407/1054408
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1054408
Expires: Mon, 08 Nov 2021 14:50:31 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:31 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-4g5lzne6.c.2mdn.net/videoplayback/id/d115bac9e432918e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777787185/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/4A90D30662A70C4D7844BC4D3BE8650687A539D7.0B4C8018AB5A41C99286E618EBE5B137FC4DABDF/key/cms1/cms_redirect/yes/mh/rW/mip/2a0f:9441:5:0:ea::1/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1636382168/mv/u/mvi/4/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 680
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0DE 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv1dqNTmJYcGWLcyS7_UPiPiswAkAAAAAOAHgBAI&bg=!S0ilSAzNAAYH3anuB907ACkAdvg8WjM5rBJ_3PlT4_DSrCepfHaC_ne5Lod7ohQnKAPXA-33ClUsyAIAAAGBUgAAAE1oAQcKABVtf7ydOBHP8X9ORktXaAXB8kW8tbKZAu5AwpgWIaPvFl1eLogMeE81Oef2fO_T-EbHyvIBVHxm0Qwy9L5Mddp1PbBs03HCsOSKcpkX3t3IqBI1Nzjlg6Zq4PVBmPU2iYgYUbFF3g4rGQbdFSLkSVMNEq0tZAuPvtyZW21O-2wNocmxxMQQwwRiKk1YGpciV_FxR_oNAd9cxh9zI451DKDcmoVA1ZjoZ1RIGQiob9dqzdytnei834cktyH3j_1wa-Vwa3j-_Q_gIEOno4utXYL05XuwUCg1LGBGbp00vnQHwGS0qRZCtF7l4-Sdh_mgoH4qZA5twMKbGz7R1JXNyldxsouQiQ0SAjFYUq2xCI-BJhg_q-04iUt6WEKA-e5QqrZRxW406Wx_GZxzFRdAkjsprt5n-pF54AzKsVOD-lMnjfZ55opUD5gSZHoPhP3hjEFPfhMnalUqxxDd84UeXYd48XLc70KhH4Iuce29ycd0v7_ZwoFuFDLWCEUtl7IRIub8lIdKN_pJkSKboPx2CstmZlKXebAcxrZX0ZRYvRTEOi4WlJ7ULYJ7BwiKokcxH6G3bu_1zxkahL0MFzXh_sGmVecfYqt0JbsMFwxmpTbP3nMKHA8zyAVWMAlNMBfPfpdxrwu7RjXhDtgdGTTkqPWGoNC7dFekfUXV0WAr1Dyw8IShXvYp9jw3QlxIMNj3foWiEZeY5KvhSs9PBdMMZHZ8XcPXfPbUHGEwkIIzFeltx4N_GP9HaCGjyFuUe0otKCj7M7nJ3wf3ncxJRhDNqxnpMu90ndK_tXQYVmZR5hdpojTdhYTYUSyRstF1cdtGDiTvVcCK9EH901KefbtqX07B2mas8Gj-Tinp4GIU0OeMOnxQI4moAK0gcL-sbOFpgIrxch8c4lB59hAhvnuAsSYSKWL6CQz-CkEJx5CPn_RzxB_49Jg4pjk1hqXDXrkPyAoQujN6zuLLMT-HSm8F6HYY14GCBhbh0Wzh8wu22_haQUCQEiy3EgN6a4MrOlIbJkPnCZsZo7M

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B21 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvLrJNTmJYeuRLdT_gQfE6pvYDgAAAAA4AeAEAg&bg=!7u2l7anNAAYH3anuB907ACkAdvg8WjFxUmJZXbHFnplf7n3sszr5Kfz_1gBD5819JY6mjXFRBHWU6gIAAAHJUgAAADtoAQeZAx3ByoAG1rkMH6DvhwCb8Yu00MKJ3SBK7jTIiqRY28Bw1M16n8XPB-HoSeC7qab1bs4EPc4eYTl3vC2tpP92c9_Chl2cXu6Lkca9E3xxoU3aE50S6_o960C1MNHBQwWkaWoCxtzqf4dDCKgV-gr3RIrYE1kYSM03ZCaNPVhlcCZWOPED4zreAUpD3EqhJLcClikLBu7o5rr8iW4sivZ2keyN3u2_JDzHpX0uJY569m5VCcFeWBIRcJJh9u2kbKeth3m9AfHmBytQ1geXpwTy06EVFWZBdyLD-oXCSCcFla8sdZdNAzpMY1om82kzNtaYogOw22gB7cEze6syVeD7HPOS4YY6LllFjyu1BjcEtMEnSbv33WTcenk-SSaUB-cNaV1fUliHqoX1w4izmzfCayBSiRG1DN6aGWaGVohP_3lFDRV25yGq7cDbCqxQd8d4PJ9GE3iLTktrvyKcIchC-RxLAXhnaHoJNLWgL4YlRkxlsL-Hmyj_EPOXK0pYddYb-COgeiiNpZZOkxjJvU-v0yROa4SSljecuwvranecnsvypZPVyiTp967jQLgDnD65NZC2eRMpLVNiHunxbreebG39ycf0QUfB4i6Kr3kJDNu2QpbJN_jpYWobyHsP92lmxmQ6NsTetRAU2I3P68N-9YJpg2bDo5a6xktmkfLeuVmiUbaqtexvp0wCjqD2AR7FiwbM34hqkRWtrOgPT9UOjbF7MvmX7PEAU_I_NK_eE3Q_C-ra09WVRVIo_6L6x-fT8cWcoX77T_7gjFzVjJvlnagXoYPDS1jqfNRjC8R62B7rVxPuZJd9YQmacC9Jzwzz1Mw3Q-OdmOpBd1ztcOXvVvt_wV68pWb2KfHF-PTvF4kHMDXi8QLJl_5sC6zkiEMR_if3RBoiG007MnWK8EiokJdNU5TPxiqG9HLAN2yD6t0jSV4jH8z-LtIts0jUCaD-CNrYeT1wauHT2wBkzfgllsxq9alvLTWjNZJAl91b7QxkW6X-CtaUZ9fk9Phe875klGkMzXy5d1N12YydFdw3v4I7QHf_VgJ6OzB-Eyzf-Q

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DEFB 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcoB7NTmJYdDdLN3d7_UPkamksAoAAAAAOAHgBAI&bg=!zc6lzorNAAYH3anuB907ACkAdvg8WiaK1gKNRZHRPd-6jaNCwC0I5w0WWGHkW5gBrVU0UlS4KCkYAgIAAAGnUgAAACdoAQeZAwnUGypddgfbJPra1ah1vPs8ZB3m__RsdtUMwbkpmprVe8FP4HxocuuyQo6aUgjQIEq9RIc0Jw31lU-uL9tjEhC6shUOVDHCFRk7K6cG1BPmAnioN1QeZqS05yXfp8UhejgF0aGIOWywzlE8bu6Ht7kmls90PpSEROVGfCYD5HY9z6j8jfVOU5OYj3rjl4JV9C9Awj-WxLdOokgO8vNlVKvwJBLgJlJDLBiTdGCwXx92KTMIXnP5GnA01yldfg6lt2RmadOZURWoWH7sQ9kOvEBCOl7jjkiDkJWf1CSnr56H0u7e9eENimTf4OE9i6IY6fmrq5WQ-clIVap9mHOM26ifZ_XBD6iW-hClqG0R4rgOAb9yz4cRVfunc4Tr9QjJA9woV7ahtsFxyOXAoIwf3bnVOPIs3uZnTylP8zCdRhWFpQjwYhy-2ezDLiic1JRW-SrhnVJ4CO2JWI87wC_sK39tH8BszZl1tAU51xEritX5TOQkSRAHHZ4YQRy5DAXKNVXnC4d5erutBBLT8vnwqBuYJuVoDam5sHmb4SCQ8rzbeqrK-u4X-w4OKivLZJCtxrZElUvm6tu2DrpDSf2ZOtAVXCZIXNGI2ZWM0e0X00Gk7MzC3VvlQUYyox03kn2qQUJLeW-hRYe6DL9RJd76ovsA6bHeH4Qs_gpe9td_NB8mQYjrvdnMnjpXQrESJ4x49tu7GrYIykpxTU8Kv_33n9GdIdYfJ5IP8_iXGDlg-DqVcfL4kmGgAI-kpho83o0xSoI_I2JFiKCsXTohtaIuYk2OguCtGyr3aigJxyyfpGp6NbzjIobf12IyQjf2xOw0bWe55Zrl8ufj8t47wkPpKF6ZlsNmJL3wLOYY9ngKliChg-9ix1o42IVRaxDDXPdlBrvwwWMQyXP0p50Y8mXuWM6MyWZYK6CPHKaoKCnRjWQmbcMP5EGMOV_tuUs_VQf0OPk7a0DS9HIWhGMBMynrrJ6NdW3JjHOy0vUfj_vWwWrhXoOeceesq7fhjj6hZSqR2vcB8jYYvlJ1ri8

