www.kucukisletmeler.com Open in urlscan Pro
185.8.128.211 Public Scan

URL:
http://www.kucukisletmeler.com/
Submission: On May 10 via manual (May 10th 2021, 1:25:14 pm UTC) from TR

Summary HTTP 80 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 80 HTTP transactions. The main IP is 185.8.128.211, located in Turkey and belongs to ALASTYR, TR. The main domain is www.kucukisletmeler.com.

This is the only time www.kucukisletmeler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	185.8.128.211 185.8.128.211	3188 (ALASTYR) (ALASTYR)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
80	18

33 185.8.128.211 (Turkey)

ASN3188 (ALASTYR, TR)
PTR: aphrodite.alastyr.com

www.kucukisletmeler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	kucukisletmeler.com www.kucukisletmeler.com	702 KB
19	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	257 KB
7	gstatic.com fonts.gstatic.com	69 KB
7	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	25 KB
3	google.com 1 redirects adservice.google.com www.google.com	680 B
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	8 KB
2	googletagservices.com www.googletagservices.com	63 KB
2	google.de adservice.google.de www.google.de	906 B
2	google-analytics.com www.google-analytics.com	19 KB
1	googleadservices.com partner.googleadservices.com	646 B
1	onesignal.com cdn.onesignal.com	3 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
80	12

	Domain	Requested by
33	www.kucukisletmeler.com	www.kucukisletmeler.com
14	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	pagead2.googlesyndication.com	www.kucukisletmeler.com pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.com	1 redirects www.kucukisletmeler.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	ajax.googleapis.com tpc.googlesyndication.com
1	www.google.de	www.kucukisletmeler.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	www.kucukisletmeler.com
1	cdn.onesignal.com	www.kucukisletmeler.com
1	www.googletagmanager.com	www.kucukisletmeler.com
80	17

This site contains links to these domains. Also see Links.

Domain
www.calgaryflamesofficialonline.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.surustesti.com R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://www.kucukisletmeler.com/
Frame ID: 95BFE91E24BC1F00A7D75F660DDD0840
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210505/r20190131/zrt_lookup.html
Frame ID: A5D1EE5A96EB61A0A0836052F353F8FF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7428757489301242&output=html&h=90&slotname=1543150459&adk=3040763451&adf=2596954808&pi=t.ma~as.1543150459&w=728&fwrn=4&fwrnh=100&lmt=1620653096&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Fwww.kucukisletmeler.com%2F&flash=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&dt=1620653095869&bpp=5&bdt=1080&idt=294&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3242359315476&frm=20&pv=2&ga_vid=1938824141.1620653096&ga_sid=1620653096&ga_hid=1822059999&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739524&oid=2&pvsid=1362555012583614&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=C9qpAoHwtB&p=http%3A//www.kucukisletmeler.com&dtd=315
Frame ID: 4D1F85E4319A9600CAC4BA4379EEF427
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7428757489301242&output=html&adk=2969136045&adf=3689892565&lmt=1620653096&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.kucukisletmeler.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1620653095887&bpp=2&bdt=1099&idt=311&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3242359315476&frm=20&pv=1&ga_vid=1938824141.1620653096&ga_sid=1620653096&ga_hid=1822059999&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739524&oid=2&pvsid=1362555012583614&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&dtd=319
Frame ID: 64EC218D8B16C80D6B08D5DF2DC6A9D3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/index.html
Frame ID: B23F9FB9CBF396D84EA47CD1655FE313
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6B32F3904C1A03D839B8B06E8866180A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: FF13FC15771D852F835FA65462B374A7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

80
Requests

65 %
HTTPS

89 %
IPv6

12
Domains

17
Subdomains

18
IPs

4
Countries

1183 kB
Transfer

2911 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.calgaryflamesofficialonline.com/Adidas-Theoren-Fleury-Jersey
Title: Theoren Fleury Jersey

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

80 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.kucukisletmeler.com/ 77 KB
15 KB 2763ms
2633ms Document
text/html 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed / PHP/5.6.40
Resource Hash: 0ae9923a1220f104b9d0f757cf77fd1f636ae75092421530ad23b43ecc72c207

Request headers

Host: www.kucukisletmeler.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/5.6.40
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
link: <https://www.kucukisletmeler.com/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding,User-Agent
date: Mon, 10 May 2021 13:24:50 GMT
server: LiteSpeed

GET
H/1.1 200
OK style.css
www.kucukisletmeler.com/wp-content/plugins/instanow/assets/ 31 KB
6 KB 199ms
172ms Stylesheet
text/css 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-content/plugins/instanow/assets/style.css
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: d6ff194c5831de1386bb1b9b38e52c459167cb4c96ca4d8947b562854f4c8948

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 23:09:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 5274
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK style.min.css
www.kucukisletmeler.com/wp-includes/css/dist/block-library/ 50 KB
8 KB 200ms
173ms Stylesheet
text/css 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 20:27:53 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 7832
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK styles.css
www.kucukisletmeler.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 200ms
173ms Stylesheet
text/css 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Sun, 26 Jan 2020 16:17:39 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 656
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK style.css
www.kucukisletmeler.com/wp-content/plugins/taqyeem-buttons/assets/ 4 KB
1 KB 208ms
181ms Stylesheet
text/css 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-content/plugins/taqyeem-buttons/assets/style.css
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 23:09:30 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1088
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK button-styles.css
www.kucukisletmeler.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 9 KB
2 KB 207ms
181ms Stylesheet
text/css 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Wed, 03 Oct 2018 07:07:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1374
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK style.css
www.kucukisletmeler.com/wp-content/themes/jannah/css/ 486 KB
75 KB 176ms
103ms Stylesheet
text/css 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-content/themes/jannah/css/style.css
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 734c93c00597b91598da3f69bcc97986589893987ef9f10db65b7c7f2aa5d012