Requested by

Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bookx2.png
s0.2mdn.net/10388772/1619617590834/ Frame F14B 38 KB
38 KB 7ms
7ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10388772/1619617590834/bookx2.png

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2400893ec9b15c0e451cc8b5d6885c1faec933300af1d59d7be7a24dfc4111c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10388772/1619617590834/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 17:27:35 GMT
x-content-type-options: nosniff
age: 76975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38658
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 13:46:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 17:27:35 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9FB9 0
23 B 43ms
42ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsux2rsEojDMAz53xetJMYDGRCA--Y67KVgxagsrHikkFCVJVsl5rfv1tzuVXqjdjM0VVsTMmYdUMr9QHchF13hhLDrtlToU7AKTAXoBKj4lGNCwnZfcI5k6JSWijR2nu2BjY5bBOdONqetM6UMh4E0tmSLDgggXms6Zce6a685BdBsyZ955z1uXsywX07t5T1h3GjnR9ADDLEJDbudEEZe5en3QgViYQO4H55JkKPePr8XCzw_VOX41BTPIrOrrzGmD89jl30jcHoCRb9xHOkegWuqn6xzoto3_y7piLuWja-hqeHM_uMwOtafiD1PVJHCtSFMcR4T2CXYXwVSwfT6CSpcX6x_R6ot06109-fPNOS3Rb8g_qCS8-e4CbAtqpg_C0Cdi-Ix1XRtrmWThT7AqsD_tpP-BCtN78YvctOuzQnSOHLNCLoTW5t5C1K-1txXhN0nBeXijWMUxJVlv1O8kim6M4bVnZukn9OebsV_U_U2HydAkqkHAYayhfGjqKqGZegNLg9r0L-x9W02YnXUqLzawyLR7EA40uzRjnK6FAmsLzRrPOeNSPXUbKgpkLX6Bq1n9uGOtj4EVZzVPPbSJB0TQu818iTRmMmFh50KUIJkPhVCX2b3FUk0gb-TySsY-au4rEJOLXYq5TGE3DB88FONFsqsAKMYAhpu2Uc-66UcH1vXC6weJXS1VrSFEK8xFkvqEt38WYkmQEgvcWGwe-J6c6airfbgn6q1XGyEzZfpuvI0_C0i10mhxhb_vuXsIAPYlqVAilV9LXXl74n7pP4VhYjCKtM3z-mqGQEdWoLodMwcFvV9SJZAlfV6kXGv_h7EQLYhjGSNAR0VcNX58uvgN-GuS7g0WRZNPGKxyGJb1upjIOyS1jBrVF-iUfC5vY6Yu0VrbXMaivH0oP2wVCtcoF40rdBpQCb9I0Dvvbdp4YwNTSMDGWlx20eFJdfYWxOdXijMhhwJJ2KvDNMPc3JH482J5Q1KcQwpXHT9pUMqCTVWYLDJighU2SPXWbNz2MXUbuKP8xIahNInHFN-6ia0FjoxuEOh_KhiepmVUpoZY5VGpc5lqvxixvThrwS5uOJs0bHAkIx9-AkR09fZZTBIckpWp5dZcpsYDeSJEuFq3X1rHWdQqLWOy9Dn_blgwtDJ89rVKHkLiRDbglpEm28ZLVvEBuRUHq7nvk4VZiAtuTR27v07Yx_C-tZyohqf32BkpNmBtUs2XvkBusjUEnI3ZTf7rYMc5UA&sai=AMfl-YS9a9U9uxAcFb0wiZYKJilpmyf8QSXiqKEbNO43csYViXgEDCmjhji4jcAsIe7siDsu29F24VMHFsfBrHo5Ix5XXf49wsOqCc1aHd0EMdbanQgyM7mbt55UD26YGcoTAUInZWDA7f2GIaP0bEMuwa8moxQnfYuH1R--U4w&sig=Cg0ArKJSzJ-4miE93sZAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=999&vt=11&dtpt=833&dett=3&cstd=164&cisv=r20211103.77506&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4975 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRQXfNTmJYbqzLcyS7_UPiPiswAkAAAAAOAHgBAI&bg=!oqGloeXNAAYH3anuB907ACkAdvg8WqTgyhWlSjj58hkW_GTPLM33e-94BVOxmuWnn2CPhQelOJGqhgIAAAGcUgAAABRoAQcKAE9cJT7hCipNCnefyeGPVg3ESOHKa9pQt88CsZK6JmT4W9YgfYdVWYEu4YHbp24xoVw0NIDzv21w367kQKK5pjnkkDpImxs2V3Tp6X7SIMgumQMWiu1biBuWYMRQwPJVyxoHWx5qIdus8fFhErYjxBUSN2yUWU5ngAuPEY4x7J7hBa9TSK2XOLY4wbQWXJxvnOavqfyRr1ABVZAN9nXMqcZytPTKwU-0p7y5IPon_1BokpN9-502rpOUt8TJ_SRYkGf8eTYSuvia6oFzeDF563s-L7O5pDR0hCjsgJLDOGJxLsIWnRAG7caEKGquEig35u2WdEXbdaQ81uFRDBMPPtb0dK8gouGy55wuX9Pe929vb7-4ULcjUzM9O_VutSGDjPQbBQiEdVNJ8VBt6DsGeVtCqSptoyClGq0YvIRBqDvDqHt_nPlxB_YjHNsW3dKLSKWCEJ9CQuA4cNuloUX9_HqdOW_wHo_EaXeMkv6sAWuBZnMdYjP-lsoA3VGLFhL3Yi54fbF-CexUNqHl9DdVkMtwrIGW511IPNgR4imzqbf3cCD3CCGxZJvOutcyaozryS3APCZYD72Tfwp9WaAOtOfapsisrgwadU5mbzBQ0tfZTn1ITk97iQm5_jIZslpjE65VRctC-jzb0YkrgzLxPJ0lKSXWESdtNPP2p6G3SjJVlW8gPGIhqVRK-Z_oK-skS2WW0lyw5z3wRc6hCbFwbXVtcb5W1XSqx_k03a7BYc-q_f4-Ek_RBKj3zGnzjXapnw5v_nyj9e0N4cBqrGorYymTJNQp0KVsR_NZftU9MY_2CSZja9cMUYn_7Sap2ZjzHXWduez5luAq4cYgn6D3vqwWYYu7jjCKWj0ZbGlkbCRyluw9LVMSGC83yEGNgtzmepcjDNR_Y3OzNY6WHqeXNOIDR29b1ZAVGI0biTH_YtbQ2q7FeOsBpY90Ck1f4UEJ5aeRK1L9u3uRx4HOBZcFV-R-MjqIrLTqYRCcgTh3-mYXmOxSUVFjevimcfstc0sIZqX3GyLwwZIsHmdoypkehDG9isXGK17pHYgKKhQPp9hnOVLa578CN678HS08U95eOa-3vB5hrDI7V9gS7D1HRBs8Ckl-rDQP6odWPRISI1Tp7nASRvKmFOAHaT9wQ55tHliWYl0NhGMbtQ