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Wed, 17 Oct 2018 23:02:55 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 75978
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK skin.css
www.kucukisletmeler.com/wp-content/themes/jannah/css/ilightbox/dark-skin/ 7 KB
2 KB 299ms
99ms Stylesheet
text/css 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-content/themes/jannah/css/ilightbox/dark-skin/skin.css
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Wed, 17 Oct 2018 23:02:59 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1319
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK taqyeem.css
www.kucukisletmeler.com/wp-content/themes/jannah/css/ 9 KB
2 KB 299ms
99ms Stylesheet
text/css 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-content/themes/jannah/css/taqyeem.css
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 7a58b9daada88b1f11fb716999c6183a80ff9b6ed79675e3ef247a310036aea9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Wed, 17 Oct 2018 23:02:58 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1938
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.kucukisletmeler.com/wp-includes/js/jquery/ 87 KB
31 KB 299ms
100ms Script
application/javascript 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Sat, 13 Feb 2021 11:35:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 30976
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.kucukisletmeler.com/wp-includes/js/jquery/ 11 KB
4 KB 311ms
103ms Script
application/javascript 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Sat, 13 Feb 2021 11:35:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4168
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 31ms
29ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-67512934-1

Requested by

Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

357b1d7ef86523e015a8b97f34cde69847197b38f23306229a3f3d3095c48b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35716
x-xss-protection: 0
last-modified: Mon, 10 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 May 2021 13:24:55 GMT

GET
H2 200 newslogo.png
www.kucukisletmeler.com/wp-content/uploads/2019/06/ 7 KB
7 KB 302ms
101ms Image
image/png 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kucukisletmeler.com/wp-content/uploads/2019/06/newslogo.png
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 4e708935cdd3f708bb3035cfe028f04d62b434d00e36772e74f7c40df2bb7fb7

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Mon, 24 Jun 2019 11:38:31 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7269
expires: Mon, 17 May 2021 13:24:51 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bda1421fc5ce7934caf8d700fd8111808a0111e5e406ec96ae23f74f9177e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 10 May 2021 13:24:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 1180854679999446135
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 47911
X-XSS-Protection: 0
Expires: Mon, 10 May 2021 13:24:55 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.kucukisletmeler.com/wp-includes/js/ 14 KB
5 KB 104ms
103ms Script
application/javascript 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Sat, 13 Feb 2021 11:35:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4675
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK scripts.js Show response
www.kucukisletmeler.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 103ms
102ms Script
application/javascript 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Sun, 26 Jan 2020 16:17:39 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3993
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK scripts.js Show response
www.kucukisletmeler.com/wp-content/themes/jannah/js/ 260 KB
79 KB 103ms
103ms Script
application/javascript 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-content/themes/jannah/js/scripts.js
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: e67caed0479addf9614bdf4d5e18c183e2725cd0f80f05c680489ba019d67b03

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Wed, 17 Oct 2018 23:03:03 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 80089
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
www.kucukisletmeler.com/wp-includes/js/ 1 KB
1 KB 104ms
103ms Script
application/javascript 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-includes/js/wp-embed.min.js
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Sat, 13 Feb 2021 11:35:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 769
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 32ms
15ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3084
etag: W/"5404400d01d5519bc4a10316e7ed5c9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 64d37d95bb75d72d-FRA
cf-request-id: 09f80cd1940000d72dd80aa000000001
expires: Thu, 13 May 2021 13:24:55 GMT

GET
H/1.1 200
OK sliders.js Show response
www.kucukisletmeler.com/wp-content/themes/jannah/js/ 73 KB
17 KB 100ms
99ms Script
application/javascript 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-content/themes/jannah/js/sliders.js
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 8605c3ea8b6fe48c32c323b98c327ae45e3925bd7e5f03340e78d7e1846b2bfe

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.kucukisletmeler.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Wed, 17 Oct 2018 23:03:03 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 17221
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK dashicons.min.css
www.kucukisletmeler.com/wp-includes/css/ 58 KB
35 KB 103ms
102ms Stylesheet
text/css 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-includes/css/dashicons.min.css
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.kucukisletmeler.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 08:16:13 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 35599
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.kucukisletmeler.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 86 KB
13 KB 190ms
99ms Stylesheet
text/css 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.kucukisletmeler.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kucukisletmeler.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
content-encoding: gzip
last-modified: Wed, 03 Oct 2018 07:07:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=3600, public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 12815
expires: Mon, 17 May 2021 13:24:50 GMT

GET
H/1.1 200
OK webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 12:21:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3785
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 5437
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 10 May 2022 12:21:50 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.kucukisletmeler.com/wp-content/themes/jannah/fonts/fontawesome/ 75 KB
76 KB 99ms
99ms Font
font/woff2 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-content/themes/jannah/fonts/fontawesome/fontawesome-webfont.woff2
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/wp-content/themes/jannah/css/style.css
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma: no-cache
Origin: http://www.kucukisletmeler.com
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.kucukisletmeler.com/wp-content/themes/jannah/css/style.css
Connection: keep-alive
Cache-Control: no-cache
Origin: http://www.kucukisletmeler.com
Referer: http://www.kucukisletmeler.com/wp-content/themes/jannah/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:50 GMT
last-modified: Wed, 17 Oct 2018 23:03:03 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 77160