Requested by

Host: www.hurriyet.com.tr
URL: https://www.hurriyet.com.tr/haberleri/pandemi-destek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11DC 0
56 B 43ms
43ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkAcWNTmJYfTcLZPK7_UPm4ynsA0AAAAAOAHgBAI&bg=!7-yl7KjNAAYH3anuB907ACkAdvg8WoCbIdrqskOpheF14oCYW-7I1NTyvBsYy8dB0VpbtyepRzK0aAIAAAGaUgAAABBoAQcKAI0k3gMkTF3nSUAumcawKkeqiMaPSswmzK9lbCyjN8UaxhnnERYDjHO6AOHNNeZcbi8uWeD0pnLnIaj2Kale2Wqa7BSk0w2hSPB0QDja3zUHXTYKC82w3zRZXl2yiEVOCSQtdxxsEKaH-fCWSl5p6-zMevrCCdBZLCVWoRNyzDzjKWsiGnDkz_FlMdVyRoeZAwFJsGOgUo4Ew9x0HthsCR8YT7DDKR739x3RzQ0FEgVE0PSI0nsN8No1gJEV_uqj6SojAX7ac2Ad6-JoRm9kXLu9Mo68lzAvQbG46fwiHSW9Lf4pfd5vT8vXcc9c8AuJPocKfZP99AbmuszRwvBfC17srRLENQe8zXl-KWIiUitTtTlP7v8MCjGh6AHVswBiu8DNA7F1iuhIZ8DVAcy_HIw0RfOiwNyoj0xo_-oUFTZwQEsSVcmI9GDgl3qcxqEDn4bl8RQ6I7jGl3T141VUrhEKYOl56ePsOZOqOp8y-YqY1TptaWkKWV_ygPNfzHFjzfiV2WK4Hnxoh521Iqz-ZVN_KbFL3AvRZ9SEDWTpqbENI7QiaJ_SCc-8TiJ3gV2VJ3ZVeK0ZhELJdzsK_kgq1QcUmOGM3xtQ-hZKUx9HO147JN9u9XiSXXDXsxO_TnR44P_UrUxBmnEovAprUUXjcJfq-FpBiBEnawqHZp3j08rRLenUlZA8Y4DnTdvwmtctlpeQOZrrfti25rzq-hWE3vZ8CPQ3kW7Zn_pCy_Ni-Cdhj-2j6JyshSps_Xk7EfZpmAmLucEWR1mGjiqUBSBeZYaYQudVbDaoxtdW2APz_1v1R-vBAnmki_2hQmZiytJULbr-5foTh7fxhzhaq0pW_oUifXekaOk0SQzqTY6bSR4nM_03QmYG2xJ6b-HCjKcgcCZBi8dHfkvoQ8C_kX-hf094qLVEGPdEESF2IDXD0A2Mr8IGTjtc60NlNL0Ls8h_DMg4Lsiip_r5yi7l0ab8wDX338vg27QGcFr7-ZBViwh9va0K-oV9La6dn0VAsmS2SaPsezXQ3qmrJbjZ5JAcWGgt49oGlEQgscJ0R2HOfaRgKBfe0OezcJbwoM9oqV4n7YMGfq4gXQEmNzqJc24KzYDC7Z-LoQiiOUQ6Vh5cWT9OUECkjUI4NSb7LV8FzgRC3sSyfX0i9U1EzkA0Keu9amUlt5TP4GDqystljod3PoT0MDz0iGqvrKtl3NDPEdMoUuBG