GET
H2 200 Dijital-Pazarlama-Iletisimi-390x220.jpg
www.kucukisletmeler.com/wp-content/uploads/2021/01/ 16 KB
16 KB 174ms
173ms Image
image/jpeg 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kucukisletmeler.com/wp-content/uploads/2021/01/Dijital-Pazarlama-Iletisimi-390x220.jpg
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: a24f6ec3879b685814e04eca1684e0e5743a23429b8576843b0f1124b50b7e98

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Mon, 25 Jan 2021 06:56:19 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 16733
expires: Mon, 17 May 2021 13:24:51 GMT

GET
H2 200 bilanco_okuma_degerlendirme-390x220.jpg
www.kucukisletmeler.com/wp-content/uploads/2021/01/ 13 KB
14 KB 196ms
196ms Image
image/jpeg 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kucukisletmeler.com/wp-content/uploads/2021/01/bilanco_okuma_degerlendirme-390x220.jpg
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 599fed3d9b0c0ce2d671b6a90e8de849f85c83cf8d3f73d2e03f016e3babac29

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Fri, 08 Jan 2021 07:25:53 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 13795
expires: Mon, 17 May 2021 13:24:51 GMT

GET
H2 200 izaha-davet-390x220.jpg
www.kucukisletmeler.com/wp-content/uploads/2020/09/ 13 KB
13 KB 197ms
196ms Image
image/jpeg 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kucukisletmeler.com/wp-content/uploads/2020/09/izaha-davet-390x220.jpg
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 054ca932dc70ce55c3ffac8ecdbf2f693e2278b2b79eb26e8a3d193c31f51600

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Sun, 20 Sep 2020 19:41:46 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 13746
expires: Mon, 17 May 2021 13:24:51 GMT

GET
H/1.1 200
OK tiefonticon.ttf
www.kucukisletmeler.com/wp-content/themes/jannah/fonts/tiefonticon/ 9 KB
9 KB 99ms
99ms Font
font/ttf 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kucukisletmeler.com/wp-content/themes/jannah/fonts/tiefonticon/tiefonticon.ttf
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/wp-content/themes/jannah/css/style.css
Protocol: HTTP/1.1
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 3e5fe3d9f3103e880a68f6ce8ab0d505eea2b6ea38daf1b873304cb6f837cbe4

Request headers

Pragma: no-cache
Origin: http://www.kucukisletmeler.com
Accept-Encoding: gzip, deflate
Host: www.kucukisletmeler.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.kucukisletmeler.com/wp-content/themes/jannah/css/style.css
Connection: keep-alive
Cache-Control: no-cache
Origin: http://www.kucukisletmeler.com
Referer: http://www.kucukisletmeler.com/wp-content/themes/jannah/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Wed, 17 Oct 2018 23:03:03 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/ttf
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 8916

GET
H2 200 ddd-390x220.jpg
www.kucukisletmeler.com/wp-content/uploads/2018/11/ 10 KB
10 KB 171ms
169ms Image
image/jpeg 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kucukisletmeler.com/wp-content/uploads/2018/11/ddd-390x220.jpg
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: f33c262f5fe39d6560ff7247e377053f99fbf3c6f717e74ef8a63735c4c2868c

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Wed, 14 Nov 2018 20:01:35 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 10005
expires: Mon, 17 May 2021 13:24:51 GMT

GET
H2 200 kucukisletmeler_haberler.com_-640x397.jpg
www.kucukisletmeler.com/wp-content/uploads/2017/10/ 22 KB
22 KB 171ms
169ms Image
image/jpeg 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kucukisletmeler.com/wp-content/uploads/2017/10/kucukisletmeler_haberler.com_-640x397.jpg
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 3fb2a2629a4e8c292647dde69d13e268d6682eef9e7e0795f56d7f2038f8852c

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Thu, 26 Oct 2017 18:30:55 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 22657
expires: Mon, 17 May 2021 13:24:51 GMT

GET
H2 200 kdv1-kdv2-kdv3-390x220.jpg
www.kucukisletmeler.com/wp-content/uploads/2019/10/ 11 KB
11 KB 180ms
179ms Image
image/jpeg 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kucukisletmeler.com/wp-content/uploads/2019/10/kdv1-kdv2-kdv3-390x220.jpg
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 7f6bd42beed6a3b0931aad28a16aade84c11c3cfe9775da5d019abe2cd2dc214

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Mon, 07 Oct 2019 08:50:33 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 10953
expires: Mon, 17 May 2021 13:24:51 GMT

GET
H2 200 faktoring-sirketi-kurma-1024x606.jpg
www.kucukisletmeler.com/wp-content/uploads/2015/11/ 61 KB
61 KB 204ms
204ms Image
image/jpeg 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kucukisletmeler.com/wp-content/uploads/2015/11/faktoring-sirketi-kurma-1024x606.jpg
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: d71011d81784c034d2bd0950e200a603847afd894096de49196cb8f4bd77e52f

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Wed, 04 Jan 2017 10:32:03 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 62596
expires: Mon, 17 May 2021 13:24:51 GMT

GET
H2 200 BlockChain_Kabul_Goruyor-390x220.jpg
www.kucukisletmeler.com/wp-content/uploads/2019/04/ 22 KB
22 KB 273ms
272ms Image
image/jpeg 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kucukisletmeler.com/wp-content/uploads/2019/04/BlockChain_Kabul_Goruyor-390x220.jpg
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 90c27d4c9cd883072cdaca6b599009a089e244f0d7a473499241b90b6d659419

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Fri, 19 Apr 2019 06:42:04 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 22406
expires: Mon, 17 May 2021 13:24:51 GMT

GET
H2 200 mahalli-idareler-butce-ve-muhasebe-yonetmeligi-777x437.jpg
www.kucukisletmeler.com/wp-content/uploads/2015/12/ 38 KB
38 KB 284ms
284ms Image
image/jpeg 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kucukisletmeler.com/wp-content/uploads/2015/12/mahalli-idareler-butce-ve-muhasebe-yonetmeligi-777x437.jpg
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 2f0eca8655409e34165ade0ce58abd25c77cb3304ee9fcc226469d3cb4afe001

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Thu, 10 Mar 2016 20:35:20 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 38625
expires: Mon, 17 May 2021 13:24:51 GMT

GET
H2 200 resmi-yazismalarda-uygulanacak-usul-ve-esaslar-hakkinda-yonetmelik-777x437.jpg
www.kucukisletmeler.com/wp-content/uploads/2015/12/ 42 KB
42 KB 228ms
228ms Image
image/jpeg 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kucukisletmeler.com/wp-content/uploads/2015/12/resmi-yazismalarda-uygulanacak-usul-ve-esaslar-hakkinda-yonetmelik-777x437.jpg
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 3c8d4d00c9d324a26f827f00a32c334e7024fc0d1c781a01c570113e3fc81264

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Thu, 10 Mar 2016 20:35:22 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 42760
expires: Mon, 17 May 2021 13:24:51 GMT

GET
H2 200 devlet-arsiv-hizmetleri-hakkinda-yonetmelik-2016-777x437.jpg
www.kucukisletmeler.com/wp-content/uploads/2015/12/ 30 KB
31 KB 206ms
205ms Image
image/jpeg 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kucukisletmeler.com/wp-content/uploads/2015/12/devlet-arsiv-hizmetleri-hakkinda-yonetmelik-2016-777x437.jpg
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: 563d26f94d3351eb563774f3be9c3db0dc244315212579ae617cdea249c3cb8f

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Thu, 10 Mar 2016 20:35:08 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 31200
expires: Mon, 17 May 2021 13:24:51 GMT

GET
H2 200 is-sagligi-ve-guvenligi-kurullari-hakkinda-yonetmelik-777x437.jpg
www.kucukisletmeler.com/wp-content/uploads/2015/12/ 30 KB
31 KB 206ms
205ms Image
image/jpeg 185.8.128.211
ALASTYR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kucukisletmeler.com/wp-content/uploads/2015/12/is-sagligi-ve-guvenligi-kurullari-hakkinda-yonetmelik-777x437.jpg
Requested by: Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.8.128.211 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS: aphrodite.alastyr.com
Software: LiteSpeed /
Resource Hash: eb19a4697cc3627515746f0cecefb973072e7cd5a9d3d4730f44a6757e5c9f04

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:51 GMT
last-modified: Thu, 10 Mar 2016 20:35:14 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 31227
expires: Mon, 17 May 2021 13:24:51 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 4 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin

Requested by

Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30564f1663da502f2c9adfa60e2491344bf561245e7a7622fe061fc804ac56c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:24:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 May 2021 13:24:55 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Mon, 10 May 2021 13:24:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210505/r20190131/ 224 KB
83 KB 255ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210505/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7428757489301242&plah=www.kucukisletmeler.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cd6c951096f7a376ac4d67812d7c09a069452cba6c4fa4f0ea1f052c1fd0c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84600
x-xss-protection: 0
server: cafe
etag: 12591075211014417161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 10 May 2021 13:24:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210505/r20190131/ Frame A5D1 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210505/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210505/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.kucukisletmeler.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.kucukisletmeler.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 10 May 2021 02:19:20 GMT
expires: Mon, 24 May 2021 02:19:20 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 39936
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-67512934-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3483
date: Mon, 10 May 2021 12:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 10 May 2021 14:26:52 GMT

GET
H/1.1 200
OK pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.kucukisletmeler.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 00:50:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Nov 2020 22:02:01 GMT
Server: sffe
Age: 563684
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 7900
X-XSS-Protection: 0
Expires: Wed, 04 May 2022 00:50:11 GMT

GET
H/1.1 200
OK pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.kucukisletmeler.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 09 May 2021 10:05:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Nov 2020 22:01:55 GMT
Server: sffe
Age: 98390
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 7776
X-XSS-Protection: 0
Expires: Mon, 09 May 2022 10:05:05 GMT

GET
H/1.1 200
OK pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.kucukisletmeler.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 02:06:30 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Nov 2020 22:02:10 GMT
Server: sffe
Age: 386305
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 7988
X-XSS-Protection: 0
Expires: Fri, 06 May 2022 02:06:30 GMT

GET
H/1.1 200
OK pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.kucukisletmeler.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 21:41:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Nov 2020 22:01:48 GMT
Server: sffe
Age: 488631
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 7832
X-XSS-Protection: 0
Expires: Wed, 04 May 2022 21:41:04 GMT

GET
H/1.1 200
OK pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2
fonts.gstatic.com/s/poppins/v15/ 5 KB
6 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81f808ca766112a73497cdf7cd4224e27063c394f07b12b7d7a5e0599c19f37e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.kucukisletmeler.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 15:40:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Nov 2020 22:01:56 GMT
Server: sffe
Age: 337493
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 5480
X-XSS-Protection: 0
Expires: Fri, 06 May 2022 15:40:02 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1822059999&t=pageview&_s=1&dl=http%3A%2F%2Fwww.kucukisletmeler.com%2F&ul=en-us&de=UTF-8&dt=K%C3%BC%C3%A7%C3%BCk%20%C4%B0%C5%9Fletmeler%20%E2%80%93%20Kobi%20Hizmet%20Rehberi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=760083013&gjid=827690209&cid=1938824141.1620653096&tid=UA-67512934-1&_gid=1863521435.1620653096&_r=1&gtm=2ou4s0&z=1341020584