Requested by

Host: 6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
URL: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9FB9 42 B
174 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKKke_Yoyzwy5qarOQw1_4a4wT43DgLinKdPVY7DTvTDmdSQi_STMLIxbF6nJYbJeFQtnXx8M8zfJV3Gw5KLKCQ0Fzk7gl6JeA4Q0T&sai=AMfl-YSCaDFH-yCeyEsTKenuqKGJs21s9Ns7tnbpZkso_oC8rAKcvkk0sUgyWtA9321tpO-JkpkPpQE2O2PNEByXtng4UP4bczZxhkscXYKpU9E7jYlKH6AjYPSfU46JGA8&sig=Cg0ArKJSzMh72B3KuaIJEAE&cid=CAASFeRoGo0Z5U2my-Ek196nzYMyLifvMw&id=lidar2&mcvt=1000&p=217,436,307,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1465202717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636383029110&rpt=785&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A6C6 42 B
108 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsSpYAEA3IMCQiegGIgE8C8oCDgp7_Mbr70Dxmervfauyuw9QVT7rSGR4miQVcPk0CTiQuCKowGt-dGn-0BR5wdpNAcM02-rNr4MVffLY_U_sBmZhJNA&sai=AMfl-YRHC075vMOVuWM7V5evOti6DhdY1qJVNpNB4B0D4-EJSQlycq6iHhEuZbnBHz56_1oJTp0RhRQVXDoRGtlmryINltPrBKAChdwKx5QRHrPMcdlzw-KW4iYsrv5Ep_k&sig=Cg0ArKJSzEta3nM9NjgUEAE&cid=CAASFeRoYwA4GlHZPyKZOp2nN7ZOTk5jzg&id=lidar2&mcvt=1000&p=462,1435,1062,1735&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=0.55&if=1&app=0&itpl=20&adk=4001034156&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636383029107&rpt=925&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A54 42 B
108 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdyp_9Y1m6LuYG43s7SwKDncpt9S-r3W2glNDrMTL8wB7fiQ-SYnBZTaXKRpn1ALCHk61unO1V7pZY72RNbiTiOiRjuJCX-9_Lv5uyIgCH1l0RgBYHgw&sai=AMfl-YRqoToS_ZdN0fEA2gIfEfp1x7ybJl-xQKGrs6jSXyYP4U_8GWDvNJ_KnztN0akGhIhPrVdwAAOtDCrgW3TBpLZb_hDYx79kmazd3KmX1TsF30Hgl9h5GDOcheyojn4&sig=Cg0ArKJSzJjHyr3F6ZmwEAE&cid=CAASFeRoWJYzYKgmI6a-wt88xaWLMygfiA&id=lidar2&mcvt=1002&p=462,-135,1062,165&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=0.55&if=1&app=0&itpl=20&adk=3927909414&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636383029113&rpt=905&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C47 42 B
108 B 49ms
41ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1E79ScZWvPHDHjAjRAw2LsWbjarJzOVsFcFY4Sg9JGeGrT8F7sr5oczKz5PB4UuJNCO8oontobHcVTQOzOddA94bmoXw1GRAPTL5A&sai=AMfl-YRhOynavLbnICEMfk1KOknKtab_QgihVDrNJL0bQRj9G27BKdHFS5lg7RbPixQ__DvO0eAO32CyqMbiQJeffaDKmMKAE1GHKjhQCRbZ5oqTkJjXsYxcDm8cxOkAWeQ&sig=Cg0ArKJSzNxxLR_E0MvsEAE&cid=CAASFeRoE6Jb_AJ6YHF3ihIc07UuHJ06sA&id=lidar2&mcvt=1002&p=761,1115,1011,1415&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2486161909&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636383029140&rpt=937&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
services.insurads.com/ Frame 67A2 131 B
459 B 106ms
105ms Script
application/javascript 23.21.247.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/ad?auid=597666&csz=%5B%5D&sz=%5B%5D&appId=1828&s=1352&dm=1&is=0&ct=%7B%7D&h=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&sid=382E733935A78992&v=1.5.59&ts=1636383031297
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.5.59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.247.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-247-176.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7eed1f3e547374ffc7363603e6ff502a018c3c63e991ed808de3d443b78b8e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:31 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E383 17 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 08 Nov 2021 14:50:31 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 687A 0
23 B 43ms
43ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqrkza8lPYoGY_yXDjuE3IWC0OFfrYfsDuX_l5LA34kRSHan0xwceKdqRBXBkdL4lNHY3dDvqtoiDpV7FhHZ6jwCGm9df8KxCULKsoQHw09roDQ1mxnvsnrzkGB4_ClJBdZ9yop3fM62W6PYzGhMDefFYk0W6NqEUJeAw4P1pzS5c0ukWIfZMy97c7LwPK8dUkoDoi8_JMvjGttrapOfCaxEILefolzLQA1UVlaOk0RFOB0kWqorjJw1cu9kU1XBpXbw0M3ASJ5gQqDjPAus-Z41F1l2CDL7stpRaI8oRF41o92yylKJCTKTpV8iuUPpo_faJc-uOXFo1aRbbvN5eFBnyNQS747xf0_vS-AnucuxP88DFQuA3YaF5xhOlCRbpaRTZ0E-0lky6tT17LZTULgdW4s1XfWnEqK5E5IpTkxPh74YplMU9ds4lurrevp2LkqP423u0pyBDG2NgdgbpIWbx0q-uvYty4LIHaoK-Inqx9KK_f6mf7MRG4UOVR4pXp0rDNE1A0E6oomC90XznNoOwJdaALs_ku0rQnt1oJeNtbNSm8jTz0LcXcNmEw5wR6i7IbCalKcm0ktD49mU22ReMXYrUbtYwetDmG_P_StInivN-tUizio5sX_midqqmbI9md0EPk2KRtIH8Fru1f5GqKah5qnHrRNJcL1L_cfahVWfu9i-TyS4jjzxtbV39YR3LX8uSOP-OVsVNRtOvQ60v7jL_ZKWAPlEgryqZ4gYdE3Qr3ZeozxFd74w71Qc7GOeTiQnYsNrNS4RZ-UQ_33frJTeud6-3mhW1xUHcbYnthjUIsUkOFCDxuapU61wjOTuUPMWtYEFZuZa8gHKImaRl0bmMWmR9xuplejlIG_N4SJt5OAC4QciAGwVQ-FFNieQBst74s_1y9WR5pu8z3GyiCp0QBE1JSrWjwWJmMka8tkAIne5bm5z6BfGZzvgpb9RZyF_KrRlPAArK_1sD_4U8a7WU9Tp_qhH4yNvCe4sSH4waztqtB0-l2v4appRfr6Hvd1GDJvbMuFX30Gworalx4M_2RhRByuioLDt8hKu7jhonTLK91CtIXqAEogiJI6G6D-hzd6NtjsOjUwBC7KOIs-v9eKjK1QYQJPXw4zrmbz-L4J_1nJhXIXssHq-3c6GjMPzk-lpc1jDUuWYqLsmNeIfQ3XqyuQaM749DlENhNgK2L6MdmNCpAU26wSD1kMhMW84mWjTH4GxUyZgS6EqkVfh64rPdVYB9-X2NltRb9k_1XlLeCdqjump4ig4Ek&sai=AMfl-YT4Pi0RNfwN88qx5iw09Q9Cddqexz0WmgjkZj66Fj68rqwKTVR_ipxLp1bIlXJNsdjQuz1USFqlwDWHg1IhIcyjQCVrUgRm60eCNAi7PuKYNV0oJz29wVzmBgWuz6HYyjVB3UJKGUKbmsPIiHIZJUgjAm6lmmOYzM4S4vY&sig=Cg0ArKJSzHyRTRdMENtXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1590&vt=11&dtpt=1401&dett=3&cstd=183&cisv=r20211103.51718&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5369 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 08 Nov 2021 14:50:31 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1C47 0
23 B 43ms
42ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvH6oK7gxf_FCDs5CcjjB7zq_5b0zevYoQyYzMkibI8AXQNCYvXjj4T-kaSVKtK-P2fS4_wrvWBZRr30YU-RaKlaMHfWQsRGRfZCRpevl6H8WOrZWYIFCh-ZOpLXtGZRZuxtlIjDXCPRUZrLIXsDJ_gF-lC5irRJmQ_5684mbMQY5dbt6clc2ntQI1D6qA1s9QvEQKNg1nTFj9o-YHLXJkxDnC4L14g0ZQ4CGQy8osNpoTfu8f-YomkV2d4npdBosVBQDuI83vixGTq-Ju0xxscoy_7hQdtTBJ-DCoUY-ueUPmNeC1vq_xcfANWMAfJVfou4ad-iIRri2qycgcU_dafYVAF_BWgDkSHyk7qL1__kv0qELcQQzw99nhOMZBv8Jr8svdn1IucQVhknol6JqtCfNgFBYhRrVzZdL2MOBvbd4k5J9RDo1_Y4UDEqAhmqdK4c1cYSkQImq6dYNW9Rkfc8IdFJX7yTEcfcuINIhFKwKx7UYmoXauBdifgVsJpYBRZNMFWMSO2Az1GxMasNp93snbG8xDX44wr3Ks09MlRhBFCw6Mx498UZCML2cLOpUVKImjUQKK48Giv12HH2T_yBiJsXrlYM0L-SjGz6IIDSm9CjXYBRegGBqWe0F9QioQHFrWiElKS17bHo2pHlYPkRx0WsyYGB1Rm9lI9NWhbOUKBA28-2kbwv2AoxKt4PlwUjVKsAGlF77RIiqyCEEwPPjboIhyV5t98XgKlhc7R8CGV9tvNTTgJTCrTBrL1zymur3AKZlgDo5Izz4DBt5Ui2QK0iuwEpO3wm_I4kFBdaC6amVHI5VUHTmqpT-L8qYYTw8mBzENsRJgdoVFDXv8N4wtd54ljMBviBRa9SFuYV8WHGWObXBg7qE9-Go_5sPqE69L86IzEEaShAviLkWwXRgPJim32he7D_oJSf1xcyjAYvRWUFmSbPo6hlx558gvsZ8dS9PLvdHi_fezVRg6FuFc0CRXJzJ7iiqfVLyqzs5oE8fjDXbVJhqiBtMWgnlWRW3YwrZ5o06fzUjcmAlw7C4Vew6qPimb1CBBnvGFQfGMgNXQMYlT1qPxyT5PHVHOXxfbDRpi2I71xjpAnqal1gx_KIm3aRQIV3ArpeLsZYHtOM8WFWsllYeqeXn2PX4daAM19_pNlP3yEq9L2KqR_nBIULs4nojOcIUF8zmdhJBszriJUz4ztXR8F-u_FcqAgmh3qanzFkVKt5FwpLftXXA375Xe-BhmHPvpO1QsOxE9mc65a15IpCjV_7DlMt9FBkH44_A&sai=AMfl-YRXquOIxkXUO2sf_DPi_jxSKAcKE_J8tw5FtYq-dNc6SatKdBjrLFNzEVDZuP48uPNTB1qHcLAEGxy6--DozC7j6JmOG72YqVSVxClrKJrBjulYk3UiLgYm6jqjpgGMoHG7IibNW4VpgmwlezOlcDErXfFRk0ZI4-9KuKo&sig=Cg0ArKJSzPfWw_fbSus_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1557&vt=11&dtpt=1391&dett=3&cstd=163&cisv=r20211103.20444&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: emobilformdoldurunuzvakif.xyz
URL: https://emobilformdoldurunuzvakif.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 70ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/scripts/redesign/critical.min.js?v=octo-20.179.0.1428
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 66a8f22977a88effa3d50b4af9e8f1ad9e763b3c8ed4dd0e79301d9839362b9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:31 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:26:01 GMT
server: nginx
etag: W/"6178c6c9-1d4e4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 09 Nov 2021 14:50:31 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 27ms
27ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bce3acb2ba0d4f88aff25cc4ee67f86c9701555f055f00c16d31a599b982a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9329
x-xss-protection: 0

GET
H2 200 0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js Show response
pagead2.googlesyndication.com/bg/ Frame 87A4 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 11:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 11:14:49 GMT

GET
H2 200 0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js Show response
pagead2.googlesyndication.com/bg/ Frame 78EE 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 11:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 11:14:49 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 08 Nov 2021 14:50:31 GMT

GET
H2 200 lb
services.insurads.com/ 0
156 B 102ms
102ms Image
text/plain 23.21.247.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.insurads.com/lb?appid=1828&acid=409&s=1352&sid=382E733935A78992&auid=597666&ts=1636383031451&iid=p055876181dba8c1344e15aa398472b628f8d8bf2b7&is=0&m=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.247.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-247-176.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nocache: true
pragma: no-cache
date: Mon, 08 Nov 2021 14:50:31 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx/1.18.0 (Ubuntu)
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5A45 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 08 Nov 2021 14:11:44 GMT
expires: Tue, 08 Nov 2022 14:11:44 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ACFF 783 B
998 B 16ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee697d05a743ef41ed7846c251100a66c2e35fb1107eb7807f3db99b1a55913d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J4i0emmAS8EcCwpP4H7c7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 08 Nov 2021 14:50:31 GMT
date: Mon, 08 Nov 2021 14:50:31 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-J4i0emmAS8EcCwpP4H7c7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 050D 11 KB
5 KB 48ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.hurriyet.com.tr

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2599
date: Mon, 08 Nov 2021 14:50:31 GMT
content-length: 4683

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 19ms
19ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:31 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 03 Nov 2022 14:50:31 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 20ms
20ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:31 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 03 Nov 2022 14:50:31 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ACFF 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=1363868726308546&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame 050D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=hurriyet.com.tr&sn=ChromeSyncframe&so=0&topUrl=www.hurriyet.com.tr&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=pZYoKXxwQmRtM0Vid2xNanF2dGoyMUZPZ0Robm52MzJPM3U2RjFsMHJ5U3BubkJwOHRLaytkdFNvVUlaSyt2ZUFXakJJMW9ldmFpNERWRS9aVEI3VkxZcEwvY0l1V0s5bTJyNHlxUU1UWTBUU2tXUVJHRUVYeTE2R3NVaG...