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 May 2021 13:24:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.kucukisletmeler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-67512934-1&cid=1938824141.1620653096&jid=760083013&gjid=827690209&_gid=1863521435.1620653096&_u=YEBAAUAAAAAAAC~&z=1866484710

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 May 2021 13:24:56 GMT
content-type: text/plain
access-control-allow-origin: http://www.kucukisletmeler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
646 B 190ms
82ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.kucukisletmeler.com&callback=_gfp_s_&client=ca-pub-7428757489301242

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210505/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7428757489301242&plah=www.kucukisletmeler.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

65207c70904c120e005a0022eec2cb1f0e3018d212e572dc0fd7e2de7e90fb4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 41ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kucukisletmeler.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 May 2021 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 40ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kucukisletmeler.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 May 2021 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D1F 58 KB
20 KB 299ms
281ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7428757489301242&output=html&h=90&slotname=1543150459&adk=3040763451&adf=2596954808&pi=t.ma~as.1543150459&w=728&fwrn=4&fwrnh=100&lmt=1620653096&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Fwww.kucukisletmeler.com%2F&flash=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&dt=1620653095869&bpp=5&bdt=1080&idt=294&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3242359315476&frm=20&pv=2&ga_vid=1938824141.1620653096&ga_sid=1620653096&ga_hid=1822059999&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739524&oid=2&pvsid=1362555012583614&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=C9qpAoHwtB&p=http%3A//www.kucukisletmeler.com&dtd=315

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e6197259b507942d99ea3fd1ad6059e43d6b0135685a7f36ae9b450bb8972e

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNOu66Cbv_ACFUEe0wod0uoIzg&gqi=KDSZYN2vDcqB2fcP2pa72Ao&layout=/sadbundle/%24csp%253Der3%24/13264340863758106624/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7428757489301242&output=html&h=90&slotname=1543150459&adk=3040763451&adf=2596954808&pi=t.ma~as.1543150459&w=728&fwrn=4&fwrnh=100&lmt=1620653096&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Fwww.kucukisletmeler.com%2F&flash=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&dt=1620653095869&bpp=5&bdt=1080&idt=294&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3242359315476&frm=20&pv=2&ga_vid=1938824141.1620653096&ga_sid=1620653096&ga_hid=1822059999&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739524&oid=2&pvsid=1362555012583614&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=C9qpAoHwtB&p=http%3A//www.kucukisletmeler.com&dtd=315
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.kucukisletmeler.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.kucukisletmeler.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNOu66Cbv_ACFUEe0wod0uoIzg&gqi=KDSZYN2vDcqB2fcP2pa72Ao&layout=/sadbundle/%24csp%253Der3%24/13264340863758106624/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 10 May 2021 13:24:56 GMT
server: cafe
content-length: 19990
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 10-May-2021 13:39:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 May 2021 13:24:56 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 40ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0248976da97cef9d507c26ab78186f1fc82a4dc71963f29cc49946f09e72d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620386783045400"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Mon, 10 May 2021 13:24:56 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
29ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-67512934-1&cid=1938824141.1620653096&jid=760083013&_u=YEBAAUAAAAAAAC~&z=1241926696

Requested by

Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-67512934-1&cid=1938824141.1620653096&jid=760083013&_u=YEBAAUAAAAAAAC~&z=1241926696

Requested by

Host: www.kucukisletmeler.com
URL: http://www.kucukisletmeler.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 64EC 54 B
56 B 73ms
68ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7428757489301242&output=html&adk=2969136045&adf=3689892565&lmt=1620653096&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.kucukisletmeler.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1620653095887&bpp=2&bdt=1099&idt=311&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3242359315476&frm=20&pv=1&ga_vid=1938824141.1620653096&ga_sid=1620653096&ga_hid=1822059999&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739524&oid=2&pvsid=1362555012583614&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&dtd=319

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7428757489301242&output=html&adk=2969136045&adf=3689892565&lmt=1620653096&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.kucukisletmeler.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1620653095887&bpp=2&bdt=1099&idt=311&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3242359315476&frm=20&pv=1&ga_vid=1938824141.1620653096&ga_sid=1620653096&ga_hid=1822059999&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739524&oid=2&pvsid=1362555012583614&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&dtd=319
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.kucukisletmeler.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.kucukisletmeler.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 10 May 2021 13:24:56 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 10-May-2021 13:39:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 May 2021 13:24:56 GMT
cache-control: private

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 4D1F 2 KB
2 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7428757489301242&output=html&h=90&slotname=1543150459&adk=3040763451&adf=2596954808&pi=t.ma~as.1543150459&w=728&fwrn=4&fwrnh=100&lmt=1620653096&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Fwww.kucukisletmeler.com%2F&flash=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&dt=1620653095869&bpp=5&bdt=1080&idt=294&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3242359315476&frm=20&pv=2&ga_vid=1938824141.1620653096&ga_sid=1620653096&ga_hid=1822059999&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739524&oid=2&pvsid=1362555012583614&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=C9qpAoHwtB&p=http%3A//www.kucukisletmeler.com&dtd=315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 May 2021 13:18:34 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D1F 116 KB
35 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0699772b8ca80d6ef1ac55871141afd77cda372f15f1a97b74b41dae70ab25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620386788828326"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36100
x-xss-protection: 0
expires: Mon, 10 May 2021 13:24:56 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 4D1F 13 KB
6 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 May 2021 13:23:33 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/ Frame B23F 225 KB
30 KB 21ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c5a2785b0eadac3c7ae64624227cfb2bec2574fe58220ac18d8e58f912aa666