431 B
622 B

243ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pZYoKXxwQmRtM0Vid2xNanF2dGoyMUZPZ0Robm52MzJPM3U2RjFsMHJ5U3BubkJwOHRLaytkdFNvVUlaSyt2ZUFXakJJMW9ldmFpNERWRS9aVEI3VkxZcEwvY0l1V0s5bTJyNHlxUU1UWTBUU2tXUVJHRUVYeTE2R3NVaGZRRUd3UWwvckpLakxrUlJuQzduQTNmYXdFUCt1NG90NG9wZnBpbFk1ZUVENkhIZkRsdnB4TW1KMExkMG9nb1JMY3MrdVlqcnBwbUFCQnRlZE5jcWp4R2hzY1RaTlB2RHQ3Z01manFyVVp2a0NUTkw3RVBNOXpzREhXaCtjcE1SVXBKcnVCQzkzRTBVWGw1Z0dpMHFDMzhzQUhuMDIrQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a8c8d6ff10f8c7c64aa066b64d7e0f11df2961c58219acc37cda08d8e6504b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 08 Nov 2021 14:50:30 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2352
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 08 Nov 2021 14:50:30 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=pZYoKXxwQmRtM0Vid2xNanF2dGoyMUZPZ0Robm52MzJPM3U2RjFsMHJ5U3BubkJwOHRLaytkdFNvVUlaSyt2ZUFXakJJMW9ldmFpNERWRS9aVEI3VkxZcEwvY0l1V0s5bTJyNHlxUU1UWTBUU2tXUVJHRUVYeTE2R3NVaGZRRUd3UWwvckpLakxrUlJuQzduQTNmYXdFUCt1NG90NG9wZnBpbFk1ZUVENkhIZkRsdnB4TW1KMExkMG9nb1JMY3MrdVlqcnBwbUFCQnRlZE5jcWp4R2hzY1RaTlB2RHQ3Z01manFyVVp2a0NUTkw3RVBNOXpzREhXaCtjcE1SVXBKcnVCQzkzRTBVWGw1Z0dpMHFDMzhzQUhuMDIrQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1791
content-length: 541
expires: 0

GET
H/1.1 200
OK data
b48.s248.meetrics.net/ Frame 8A54 43 B
308 B 11ms
11ms Image
image/gif 78.46.71.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b48.s248.meetrics.net/data?/LRXxFLYAALl1FDLkqFK0kyB04A33A50A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2Az2Az4AzwAy5AxxAzyEj6FmjF6lF46E6BFTkzFeP1FAAZAwSAcAAAAPnBAAAAAAAI8wBARksFAQtjFy98PSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.71.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h297.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:31 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 08-Nov-21 14:50:30 GMT

GET
H2 200 0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A45 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 11:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 11:14:49 GMT

GET
H/1.1 200
OK data
b54.s248.meetrics.net/ Frame A6C6 43 B
308 B 11ms
10ms Image
image/gif 176.9.43.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b54.s248.meetrics.net/data?/R1rpF5XAALl1FDLkqFK0kyB04A33A50A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2Az2Az4AzwAy5AxwA3wAz5B40A31AukFxBETkzFeP0FAAZAwSAcAAAAPqBAAAAAAAI8wBARksFAQtjFD37PSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.43.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h429.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 14:50:31 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 08-Nov-21 14:50:30 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=1363868726308546&bg=!kZKlktbNAAYH3anuB907ACkAdvg8WtAwVsDlHci1BUtUC68YPJyvQO_nvs_DE_fvg8UATGsLRYUAKAIAAACFUgAAAApoAQcKAJ4icIlS2o-qUkO3AecTR3M9PVXgUozoQeIhd_d6tCmr8HUVZDLIEHsMQhqzJBW7kZdWD-5AmsrpmulKcpEyGBjgOAMLt7LVlDuVAzyLF9IqsdAsWQ7qJwIUEf0jo0n1X3qt3jJbEZOv1CbyVwq1HGC5lX77KQZQHPwkt3lKWzDd9cs4pj2TKXfvWzdimwh5EimsG4hMPp92iWkue9oS6JkCtCmKrpUxHVy9xC1r3mHhc17zUATgkIluiJMo19O9wSlvKeuhz6CTUoS7EC5ha24IvRGveJvpWhLmWFByIpqOk_L643KCq27JE1wEYhYs_cJ3qmJscVW2_vrbE2TUEVEnmp1AzYNoiGn6E33kN2Y_hn-cHNdjyn3o8zx9vp4Rk8_c9Sk9tesfA1Mv-gvN1WDhPc972qgDP5KoRs5xSf_k6HhJVZyzfolzJbDLOoMIltmSnvJiKo6xj1sdRSKXcIY8b_uSV6l4Tm8IEXtnWIvj9luD43osQ8gxVb7SiTIhVR4bfnVpPO3C1RnNUo86lo19f-49ryIRx1mKhAepmyuwP8ua3z0KAvS1QxZTiaeGLs4S0abT5JKXbqiMcTtdaqyiBx7pSZ_Y8R0ByC_pSSW3MYWtiW89VWKb82Fid15kf-YfZw1ohxZFNfUeJAE1DIFm3BfDG2yg2OjU0qc57wl3gZgzxviXMUtdXd9lO7u3dlNkr4DgjuegP0fIHcJxi2vgjtGuQW6bwgRke0rMHQCjHNVwIJYH-FKNHBkorF5j-m1u3lEnhBrm-rGa9cvVtH5KCzbyW08mgpx_TixVhRwTb7I8kcT-q2zrL5n1Ftrka6Ti1AIwvd8B5w5_3I9XvqQ03Ak_opuYuTnEHFlnB9DD1x4vG-vymXClUkWpKV_RjXaNvN7R6RibW9Z4oIjlRunINnMNp8rdPYJlwW681jI8PpdGYPeqDAIR-gK7d97aN91xTGx8ujcHP4JnwbYWi0131eODLXmkUTTyXD1fVV86F5mIhUc2Vh3fmLQvacnwWR8qOnRQHat9fuWwcCYkpcIeuH7UgaIY_XFIcj7BOXvBnY1CIt1ol31uItD_EcIE2Fkwbm9R6UdC-bkxKU-8dua7sskRZefTT9pLlGFnjoKfbcLu--JC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 14:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 batch Show response
services.insurads.com/dfp/mapping/ Frame 624D 2 KB
715 B 313ms
312ms Script
application/javascript 23.21.247.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/dfp/mapping/batch?appId=1828&requests=[{%22eaup%22:%22/9927946/hurriyet/diger/sidebar_300x250_1%22,%22w%22:300,%22h%22:250,%22isda%22:true,%22eId%22:%22main_hurriyet_diger_sidebar_300x250_1_0%22},{%22eaup%22:%22/9927946/hurriyet/diger/body_728x90_1%22,%22w%22:300,%22h%22:250,%22isda%22:true,%22eId%22:%22main_hurriyet_diger_body_728x90_1_0%22},{%22eaup%22:%22/9927946/hurriyet/diger/sag_120x600%22,%22w%22:300,%22h%22:600,%22isda%22:true,%22eId%22:%22main_hurriyet_diger_sag_120x600_0%22},{%22eaup%22:%22/9927946/hurriyet/diger/pageskin_sol_120x600%22,%22w%22:300,%22h%22:600,%22isda%22:true,%22eId%22:%22main_hurriyet_diger_pageskin_sol_120x600_0%22},{%22eaup%22:%22/9927946/hurriyet/diger/header_728x90%22,%22w%22:728,%22h%22:90,%22isda%22:true,%22eId%22:%22main_hurriyet_diger_header_728x90_0%22}]&h=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.5.59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.247.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-247-176.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d149cda148f730f616f0afcd48d26702800d73e028d968cbf94324c184b9d713

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:32 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hurriyet.com.tr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hurriyet.com.tr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 14:50:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 341ms
341ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1363868726308546&correlator=1241176413985027&output=ldjh&impl=fifs&eid=31063281%2C31063405%2C31063429%2C31063182%2C44753989&vrg=2021110401&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=9927946%2Churriyet%2Cdiger%2Cscroll_ad&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&eri=1&cust_params=hurriyet_kategori%3Dhr_index%26keywords%3Dpagetype_other%26catlist%3Dc1_index%26contentid%3D1%26context%3D%26AdServiceStatus%3Dtrue%26screenWidth%3Dlarge%26consentStatus%3D0&cookie=ID%3D70e9a8167dff30d4-2253c4d639cb0042%3AT%3D1636383028%3AS%3DALNI_Ma-3VhV0oxR7iIBQYbtyOSEvNFtew&bc=31&abxe=1&lmt=1636383033&dt=1636383033440&dlt=1636383027731&idt=667&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1942374986&ucis=a&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&ref=https%3A%2F%2Femobilformdoldurunuzvakif.xyz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1230x0&msz=300x0&psts=AGkb-H_Ai7OFNUOFtN480eIxxXTVP_S8wcFw3_-dj0dqRdC3PiMQ64Cp23iib-whPZ3EeN_O9GHrnQOFA3q80_Wzmk0-dmuTZ7-8Be5EPKU%2CAGkb-H_d_fTxZdjUkm_5038zJJ39smRfWwanxLZF_5hzX5aIWXV8nR8i3avIndVL93pQO0wfIpnuZMTNGfzWX0mUdujWjue5oHhfD4r5mtllHQ%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1198651847.1636383028&ga_sid=1636383028&ga_hid=973641647&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGOqEnoDQL0UAAAAA&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f3a9d23527318e3b14d3eefc6e722058f1f2a787f1abbf716b3ce135246b8b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8913
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hurriyet.com.tr
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 03D2 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hurriyet.com.tr/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 08 Nov 2021 14:50:28 GMT
expires: Tue, 08 Nov 2022 14:50:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET close5.png
cdn.medyanetads.com/medyanet/images/ 0
0

GET pixel
googleads.g.doubleclick.net/xbbe/ Frame 3BEC 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.hurriyet.com.tr
URL: https://s.hurriyet.com.tr/static/images/redesign/ic-search-black.svg?v=octo-20.179.0.1428

Domain: r4---sn-4g5lzne6.c.2mdn.net
URL: https://r4---sn-4g5lzne6.c.2mdn.net/videoplayback/id/d115bac9e432918e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777787185/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/2A62ED125206836006179373FE2657C5DC3A08A2.3317CFB7DF6A892BCC647356F7F8A16156DE62C6/key/cms1/cms_redirect/yes/mh/rW/mip/2a0f:9441:5:0:ea::1/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1636382168/mv/u/mvi/4/pl/48/file/file.mp4

Domain: cdn.medyanetads.com
URL: https://cdn.medyanetads.com/medyanet/images/close5.png

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLiTLhCUmNKVAhiW64W2ATAB&v=APEucNWnsn1bTGY0FZ4_Wgp83KfKuriCoKFSj3iPEMP_RZL-l3dY1uQ4REd3ip_HcQyW1Wwn896mQ0wxIuEb8mHxMQKe3epXe0-YLaX7CO8H8Y2U-vWMW5UCk7aOFDogGzgUnDCIwpkUbcTmVACrbvyx81qBgK6_DE0xq5rXQgtBxx3FEnQLRbYF59SkVAS2jFxHouRWepcQ4T0N24n0JRCLr64WN_B_tg