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/13264340863758106624/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 04 May 2021 04:53:57 GMT
expires: Wed, 04 May 2022 04:53:57 GMT
last-modified: Mon, 21 Dec 2020 16:11:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 29401
age: 549059
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D1F 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFYNrKDSZYNP6DcG8zAbS1aPwDJOq06limM7NiaENxISFngsQASDYoaxIYJUCoAHszIbhAsgBCakCeKFSgeRktD6oAwHIAwKqBMwBT9BSbxs-ay6w_DRw-Tc_VG-66Jhw35u2-JLD2iE4CGHZxCqRTewdu3jb8Yq1jaojnDAUhDrrBHY1guEjwfkqY7bw8gRQSuZ_nDu0GXaVYqsxGa5ZKYgZXsKIjYfoenl-EIw1RMQJAY5Fv-FgdkfSVR9oFVME7w30n2Xdp51lCqZ9X4ABXISQyLN-WQLO7sBHZR7OktPtMxYdio3qVSFCuU8haqCxznKGGtYX_HS59P0Lw2XM6tfEkzz_XmzwljObIo8tZ1m0o0LMVBGuwASp49T_pwOSBQQIBBgBkgUECAUYBKAGXYAH_LL5ngGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ-IQv0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshcaChgIABIUcHViLTc0Mjg3NTc0ODkzMDEyNDI&sigh=-UOJWakA6Do

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7428757489301242&output=html&h=90&slotname=1543150459&adk=3040763451&adf=2596954808&pi=t.ma~as.1543150459&w=728&fwrn=4&fwrnh=100&lmt=1620653096&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Fwww.kucukisletmeler.com%2F&flash=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&dt=1620653095869&bpp=5&bdt=1080&idt=294&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3242359315476&frm=20&pv=2&ga_vid=1938824141.1620653096&ga_sid=1620653096&ga_hid=1822059999&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739524&oid=2&pvsid=1362555012583614&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=C9qpAoHwtB&p=http%3A//www.kucukisletmeler.com&dtd=315
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 10 May 2021 13:24:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 10 May 2021 13:24:56 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B32 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7428757489301242&output=html&h=90&slotname=1543150459&adk=3040763451&adf=2596954808&pi=t.ma~as.1543150459&w=728&fwrn=4&fwrnh=100&lmt=1620653096&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Fwww.kucukisletmeler.com%2F&flash=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&dt=1620653095869&bpp=5&bdt=1080&idt=294&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3242359315476&frm=20&pv=2&ga_vid=1938824141.1620653096&ga_sid=1620653096&ga_hid=1822059999&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739524&oid=2&pvsid=1362555012583614&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=C9qpAoHwtB&p=http%3A//www.kucukisletmeler.com&dtd=315
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7428757489301242&output=html&h=90&slotname=1543150459&adk=3040763451&adf=2596954808&pi=t.ma~as.1543150459&w=728&fwrn=4&fwrnh=100&lmt=1620653096&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Fwww.kucukisletmeler.com%2F&flash=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&dt=1620653095869&bpp=5&bdt=1080&idt=294&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3242359315476&frm=20&pv=2&ga_vid=1938824141.1620653096&ga_sid=1620653096&ga_hid=1822059999&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739524&oid=2&pvsid=1362555012583614&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=C9qpAoHwtB&p=http%3A//www.kucukisletmeler.com&dtd=315

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 10 May 2021 12:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3337
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B32
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlr9mFuOqtrzZaIwpwxcukZtald475Xlu7H0qrgAA44xiKtX539trMZ3eq8w_Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 10 May 2021 13:24:56 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 10-May-2021 14:24:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 May 2021 13:24:56 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 10 May 2021 13:24:56 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4D1F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 888e63dcedcfc3ff024f5921a7a973a6fad615d9c305025c63396f6a58ad2b68

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame B23F 4 KB
686 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cea0f8101de8a13f1f4a4610f910c8e6349c8f730ae8c5cb8e9b4823212e451c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 10 May 2021 11:29:23 GMT
server: ESF
date: Mon, 10 May 2021 13:24:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 May 2021 13:24:56 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B23F 16 KB
6 KB 29ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 10 May 2021 17:09:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B23F 26 KB
10 KB 28ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 10 May 2021 23:11:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B23F 15 KB
15 KB 20ms
17ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 118893
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 09 May 2022 04:23:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B23F 15 KB
16 KB 21ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 337767
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 06 May 2022 15:35:29 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 34ms
20ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210505&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

850e84bcfd8a4498471f0a50f871158c94d55401db800e90cc92623856668b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 May 2021 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7660
x-xss-protection: 0

GET
H3-29 200 Logo_black_0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/ Frame B23F 4 KB
4 KB 11ms
9ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/Logo_black_0.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66e1d7f46761f438550f7894c1f43943000bd680b6043f756cc4492c30e639dc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 349426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4365
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 16:11:47 GMT
server: sffe
date: Thu, 06 May 2021 12:21:10 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 May 2022 12:21:10 GMT

GET
H3-29 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/ Frame B23F 881 B
907 B 10ms
9ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/cta.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6eb1a910a8765764fbd2eee3f572e777bb6bdc14c4ad4030144a95a5e51c3a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 307626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 881
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 16:11:47 GMT
server: sffe
date: Thu, 06 May 2021 23:57:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 May 2022 23:57:50 GMT

GET
H3-29 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/ Frame B23F 3 KB
3 KB 20ms
18ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/logo.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

510d07bf2eb847c9f3b61f6c1624684febb6b04624ba304e3b8ef8a47f165cd1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 430616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3162
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 16:11:47 GMT
server: sffe
date: Wed, 05 May 2021 13:48:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 May 2022 13:48:00 GMT