Verdicts & Comments Add Verdict or Comment

326 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hurriyet.com.tr/	1970-01-19 22:33:46	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1636383027891],null,null,null,[]]
www.hurriyet.com.tr/	1970-01-19 23:16:15	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1636383027891],null,null,null,[]]
www.hurriyet.com.tr/	1970-01-20 07:11:27	Name: clicks_queue Value: []
www.hurriyet.com.tr/	1969-12-31 23:59:59	Name: _clicks_session_id Value: 860640348493251
.hurriyet.com.tr/	1970-01-20 07:18:39	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Mon+Nov+08+2021+14%3A50%3A28+GMT%2B0000+(GMT)&version=6.14.0&consentId=1f6fba42-6e81-454b-a44c-1635aea4b2fe&interactionCount=0&landingPath=https%3A%2F%2Fwww.hurriyet.com.tr%2Fhaberleri%2Fpandemi-destek&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0005%3A0&hosts=H41%3A0%2CH50%3A0%2CH81%3A0%2CH60%3A0%2CH207%3A0%2CH197%3A0%2CH122%3A0%2CH136%3A0%2CH137%3A0%2CH212%3A0%2CH62%3A0%2CH138%3A0%2CH63%3A0%2CH6%3A0%2CH85%3A0%2CH94%3A0%2CH9%3A0%2CH10%3A0%2CH143%3A0%2CH12%3A0%2CH151%3A0%2CH152%3A0%2CH153%3A0%2CH155%3A0%2CH65%3A0%2CH66%3A0%2CH18%3A0%2CH156%3A0%2CH20%3A0%2CH21%3A0%2CH126%3A0%2CH22%3A0%2CH24%3A0%2CH70%3A0%2CH25%3A0%2CH201%3A0%2CH71%3A0%2CH209%3A0%2CH166%3A0%2CH111%3A0%2CH28%3A0%2CH169%3A0%2CH170%3A0%2CH29%3A0%2CH30%3A0%2CH172%3A0%2CH173%3A0%2CH72%3A0%2CH31%3A0%2CH33%3A0%2CH215%3A0%2CH216%3A0%2CH36%3A0%2CH225%3A0%2CH74%3A0%2CH75%3A0%2CH178%3A0%2CH76%3A0%2CH182%3A0%2CH77%3A0%2CH187%3A0%2CH133%3A0%2CH78%3A0%2CH120%3A0%2CH190%3A0%2CH105%3A0%2CH228%3A0%2CH220%3A0
.hurpass.com/	1970-01-19 23:59:27	Name: sso_1 Value: a26b24b3945e825b62359217bbe30c63217b1e0fd80635f416cbc297add4aec2d48bce0a11eec3003796a946f397fe05cec547b1170825e24959f9bf9c865f02
.hurpass.com/	1970-01-19 22:33:04	Name: vxid Value: 637719906236926213-c7fc20b6-bb56-487f-baf8-decccdcb9c95
.hurpass.com/	1970-01-21 00:49:51	Name: sso_gb Value: gb.637719906236926213-d6474f2e-35e1-403a-8a97-1bb0630220e2
.bluekai.com/	1970-01-20 02:52:15	Name: bkdc Value: phx
www.hurriyet.com.tr/	1970-01-21 00:49:51	Name: hrp_gb Value: gb.637719906236926213-d6474f2e-35e1-403a-8a97-1bb0630220e2
.bluekai.com/	1970-01-20 02:52:15	Name: bkpa Value: KJhNDz+ryM9xdOop/h9zV73/3CvS2k/J3q6MQ84RXimHLHwYNl5exh3oPcvz7j752Sy2m6Aw18gW3XVp98XvqduAW+nb51LvIsGg/cxMtObzOi5fbz94ABUuCFw9wYvEa9mAYcwcgeGs8XkipQhrc6pS/uwOM1lg9Jz/1NtsV7JywuFvTJYmAhTl9/3p+3BbCMw4sPpN6JEVi6bIbqF5Ur6X1k+ZmHiJJMjyX39yKn2BC4WDFXdu5MJEDMW1fkRGHqvWgswnr8xlAks0pryO2v64dZF9quNN/4Dy05VcrrLMrlIVIcUlE6ROVoJLuj809bwcrH8P54zZFv2mCnbxHRTnEnZUIkQby6FBQyLtUsGz2Ci5tyF3Tln2ofooZAQW8txnwM3DJF/TSMT0ZPzde34XbZdzgzjrB/3MKefH6Ai4hCmU6GEmvRt4FQs9l2HR
.bluekai.com/	1970-01-20 02:52:15	Name: bku Value: CGD99ex8iVWTYTG2
.hurriyet.com.tr/	1970-01-20 07:54:39	Name: __gads Value: ID=70e9a8167dff30d4-2253c4d639cb0042:T=1636383028:S=ALNI_Ma-3VhV0oxR7iIBQYbtyOSEvNFtew
.doubleclick.net/	1970-01-20 07:54:39	Name: IDE Value: AHWqTUkY_WzQCN3lqber-VVcCF8B2ng8AJ1IIK9I-NhRMiXvreWO2rj4rdCqlAsc0so
.insurads.com/	1970-01-20 07:18:39	Name: ___iat_gid Value: 382E733935A78992
.casalemedia.com/	1970-01-20 00:42:39	Name: CMPS Value: 5229
.adnxs.com/	1970-01-20 00:42:39	Name: uuid2 Value: 987903992367508581
.adnxs.com/	1970-01-20 00:42:39	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In<fnTHd!]tbPl1M>e)ZlrFUfJ+tGXxp$IPGARGP]LGJ)xl)S-B<K?.iP@Nabn7=:$8=bpRzqF1`b`Mh1jO.
.casalemedia.com/	1970-01-20 07:18:39	Name: CMID Value: YYk5NYIH2DeqImZiRwzjhAAA
.casalemedia.com/	1970-01-20 00:42:39	Name: CMPRO Value: 1171
.hurriyet.com.tr/	1970-01-19 22:33:04	Name: ___iat_ses Value: 382E733935A78992.1
.hurriyet.com.tr/	1970-01-20 02:52:15	Name: ___iat_vis Value: 382E733935A78992.3926621368.1636383029764.3883679719.ZOEREAJJIM
.casalemedia.com/	1970-01-19 22:34:29	Name: CMST Value: YYk5NWGJOTYA
.casalemedia.com/	1970-01-20 07:18:39	Name: CMRUM3 Value: 2d618939362760CAESEE4FrRHgcJ-Y4DrC8DD6R1s
messaging.insurads.com/	1970-01-19 22:43:07	Name: AWSALBCORS Value: sa2UuJAKpUtRwWdFn8S10lze61TeH48+4qoDh2vgR4WOHa7e6S9R+1SdMLVpB+vSrQAvBe+saqicUYGOMDxdC0y6oGCDxtp4Iueq8qlKUag8O7Fxc/SBOqTqn+v6
.criteo.com/	1970-01-20 07:54:39	Name: uid Value: e73235a2-537b-46d9-986a-43a6d23c52a5
.hurriyet.com.tr/	1970-01-20 07:54:39	Name: cto_bundle Value: 0Ndu8191JTJCYkRZNzlWQUJXS1hPUGUxYk11ZmpOUE1TdDR3JTJGckY3cjZ4WTM1YU55QzlCc3hjVzlCdndGUVY2em84Qzg5REglMkJ0VEFGaEZMOEZRZTFFb3JFYktPS21XNlUzWXppWG5WVWJOYlpEMCUyRnZ0cFZLMUxzTXJWMlpmMUZ2UU1Wbm5aSDBEa01qNzFnY2FzaGFsV2JlNm8xUSUzRCUzRA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6a4f04e419ec7d6402884b4a0429d46a.safeframe.googlesyndication.com
ad-delivery.net
ad.doubleclick.net
ad.medyanetads.com
adservice.google.com
adservice.google.de
api.btloader.com
api.hurpass.com
b48.s248.meetrics.net
b54.s248.meetrics.net
btloader.com
c2.taboola.com
cdn.cookielaw.org
cdn.insurads.com
cdn.medyanetads.com
cdn.taboola.com
clicks.hurriyet.com.tr
cm.g.doubleclick.net
d38k2esv5oh9bn.cloudfront.net
dsum-sec.casalemedia.com
emobilformdoldurunuzvakif.xyz
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hurpass.com
i4.hurimg.com
ib.adnxs.com
lh3.googleusercontent.com
medyanet-com-tr.videoplayerhub.com
messaging.insurads.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pghub.io
pro.ip-api.com
r3---sn-4g5ednz7.c.2mdn.net
r4---sn-4g5lzne6.c.2mdn.net
s.hurriyet.com.tr
s0.2mdn.net
s248.meetrics.net
s248.mxcdn.net
securepubads.g.doubleclick.net
services.insurads.com
stags.bluekai.com
stat.meetrics.net
static.criteo.net
tags.bkrtx.com
tags.bluekai.com
tpc.googlesyndication.com
widget.perfectmarket.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.hurriyet.com.tr
cdn.medyanetads.com
googleads.g.doubleclick.net
r4---sn-4g5lzne6.c.2mdn.net
s.hurriyet.com.tr
104.111.215.191
104.111.228.137
130.211.23.194
136.243.15.236
136.243.33.13
142.250.181.226
142.250.185.70
142.250.186.34
151.101.1.181
151.101.129.44
151.101.193.44
176.9.43.172
178.250.0.157
2.18.233.67
2.18.234.21
216.58.212.162
23.21.247.176
2606:4700:10::6814:b944
2606:4700:20::681a:346
2606:4700:20::ac43:4686
2606:4700:3034::ac43:ba7a
2606:4700:3039::6815:c077
2606:4700::6810:9440
2a00:1450:4001:12::9
2a00:1450:4001:3d::8
2a00:1450:4001:803::200e
2a00:1450:4001:809::2004
2a00:1450:4001:809::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2008
2a02:2638:1::13
2a02:2638:1::3
35.241.45.217
37.252.173.62
51.195.89.103
51.77.64.70
52.222.206.78
52.49.225.127
54.198.67.185
78.46.71.232
83.66.162.110
83.66.162.77
89.187.169.122
89.187.169.47
001933cadc15480b7512749b07f35f05d3955ea0c51185a57e81ddc7ac71b884
04c8419865cb121be5be8e3e39805f9fffff0528ece1762268efae826229c216
053c2a29c25620c49da48c4c4398e5ab100b69a5ba4d893855d91ef44f7da4f7
0601934a0e1f4b07a01c2d152af6835361466c6a5e9e6220f84a8f1b82d8ba35
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
0a87d99716c0b4d3016eefa617456646a690db02febcc99c4cff6df61cd7150b
0af8a0ff66cde697e6462cdbafbaf691904dc1f01daba0006197d3d5ea311204
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0decf5461bf2a1f4243bfbb8d2b5702ca539b71338f87fb516a13a05d220d69c
10c4b39297ed526540a5282fe29fad4f8015f3b9c223149a004b014e3ab3286a
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
1203b946e0f41ad0a8bb563e0d00d9ad4576e6e42abd318292c08a2bef083ae3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
136ac63385c12cdedc72dd562a8e8b29a2d201d1f9bd392b4ca26b29f8582bc9
16a1b4d2d632f5ffcf01adc7004f644bd12a652603b46156813608fab8e98f17
18c6009e69fbdff5d7a28e1d10073711761393ef9e29daac23220aa33515c8ec
1d94be6ff05be0fbb645591bca2a96f3ff991a46a304a40c73c17c798a1ed023
22fae896165dfe232f87b69dbba3e98a4246ad4ba7e8f3c346316190c2e7b25f
2400893ec9b15c0e451cc8b5d6885c1faec933300af1d59d7be7a24dfc4111c7
24ca884a5509f9460ab1aeea03f8bda9428cc8abb039175f49b827eb4f339898
268f96855fccbcc739279b8c29db9f5bf3531f8de4bcca23c3a52026a278c240
286736416bcd8ab81c082d49937a3a9c1ca3b7086c12ca6426c0d8f4678e48dc
2bc856485fc030d62ffc0bd503a92a0dd5bca9903c1d60edc2d1d94d8050824b
30cf6a6f8c90e55d54a9eb7388053e117afd418c4d84035842ed3b4c6e19f996
34f860cf67c03312b7ebcc931a1265a751780d7794e4e1f441b586c462eb6439
37ab12abc870791846a9519a517d2d3beb05dd00aadcdb3d8f9ad5d050581016
38743be62c3c6384da933b785f689933c1bc3b0fe33af64d40027ca84d44a834
38df7d760517b4fedf309b3106a57ea2d107aa136b706143ae8eb0d3391c4b30
3be2490680cab012632e70a2fc663db286b10c2e7084561ebbdbcdba9035e52f
3d7401814140210d2efe2659558cb0e625098d873696264cebcafd079cc6567c
3e44236e71f1d7fc33169b5536e83d1f14f1b773396d387f9ba9bd9885d60f0c
4223d7cd6f3f5fe89821f3dd2aae7ca2094c050c24485213d646f8ef1ea2d019
4273d635b75c6f10d8e436bc9734f4204d7d1330076e1e64bf1561ccdda8bb1a
4630deeffc356398e1af684c94cb77804cea1fa198e70d3a4dab8fc9d04bba27
484522d71f483cd3de872e3a28892bba117554bbe7f8b4c07a05aa5474f546d4
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b23a5731867af06f8386e07748c6ea1495532160e9b57f501198b11d9a57e87
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d8e6863ceccccfea603b5227bab39459262a56c5bf48d0e9cf55395b6fa6de9
4f790fb56ff8f3f977916f3dfe951fa4232f140fe47cc9d3af14013b16e80b03
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
513d8f0331c2f8e4705d47c7ef456c550a9d338822aaeead2b7ae787342250bd
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
540db236ce539a88e0d2186a04b4e80543c1e3d82a904ff77a0440b9c847dbb3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55affca6b14138657baef73a36dbec78f107be34919f6ed464ad838c05d755bc
58b1130653266e7cadc5faf9a963af38b0c0402e5e7b32c3583ffa69f440c77e
5b2bc437247dde67d9f19c2ae4dd35a1deb0cb86103c00e3db6647967c65c725
5c289bc664f08e783ecc13990374882cd60b484365e12ffcc60e587eeaaa7696
62aa76d088e0fb756fbe15ac88e5e455296ac765041fc452a0fe1d38d984cff1
66a8f22977a88effa3d50b4af9e8f1ad9e763b3c8ed4dd0e79301d9839362b9c
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6c799fde86667860a31b64da4ab21331c9d928234c47e6382d37dfff016d3367
6ec7204087d65bd49fe114a7d8acaa7b45e394a2719dd2d677d5a478aabc31c9
6f386632670ee8fd779fe03eedcd42af77427c9544e9f47b18d8b529c70c209b
7495a524b72c718501037efc3b151a039825c1b1177da42b160812ccaa839504
75f4398ec1d6e20d1537b9dbcece8abf40c0834a32c4c93920fa05b7e7c1a0a0
77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9
77be70d13268deb9da9ec6392d86c7e93913eefdaae3977d914d5bdac1fe9e8c
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e
7a414fd06c1808140a0393ff18f7d3ebc313fd569c573b5d7f4a958c3b5ce3b0
7eed1f3e547374ffc7363603e6ff502a018c3c63e991ed808de3d443b78b8e11
7f3c7cb556133bf2aa975d3bd23799d142cee068aa98d97e37def7e2020271f9
83df8f02ca091f2a8b11e6f3cf7b629558794efc9b78ac32c18004f9c715091b
868f2732413f5fcb021d726343ac249b6ca630db5fbd578f6525f279dda5c22b
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8ef3e6811b230cc02f127ed8ac3395ef3d5381fe0d1c867a574b3492e8a2d250
94001d3d706ebf681736a94ceb55b8b1f513b435ead9e3508a4ba77efe984fe9
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
95126473a271db1e4d6e30a63a33dab813a3b23fc185f531f601fb79c5b9e58b
956aeb3e9594933b7a401326de186861399c7a783d5981caf02bb825ee28ddb2
969cea1b979fe9caa3bb40ab811c363f7140091f8c1c0ded2c67005f3f7bfbc2
97669d3f575a85376785d251d9a2c34fa662285227a92625bbedaeccb9b4391d
9a84df73f1e3aa5a081405d1e1c4259c52e6b517f01c880bd59112531204fa7b
9bce3acb2ba0d4f88aff25cc4ee67f86c9701555f055f00c16d31a599b982a6e
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00a7cf1ccfa2650b2af418639c9ed176df892c7275d6efd72ddf46efd12e22b
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5de3651c0aa89e6497da505565c8944039fd6480aa161b1f270d1f5953c9d5f
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a774a8fc02d2dcf69adefaf339a454d935fdf9475abe78ac5422c82647dab40d
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
a8a9244e4cca9d98eafd4b84ec93b14b3e38ea200d5e98c26e135a46c7c95d44
a8c8d6ff10f8c7c64aa066b64d7e0f11df2961c58219acc37cda08d8e6504b82
ab398f53d2db477897aba7548843113dd5003fc95ffeb5018078779122f3df4a
aef3fac8deaff6954f9c2e5de5bed3cd1204889d6dad0ea4722e30ea35cd4e63
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b158aee482b46ed495c6b42e89e5487604cbcaae2a71215edfa8b4417c00e63a
b1b41891bbf5ce88dd311623218cf230f6ec9499df2ac22c66041f2820ae189b
b1bc17a6e217bfb9879e70fc66eaac2e2a9e313411c3d470a6c38859a4ba3d4a
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b6a06d8e3f997dede12bd6ada4d4d8f95622829523c19ffef6a1b1661fffebb2
b800cb78591f6c96318a98bbdfdd4ba913bd3a30d506dfe13f9c57e3779dda47
b819e02fcd718274f1b6ad5e11e5b6330f25f5388b8ceb6213463725e81644af
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc83fe2aaca29fe44eec130782a50025b8382a380797f26998d8baad51e03634
bca94fbfd76e966b029dea0978c8ea032c816b3e13bd04876222f8946797c824
c0375aa549dfae6536a54f56e32b37fe75f40f8a7c6341d03333225d5837b36a
c17c263f3030b37c34fc39b8180aed1ebefb94b94f2813cb0a1ffa0ca035ada6
c1e9f14128c13ce84f5305448ac1194419d9c616eaee250ce33ac704ece33fdb
c6d0603a91055bb63195502ecaf914bf872975e62dac934396950e1eaeaf1369
c8595f2986065b1aa55f54636dd0c22dfeacc7e9b340331d98b64cbaec4e19be
c8af8e93aaf81a1019b9b2a03adfb31c52a5b72e5f5a3fa4aa9ff74e097c5277
caeeb73b936e9372b4a74c2b41f43d6dc21af097bef90d56bd7fe00a0d90cdc5
cc8dbead1f9ec6a21494f5332352ac522db2a0b86a05fb1520a019a564df570d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06686a85ceb4497a2d3b0f08b9a98598ac84900939163714b46050d23c5df8c
d149cda148f730f616f0afcd48d26702800d73e028d968cbf94324c184b9d713
d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30
d2a7f7925e345cc2227f32169e283a330414030d209da99af3e49f7e6db29dfb
d5570962d72dba68e956108399d73c17b208a40d2826468992c15feb731fc94b
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db86512460249cd5fb69503511c9d6e9f96876609d713ca3b66d5943e1beefab
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e2fe73b07f191f735e488f38fe3550e8eabc311c738f589b70e5bc878fe9705b
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
e40debd2efac39fc0e362436fd698949e34793e7ee371619a0aadab075c3ee27
e6118ad77e5034aee08b361ea25aa0b5546fc1437e0af60385fd4491f2820160
e7c129ee5de51a2692632d98e0e18cbc092fb758635921e4ecc404293495fafa
e972857e6ed4b4a89ec5fc59e5b1268919f11ae3eb1d1c1f72b46a4978915c4a
eb69ef22c1e156d2525cd305c67b5a9e6baa21d5e01c54a9b8b9668954df34ee
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
edf594c4994ad84cfc58632f53323a69320feb514a58c0ce034d3d18253e6824
ee697d05a743ef41ed7846c251100a66c2e35fb1107eb7807f3db99b1a55913d
eec6cb2000c2fa44f67ee73675e87e6a6276f212f351f89d35696b72fdb07ba2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f065ce535c9b84c29ff9ffce9cc1b7a02178e2d5a01271d80dcc6282182d9ad8
f39aa3ca12d3572fb57f0e9e9b2234e55a2b92157fc277707499d48ea004cceb
f3a9d23527318e3b14d3eefc6e722058f1f2a787f1abbf716b3ce135246b8b53
f64b92f6f7802eace881f0e302fbd7d4b656626fb0f1e9ffe1a5413f383349ff
f65420cde2f8776ec2add516000ef5d0204312f3a117937dc6d4575fde3e0b95
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
f938698ce41ab018c4da08fc3b5e701ca9c45da450f2d05b8c22cc9208d3d186
fb73618d3a519b09ddb5b76221975083616f2d852f3906a286f8b0fe91e8eb69
fc9cc6050cb99e5097549d04e20272c825e728bce705dee95c621f87499dc2eb
fce1ad6519242753662c5cb109f1602a526af9dd10223d0fadeeb3f3acf47356
fdbb1b242bd9ed3fd3f5268722a6862d02714aa25552a488aa6176314784abc4
fea0d4b621dc955a798c674cbf2fd139da4cceb8055ebc2ae75b746bbf2c68a2

www.hurriyet.com.tr Open in urlscan Pro 89.187.169.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

276 Requests

89 %HTTPS

45 %IPv6

35 Domains

59 Subdomains

52 IPs

5 Countries

7314 kBTransfer

13987 kBSize

27 Cookies

30 Outgoing links

Page URL History

Redirected requests

276 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hurriyet.com.tr Open in urlscan Pro
89.187.169.122 Public Scan

Screenshot
Live screenshot

Full Image

276
Requests

89 %
HTTPS

45 %
IPv6

35
Domains

59
Subdomains

52
IPs

5
Countries

7314 kB
Transfer

13987 kB
Size

27
Cookies

276 HTTP transactions
7 data transactions