GET
H3-29 200 CTA_Signers_blank.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/ Frame B23F 2 KB
2 KB 19ms
18ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/CTA_Signers_blank.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edbec997dbdb9747d5fbc76ebebf0fbf439c057ec50520205740a74c623994c0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 290234
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1889
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 16:11:47 GMT
server: sffe
date: Fri, 07 May 2021 04:47:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 04:47:42 GMT

GET
H3-29 200 3_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/ Frame B23F 17 KB
17 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/3_1.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adf7d38407a81f931c0ae3f0b20c5d1cd801fc24fb6155b6c1e5ece2000431cc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 430616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17428
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 16:11:47 GMT
server: sffe
date: Wed, 05 May 2021 13:48:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 May 2022 13:48:00 GMT

GET
H3-29 200 2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/ Frame B23F 9 KB
9 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/2.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

166f2a180eccb745ea7fd7efb4675ad97146e15d7d49483725876bf9f19cb4e5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 430616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9097
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 16:11:47 GMT
server: sffe
date: Wed, 05 May 2021 13:48:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 May 2022 13:48:00 GMT

GET
H3-29 200 1_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/ Frame B23F 13 KB
13 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13264340863758106624/1_1.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c173dcd34cfd62b8830955492daf597321b2d3e73dbc9aa1fafae6e2162f716

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 349426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13102
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 16:11:47 GMT
server: sffe
date: Thu, 06 May 2021 12:21:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 May 2022 12:21:10 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 10 May 2021 13:24:56 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame FF13 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.kucukisletmeler.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.kucukisletmeler.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 10 May 2021 12:36:29 GMT
expires: Tue, 10 May 2022 12:36:29 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2907
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js Show response
pagead2.googlesyndication.com/bg/ Frame FF13 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8eec042900d799bfe65a2455927946f3bcdc6c2282b4a4e7ba749c95ec579770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 10:09:02 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 10:48:00 GMT
server: sffe
age: 11754
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5663
x-xss-protection: 0
expires: Tue, 10 May 2022 10:09:02 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 42ms
40ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210505&jk=1362555012583614&bg=!8fKl8rbNAAYP3QOmD907ACkAdvg8WtyyMdHDZz9YYFUB6IqyCYDZzxcmHPLg8kfTYh3bZyIexWw0xQIAAADfUgAAABBoAQcKAF2uw0Dn-EbXsxnOGs_VtxMBS6zl5dSDq3_bgpPpWi0a7-muvOiQ4xohPEFJLBdyYF8rItheVuR2X0KLI3_a06JCvJNbQ6PcmuCEhN3k371shtYctt7MhnMIM4tKA3WZAjvKGPlxh1c1A0oYJZfOXwHfMBDhHN8QK0yT_DYcY0VHYFnzM8wC7aR-Q3hh8IhpSbhZVP7bx71ix8EfLjI6sZ-fg8CMLTnOxpyhtpkL1hwEgZ1T9_riQI4AtnJBhby89F3sPsZX6kw4j_INfz-Jp7GF8rL5kgf48HQ8hvhfkRU8_r2E6lxUe3iLPpczC2n0-Izf0JHD9P4n6C7_c04ppJyhy9UdgBlAPCf4eWuhcW1Z0WD7gdMb9fxHzgpnDQdZbx7YDCFSLdC8Xo4KwNzc_Arjc1U0axVYXLRYB1N6SCP9q3jamePaGtlBmy8-97nTOoYeOdrEy0k1LmeIiN-OcUY3KSfuke0TUy_E1RSL-zh7wEdZ-TEN1nTg-4Bl5WLCp2fbNi7lHLkTc8hDM4F0nz8yA75qmXocjBAk5bm6HrogLyRqdhG92Gtk1Nbuul3r9ofY6Ulzom29HZya2qWYA_KgfVyCQV9E2TO8OcyCddWFxh4T9Te6ybZTqhVwM8C0lWPja8OBvfxpNayCn8_W42xLK9dRmws2Lr0EUTQ3EsTgrSYCka7nWri55AmbVIisyoB8WtZ9YT2OsiKDUMCMonnEshhAnIXGhAfSD_KigtC7umOH2IaUr5kdP5A--vzbkNEgktgjJxTUh5fcEj8gsKSM9rd7xbmGkQLYX7gUqKJXRtvOnu4qYwukWsazINS1tGvZi8Im88PFH8mucd92zG_EKHvkob-avnJ9UPB0WJgPHm_Wv7yrUyEefqqQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.kucukisletmeler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 13:24:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:10:56	Name: DSID Value: NO_DATA
.kucukisletmeler.com/	1970-01-20 03:32:29	Name: __gads Value: ID=4612edb95fdc1f36-225320990cc800a2:T=1620653096:RT=1620653096:S=ALNI_MaL2MwobeoZgiYy-Ghd2WCEuGIz0A
.kucukisletmeler.com/	1970-01-19 18:10:53	Name: _gat_gtag_UA_67512934_1 Value: 1
.doubleclick.net/	1970-01-20 03:32:29	Name: IDE Value: AHWqTUlr9mFuOqtrzZaIwpwxcukZtald475Xlu7H0qrgAA44xiKtX539trMZ3eq8w_Y
.kucukisletmeler.com/	1970-01-19 18:12:19	Name: _gid Value: GA1.2.1863521435.1620653096
.kucukisletmeler.com/	1970-01-20 11:42:05	Name: _ga Value: GA1.2.1938824141.1620653096

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.kucukisletmeler.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	warning	URL: http://www.kucukisletmeler.com/wp-includes/js/jquery/jquery.min.js(Line 2) Message: jQuery.Deferred exception: $circ_svg.viewportChecker is not a function TypeError: $circ_svg.viewportChecker is not a function at tie_animate_element (http://www.kucukisletmeler.com/wp-content/themes/jannah/js/scripts.js:1573:13) at HTMLDocument.<anonymous> (http://www.kucukisletmeler.com/wp-content/themes/jannah/js/scripts.js:29:2) at e (http://www.kucukisletmeler.com/wp-includes/js/jquery/jquery.min.js:2:30005) at t (http://www.kucukisletmeler.com/wp-includes/js/jquery/jquery.min.js:2:30307) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.onesignal.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.kucukisletmeler.com
172.217.23.98
185.8.128.211
2606:4700::6812:e134
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
054ca932dc70ce55c3ffac8ecdbf2f693e2278b2b79eb26e8a3d193c31f51600
0ae9923a1220f104b9d0f757cf77fd1f636ae75092421530ad23b43ecc72c207
0c173dcd34cfd62b8830955492daf597321b2d3e73dbc9aa1fafae6e2162f716
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
166f2a180eccb745ea7fd7efb4675ad97146e15d7d49483725876bf9f19cb4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c5a2785b0eadac3c7ae64624227cfb2bec2574fe58220ac18d8e58f912aa666
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f0eca8655409e34165ade0ce58abd25c77cb3304ee9fcc226469d3cb4afe001
30564f1663da502f2c9adfa60e2491344bf561245e7a7622fe061fc804ac56c9
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
357b1d7ef86523e015a8b97f34cde69847197b38f23306229a3f3d3095c48b44
3c8d4d00c9d324a26f827f00a32c334e7024fc0d1c781a01c570113e3fc81264
3e5fe3d9f3103e880a68f6ce8ab0d505eea2b6ea38daf1b873304cb6f837cbe4
3fb2a2629a4e8c292647dde69d13e268d6682eef9e7e0795f56d7f2038f8852c
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
4e708935cdd3f708bb3035cfe028f04d62b434d00e36772e74f7c40df2bb7fb7
510d07bf2eb847c9f3b61f6c1624684febb6b04624ba304e3b8ef8a47f165cd1
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
563d26f94d3351eb563774f3be9c3db0dc244315212579ae617cdea249c3cb8f
599fed3d9b0c0ce2d671b6a90e8de849f85c83cf8d3f73d2e03f016e3babac29
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cd6c951096f7a376ac4d67812d7c09a069452cba6c4fa4f0ea1f052c1fd0c28
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
65207c70904c120e005a0022eec2cb1f0e3018d212e572dc0fd7e2de7e90fb4f
66e1d7f46761f438550f7894c1f43943000bd680b6043f756cc4492c30e639dc
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6bda1421fc5ce7934caf8d700fd8111808a0111e5e406ec96ae23f74f9177e85
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
734c93c00597b91598da3f69bcc97986589893987ef9f10db65b7c7f2aa5d012
7a58b9daada88b1f11fb716999c6183a80ff9b6ed79675e3ef247a310036aea9
7f6bd42beed6a3b0931aad28a16aade84c11c3cfe9775da5d019abe2cd2dc214
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81f808ca766112a73497cdf7cd4224e27063c394f07b12b7d7a5e0599c19f37e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850e84bcfd8a4498471f0a50f871158c94d55401db800e90cc92623856668b17
8605c3ea8b6fe48c32c323b98c327ae45e3925bd7e5f03340e78d7e1846b2bfe
888e63dcedcfc3ff024f5921a7a973a6fad615d9c305025c63396f6a58ad2b68
8d0699772b8ca80d6ef1ac55871141afd77cda372f15f1a97b74b41dae70ab25
8eec042900d799bfe65a2455927946f3bcdc6c2282b4a4e7ba749c95ec579770
90c27d4c9cd883072cdaca6b599009a089e244f0d7a473499241b90b6d659419
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
a24f6ec3879b685814e04eca1684e0e5743a23429b8576843b0f1124b50b7e98
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a6eb1a910a8765764fbd2eee3f572e777bb6bdc14c4ad4030144a95a5e51c3a3
adf7d38407a81f931c0ae3f0b20c5d1cd801fc24fb6155b6c1e5ece2000431cc
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cea0f8101de8a13f1f4a4610f910c8e6349c8f730ae8c5cb8e9b4823212e451c
d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de
d6e6197259b507942d99ea3fd1ad6059e43d6b0135685a7f36ae9b450bb8972e
d6ff194c5831de1386bb1b9b38e52c459167cb4c96ca4d8947b562854f4c8948
d71011d81784c034d2bd0950e200a603847afd894096de49196cb8f4bd77e52f
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67caed0479addf9614bdf4d5e18c183e2725cd0f80f05c680489ba019d67b03
ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1
eb19a4697cc3627515746f0cecefb973072e7cd5a9d3d4730f44a6757e5c9f04
edbec997dbdb9747d5fbc76ebebf0fbf439c057ec50520205740a74c623994c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0248976da97cef9d507c26ab78186f1fc82a4dc71963f29cc49946f09e72d69
f33c262f5fe39d6560ff7247e377053f99fbf3c6f717e74ef8a63735c4c2868c
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

www.kucukisletmeler.com Open in urlscan Pro 185.8.128.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

80 Requests

65 %HTTPS

89 %IPv6

12 Domains

17 Subdomains

18 IPs

4 Countries

1183 kBTransfer

2911 kBSize

6 Cookies

1 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kucukisletmeler.com Open in urlscan Pro
185.8.128.211 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

65 %
HTTPS

89 %
IPv6

12
Domains

17
Subdomains

18
IPs

4
Countries

1183 kB
Transfer

2911 kB
Size

6
Cookies

80 HTTP transactions
1 data transactions